From 9056eccea61f1e08ff8e99024c292aeee621aff6 Mon Sep 17 00:00:00 2001 From: womblep Date: Sat, 24 Aug 2024 20:25:57 +1000 Subject: [PATCH] Add ciphers attribute to SSLOptions (#1582) --- docs/customization/ssl-options.md | 25 +++++++++++++------------ lib/faraday/options/ssl_options.rb | 5 ++++- spec/faraday/utils_spec.rb | 3 ++- 3 files changed, 19 insertions(+), 14 deletions(-) diff --git a/docs/customization/ssl-options.md b/docs/customization/ssl-options.md index 02290a4f3..8bd85d574 100644 --- a/docs/customization/ssl-options.md +++ b/docs/customization/ssl-options.md @@ -2,22 +2,23 @@ Faraday supports a number of SSL options, which can be provided while initializing the connection. -| Option | Type | Default | Description | -|--------------------|----------------------------------------|---------|--------------------------------------------------------------------------------------------------------------------------------------------------| -| `:verify` | Boolean | true | Verify SSL certificate. Defaults to `true`. | -| `:verify_hostname` | Boolean | true | Verify SSL certificate hostname. Defaults to `true`. | -| `:ca_file` | String | nil | Path to a CA file in PEM format. | -| `:ca_path` | String | nil | Path to a CA directory. | +| Option | Type | Default | Description | +|--------------------|----------------------------------------|---------|------------------------------------------------------------------------------------------------------------------------------------| +| `:verify` | Boolean | true | Verify SSL certificate. Defaults to `true`. | +| `:verify_hostname` | Boolean | true | Verify SSL certificate hostname. Defaults to `true`. | +| `:ca_file` | String | nil | Path to a CA file in PEM format. | +| `:ca_path` | String | nil | Path to a CA directory. | | `:verify_mode` | Integer | nil | Any `OpenSSL::SSL::` constant (see [SSL docs](https://ruby-doc.org/3.2.2/exts/openssl/OpenSSL/SSL.html)). | -| `:cert_store` | OpenSSL::X509::Store | nil | OpenSSL certificate store. | -| `:client_cert` | OpenSSL::X509::Certificate | nil | Client certificate. | -| `:client_key` | OpenSSL::PKey::RSA, OpenSSL::PKey::DSA | nil | Client private key. | -| `:certificate` | OpenSSL::X509::Certificate | nil | Certificate (Excon only). | -| `:private_key` | OpenSSL::PKey::RSA | nil | Private key (Excon only). | -| `:verify_depth` | Integer | nil | Maximum depth for the certificate chain verification. | +| `:cert_store` | OpenSSL::X509::Store | nil | OpenSSL certificate store. | +| `:client_cert` | OpenSSL::X509::Certificate | nil | Client certificate. | +| `:client_key` | OpenSSL::PKey::RSA, OpenSSL::PKey::DSA | nil | Client private key. | +| `:certificate` | OpenSSL::X509::Certificate | nil | Certificate (Excon only). | +| `:private_key` | OpenSSL::PKey::RSA | nil | Private key (Excon only). | +| `:verify_depth` | Integer | nil | Maximum depth for the certificate chain verification. | | `:version` | Integer | nil | SSL version (see [SSL docs](https://ruby-doc.org/3.2.2/exts/openssl/OpenSSL/SSL/SSLContext.html#method-i-ssl_version-3D)). | | `:min_version` | Integer | nil | Minimum SSL version (see [SSL docs](https://ruby-doc.org/3.2.2/exts/openssl/OpenSSL/SSL/SSLContext.html#method-i-min_version-3D)). | | `:max_version` | Integer | nil | Maximum SSL version (see [SSL docs](https://ruby-doc.org/3.2.2/exts/openssl/OpenSSL/SSL/SSLContext.html#method-i-max_version-3D)). | +| `:ciphers` | String | nil | Ciphers supported (see [SSL docs](https://ruby-doc.org/3.2.2/exts/openssl/OpenSSL/SSL/SSLContext.html#method-i-ciphers-3D)). | ## Example diff --git a/lib/faraday/options/ssl_options.rb b/lib/faraday/options/ssl_options.rb index 2a04ea173..0dc7415e5 100644 --- a/lib/faraday/options/ssl_options.rb +++ b/lib/faraday/options/ssl_options.rb @@ -46,12 +46,15 @@ module Faraday # # # # @!attribute max_version # # @return [String, Symbol] maximum SSL version (see https://ruby-doc.org/stdlib-2.5.1/libdoc/openssl/rdoc/OpenSSL/SSL/SSLContext.html#method-i-max_version-3D) + # # + # # @!attribute ciphers + # # @return [String] cipher list in OpenSSL format (see https://ruby-doc.org/stdlib-2.5.1/libdoc/openssl/rdoc/OpenSSL/SSL/SSLContext.html#method-i-ciphers-3D) # class SSLOptions < Options; end SSLOptions = Options.new(:verify, :verify_hostname, :ca_file, :ca_path, :verify_mode, :cert_store, :client_cert, :client_key, :certificate, :private_key, :verify_depth, - :version, :min_version, :max_version) do + :version, :min_version, :max_version, :ciphers) do # @return [Boolean] true if should verify def verify? verify != false diff --git a/spec/faraday/utils_spec.rb b/spec/faraday/utils_spec.rb index bf7499eb8..377174db1 100644 --- a/spec/faraday/utils_spec.rb +++ b/spec/faraday/utils_spec.rb @@ -103,7 +103,8 @@ version: '2', min_version: nil, max_version: nil, - verify_hostname: nil + verify_hostname: nil, + ciphers: nil } end