class Puma::MiniSSL::Context

Attributes

no_tlsv1[R]
no_tlsv1_1[R]
verify_mode[RW]

Public Class Methods

new() click to toggle source
# File lib/puma/minissl.rb, line 212
def initialize
  @no_tlsv1   = false
  @no_tlsv1_1 = false
  @key = nil
  @cert = nil
  @key_pem = nil
  @cert_pem = nil
  @reuse = nil
  @reuse_cache_size = nil
  @reuse_timeout = nil
end

Public Instance Methods

ca=(ca) click to toggle source
# File lib/puma/minissl.rb, line 310
def ca=(ca)
  check_file ca, 'ca'
  @ca = ca
end
cert=(cert) click to toggle source
# File lib/puma/minissl.rb, line 305
def cert=(cert)
  check_file cert, 'Cert'
  @cert = cert
end
cert_pem=(cert_pem) click to toggle source
# File lib/puma/minissl.rb, line 315
def cert_pem=(cert_pem)
  raise ArgumentError, "'cert_pem' is not a String" unless cert_pem.is_a? String
  @cert_pem = cert_pem
end
check() click to toggle source
# File lib/puma/minissl.rb, line 278
def check
  raise "Keystore not configured" unless @keystore
  # @truststore defaults to @keystore due backwards compatibility
end
check_file(file, desc) click to toggle source
# File lib/puma/minissl.rb, line 224
def check_file(file, desc)
  raise ArgumentError, "#{desc} file '#{file}' does not exist" unless File.exist? file
  raise ArgumentError, "#{desc} file '#{file}' is not readable" unless File.readable? file
end
cipher_suites=(list) click to toggle source
# File lib/puma/minissl.rb, line 264
def cipher_suites=(list)
  list = list.split(',').map(&:strip) if list.is_a?(String)
  @cipher_suites = list
end
key=(key) click to toggle source
# File lib/puma/minissl.rb, line 296
def key=(key)
  check_file key, 'Key'
  @key = key
end
key_password() click to toggle source

Executes the command to return the password needed to decrypt the key.

# File lib/puma/minissl.rb, line 331
def key_password
  raise "Key password command not configured" if @key_password_command.nil?

  stdout_str, stderr_str, status = Open3.capture3(@key_password_command)

  return stdout_str.chomp if status.success?

  raise "Key password failed with code #{status.exitstatus}: #{stderr_str}"
end
key_password_command=(key_password_command) click to toggle source
# File lib/puma/minissl.rb, line 301
def key_password_command=(key_password_command)
  @key_password_command = key_password_command
end
key_pem=(key_pem) click to toggle source
# File lib/puma/minissl.rb, line 320
def key_pem=(key_pem)
  raise ArgumentError, "'key_pem' is not a String" unless key_pem.is_a? String
  @key_pem = key_pem
end
keystore=(keystore) click to toggle source
# File lib/puma/minissl.rb, line 240
def keystore=(keystore)
  check_file keystore, 'Keystore'
  @keystore = keystore
end
keystore_type=(type) click to toggle source
# File lib/puma/minissl.rb, line 254
def keystore_type=(type)
  raise ArgumentError, "Invalid keystore type: #{type.inspect}" unless ['pkcs12', 'jks', nil].include?(type)
  @keystore_type = type
end
no_tlsv1=(tlsv1) click to toggle source

disables TLSv1 @!attribute [w] no_tlsv1=

# File lib/puma/minissl.rb, line 373
def no_tlsv1=(tlsv1)
  raise ArgumentError, "Invalid value of no_tlsv1=" unless ['true', 'false', true, false].include?(tlsv1)
  @no_tlsv1 = tlsv1
end
no_tlsv1_1=(tlsv1_1) click to toggle source

disables TLSv1 and TLSv1.1. Overrides `#no_tlsv1=` @!attribute [w] no_tlsv1_1=

# File lib/puma/minissl.rb, line 380
def no_tlsv1_1=(tlsv1_1)
  raise ArgumentError, "Invalid value of no_tlsv1_1=" unless ['true', 'false', true, false].include?(tlsv1_1)
  @no_tlsv1_1 = tlsv1_1
end
protocols=(list) click to toggle source
# File lib/puma/minissl.rb, line 273
def protocols=(list)
  list = list.split(',').map(&:strip) if list.is_a?(String)
  @protocols = list
end
reuse=(reuse_str) click to toggle source

Controls session reuse. Allowed values are as follows:

  • 'off' - matches the behavior of Puma 5.6 and earlier. This is included in case reuse 'on' is made the default in future Puma versions.

  • 'dflt' - sets session reuse on, with OpenSSL default cache size of 20k and default timeout of 300 seconds.

  • 's,t' - where s and t are integer strings, for size and timeout.

  • 's' - where s is an integer strings for size.

  • ',t' - where t is an integer strings for timeout.

# File lib/puma/minissl.rb, line 350
def reuse=(reuse_str)
  case reuse_str
  when 'off'
    @reuse = nil
  when 'dflt'
    @reuse = true
  when /\A\d+\z/
    @reuse = true
    @reuse_cache_size = reuse_str.to_i
  when /\A\d+,\d+\z/
    @reuse = true
    size, time = reuse_str.split ','
    @reuse_cache_size = size.to_i
    @reuse_timeout = time.to_i
  when /\A,\d+\z/
    @reuse = true
    @reuse_timeout = reuse_str.delete(',').to_i
  end
end
truststore=(truststore) click to toggle source
# File lib/puma/minissl.rb, line 245
def truststore=(truststore)
  # NOTE: historically truststore was assumed the same as keystore, this is kept for backwards
  # compatibility, to rely on JVM's trust defaults we allow setting `truststore = :default`
  unless truststore.eql?(:default)
    raise ArgumentError, "No such truststore file '#{truststore}'" unless File.exist?(truststore)
  end
  @truststore = truststore
end
truststore_type=(type) click to toggle source
# File lib/puma/minissl.rb, line 259
def truststore_type=(type)
  raise ArgumentError, "Invalid truststore type: #{type.inspect}" unless ['pkcs12', 'jks', nil].include?(type)
  @truststore_type = type
end