Merge 20c7da0 into 08207ed

savonrb · Oct 18, 2017 · d5a0aab · d5a0aab
2 parents 08207ed + 20c7da0
commit d5a0aab
Show file tree

Hide file tree

Showing 5 changed files with 45 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,7 @@
 # 2.12.0 (Unreleased)
 
 * Drop support for ruby 2.1 and below.
+* Feature: [#794](https://github.com/savonrb/savon/pull/794), add global option ssl_ciphers.
 
 # 2.11.2 (2017-08-03)
 * Fix: [#676](https://github.com/savonrb/savon/pull/676) Fixes handling of `content!` and `attributes!`

diff --git a/lib/savon/options.rb b/lib/savon/options.rb
@@ -268,6 +268,10 @@ def ssl_ca_cert(cert)
       @options[:ssl_ca_cert] = cert
     end
 
+    def ssl_ciphers(ciphers)
+      @options[:ssl_ciphers] = ciphers
+    end
+
 
     # HTTP basic auth credentials.
     def basic_auth(*credentials)

diff --git a/lib/savon/request.rb b/lib/savon/request.rb
@@ -26,6 +26,7 @@ def configure_timeouts
     def configure_ssl
       @http_request.auth.ssl.ssl_version   = @globals[:ssl_version]       if @globals.include? :ssl_version
       @http_request.auth.ssl.verify_mode   = @globals[:ssl_verify_mode]   if @globals.include? :ssl_verify_mode
+      @http_request.auth.ssl.ciphers       = @globals[:ssl_ciphers]       if @globals.include? :ssl_ciphers
 
       @http_request.auth.ssl.cert_key_file = @globals[:ssl_cert_key_file] if @globals.include? :ssl_cert_key_file
       @http_request.auth.ssl.cert_key      = @globals[:ssl_cert_key] if @globals.include? :ssl_cert_key

diff --git a/spec/savon/options_spec.rb b/spec/savon/options_spec.rb
@@ -405,6 +405,15 @@ def to_s
     end
   end
 
+  context "global :ssl_ciphers" do
+    it "sets the ciphers to use" do
+      HTTPI::Auth::SSL.any_instance.expects(:ciphers=).with(:none).twice
+
+      client = new_client(:endpoint => @server.url, :ssl_ciphers => :none)
+      client.call(:authenticate)
+    end
+  end
+
   context "global :ssl_cert_key_file" do
     it "sets the cert key file to use" do
       cert_key = File.expand_path("../../fixtures/ssl/client_key.pem", __FILE__)

diff --git a/spec/savon/request_spec.rb b/spec/savon/request_spec.rb
@@ -5,6 +5,7 @@
 
   let(:globals)      { Savon::GlobalOptions.new }
   let(:http_request) { HTTPI::Request.new }
+  let(:ciphers)      { OpenSSL::Cipher.ciphers }
 
   def new_wsdl_request
     Savon::WSDLRequest.new(globals, http_request)
@@ -100,6 +101,20 @@ def new_wsdl_request
       end
     end
 
+    describe "ssl ciphers" do
+      it "is set when specified" do
+        globals.ssl_ciphers(ciphers)
+        http_request.auth.ssl.expects(:ciphers=).with(ciphers)
+
+        new_wsdl_request.build
+      end
+
+      it "is not set otherwise" do
+        http_request.auth.ssl.expects(:ciphers=).never
+        new_wsdl_request.build
+      end
+    end
+
     describe "ssl cert key file" do
       it "is set when specified" do
         cert_key = File.expand_path("../../fixtures/ssl/client_key.pem", __FILE__)
@@ -246,6 +261,7 @@ def new_wsdl_request
 
   let(:globals)      { Savon::GlobalOptions.new }
   let(:http_request) { HTTPI::Request.new }
+  let(:ciphers)      { OpenSSL::Cipher.ciphers }
 
   def new_soap_request
     Savon::SOAPRequest.new(globals, http_request)
@@ -404,6 +420,20 @@ def new_soap_request
       end
     end
 
+    describe "ssl ciphers" do
+      it "is set when specified" do
+        globals.ssl_ciphers(ciphers)
+        http_request.auth.ssl.expects(:ciphers=).with(ciphers)
+
+        new_soap_request.build
+      end
+
+      it "is not set otherwise" do
+        http_request.auth.ssl.expects(:ciphers=).never
+        new_soap_request.build
+      end
+    end
+
     describe "ssl cert key file" do
       it "is set when specified" do
         cert_key = File.expand_path("../../fixtures/ssl/client_key.pem", __FILE__)