Skip to content

Commit

Permalink
Merge pull request #301 from dalees/bug/enable-ssl-versions-2
Browse files Browse the repository at this point in the history 
Bugfix for ssl_versions in rabbitmq.config
  • Loading branch information
@cmurphy
cmurphy committed Jan 30, 2015
2 parents c47a8be + ae66ee8 commit 9c40d7f
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 7 deletions.
28 changes: 26 additions & 2 deletions spec/classes/rabbitmq_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -519,6 +519,7 @@
should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
should contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.1', 'tlsv1.2'\]\}\]})
should contain_file('rabbitmq.config').with_content(%r{versions, \['tlsv1.1', 'tlsv1.2'\]})
end
end

Expand Down Expand Up @@ -552,6 +553,29 @@
end
end

describe 'ssl admin options with specific ssl versions' do
let(:params) {
{ :ssl => true,
:ssl_management_port => 5926,
:ssl_cacert => '/path/to/cacert',
:ssl_cert => '/path/to/cert',
:ssl_key => '/path/to/key',
:ssl_versions => ['tlsv1.2', 'tlsv1.1'],
:admin_enable => true
} }

it 'should set admin ssl opts to specified values' do
should contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
should contain_file('rabbitmq.config').with_content(%r{listener, \[})
should contain_file('rabbitmq.config').with_content(%r{port, 5926\}})
should contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},})
should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
should contain_file('rabbitmq.config').with_content(%r{,\{versions, \['tlsv1.1', 'tlsv1.2'\]\}[\r\n ]*\]\}})
end
end

describe 'ssl admin options' do
let(:params) {
{ :ssl => true,
Expand All @@ -569,7 +593,7 @@
should contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},})
should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}\]\}})
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}[\r\n ]*\]\}})
end
end

Expand Down Expand Up @@ -604,7 +628,7 @@
should contain_file('rabbitmq.config').with_content(%r{ssl, true\},})
should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},})
should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}\]\}})
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}[\r\n ]*\]\}})
end
end

Expand Down
13 changes: 8 additions & 5 deletions templates/rabbitmq.config.erb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
% This file managed by Puppet
% Template Path: <%= @module_name %>/templates/rabbitmq.config
[
<%- if @ssl and @ssl_versions -%>
{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]},
<%- end -%>
{rabbit, [
<% if @ldap_auth -%>
{auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},
Expand All @@ -16,17 +19,14 @@
{tcp_listeners, []},
<%- end -%>
<%- if @ssl -%>
<%- if @ssl_versions -%>
{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]},
<%- end -%>
{ssl_listeners, [<%= @ssl_port %>]},
{ssl_options, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile,"<%= @ssl_cacert %>"},<%- end -%>
{certfile,"<%= @ssl_cert %>"},
{keyfile,"<%= @ssl_key %>"},
{verify,<%= @ssl_verify %>},
{fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>}
<%- if @ssl_versions -%>
,{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]}
,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}
<% end -%>]},
<%- end -%>
<% if @config_variables -%>
Expand All @@ -49,7 +49,10 @@
{ssl, true},
{ssl_opts, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile, "<%= @ssl_cacert %>"},<%- end -%>
{certfile, "<%= @ssl_cert %>"},
{keyfile, "<%= @ssl_key %>"}]}
{keyfile, "<%= @ssl_key %>"}
<%- if @ssl_versions -%>
,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}
<% end -%>]}
<%- else -%>
{port, <%= @management_port %>}
<%- end -%>
Expand Down

0 comments on commit 9c40d7f

Please sign in to comment.