Skip to content

Commit

Permalink
Bugfix for ssl_versions in rabbitmq.config so Erlang/RabbitMQ respect…
Browse files Browse the repository at this point in the history 
… them.

  The format reference example is given in https://www.rabbitmq.com/ssl.html#disabling-tls-versions
  Also add version list for rabbitmq_management config ssl_opts.
  • Loading branch information
@dalees
dalees committed Jan 29, 2015
1 parent c47a8be commit 4dcfdf5
Showing 1 changed file with 8 additions and 5 deletions.
13 changes: 8 additions & 5 deletions templates/rabbitmq.config.erb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
% This file managed by Puppet
% Template Path: <%= @module_name %>/templates/rabbitmq.config
[
<%- if @ssl and @ssl_versions -%>
{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]},
<%- end -%>
{rabbit, [
<% if @ldap_auth -%>
{auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},
Expand All @@ -16,17 +19,14 @@
{tcp_listeners, []},
<%- end -%>
<%- if @ssl -%>
<%- if @ssl_versions -%>
{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]},
<%- end -%>
{ssl_listeners, [<%= @ssl_port %>]},
{ssl_options, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile,"<%= @ssl_cacert %>"},<%- end -%>
{certfile,"<%= @ssl_cert %>"},
{keyfile,"<%= @ssl_key %>"},
{verify,<%= @ssl_verify %>},
{fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>}
<%- if @ssl_versions -%>
,{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]}
,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}
<% end -%>]},
<%- end -%>
<% if @config_variables -%>
Expand All @@ -49,7 +49,10 @@
{ssl, true},
{ssl_opts, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile, "<%= @ssl_cacert %>"},<%- end -%>
{certfile, "<%= @ssl_cert %>"},
{keyfile, "<%= @ssl_key %>"}]}
{keyfile, "<%= @ssl_key %>"}
<%- if @ssl_versions -%>
,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}
<% end -%>]}
<%- else -%>
{port, <%= @management_port %>}
<%- end -%>
Expand Down

0 comments on commit 4dcfdf5

Please sign in to comment.