horizon: Add SSL protocol option. #2437

OttoHollmann · 2021-03-16T10:08:31Z

Current setting in cookbook templates exclude only SSLv2 and SSLv3.
SSLProtocol all -SSLv2 -SSLv3
but in these days TLSv1.0 protocol is already deprecated, so it will be nice to have any option how to disable this old protocol.
We can add protocol option (this PR) and keep it up to user to select which protocol he wants, disable TLSv1.0 in default settings or both of them.

chef/data_bags/crowbar/template-horizon.json

crowbar_framework/app/views/barclamp/horizon/_edit_attributes.html.haml

crowbar_framework/config/locales/horizon/en.yml

dirkmueller · 2021-03-29T08:30:12Z

chef/data_bags/crowbar/migrate/horizon/303_add_ssl_protocol.rb

@@ -0,0 +1,9 @@
+def upgrade(template_attrs, template_deployment, attrs, deployment)
+  attrs["apache"]["ssl_protocol"] = template_attrs["apache"]["ssl_protocol"]


please do this only if attrs["apache"]["ssl_protocol"] is not already defined (because of a backported earlier migration.

I'm not sure which is preferred way, if unless attrs.key? or if attr["..."].nil?, but the former looks better.

chef/data_bags/crowbar/migrate/horizon/303_add_ssl_protocol.rb

horizon: Add SSL protocol option.

19e0780

dirkmueller reviewed Mar 17, 2021

View reviewed changes

chef/data_bags/crowbar/template-horizon.json Outdated Show resolved Hide resolved

dirkmueller reviewed Mar 17, 2021

View reviewed changes

chef/data_bags/crowbar/template-horizon.json Show resolved Hide resolved

dirkmueller reviewed Mar 17, 2021

View reviewed changes

crowbar_framework/app/views/barclamp/horizon/_edit_attributes.html.haml Outdated Show resolved Hide resolved

OttoHollmann added 2 commits March 18, 2021 13:47

Add migration file and remove redundant SSLv2.

04aea12

Fix migration file.

29a9474

dirkmueller reviewed Mar 29, 2021

View reviewed changes

crowbar_framework/config/locales/horizon/en.yml Outdated Show resolved Hide resolved

dirkmueller reviewed Mar 29, 2021

View reviewed changes

chef/data_bags/crowbar/migrate/horizon/303_add_ssl_protocol.rb Outdated Show resolved Hide resolved

OttoHollmann added 2 commits March 29, 2021 15:57

Improve migration file.

81fb762

Remove localization.

92e9f0f

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

horizon: Add SSL protocol option. #2437

horizon: Add SSL protocol option. #2437

Uh oh!

OttoHollmann commented Mar 16, 2021

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

dirkmueller Mar 29, 2021

Uh oh!

OttoHollmann Mar 29, 2021

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants

		@@ -0,0 +1,9 @@
		def upgrade(template_attrs, template_deployment, attrs, deployment)
		attrs["apache"]["ssl_protocol"] = template_attrs["apache"]["ssl_protocol"]

horizon: Add SSL protocol option. #2437

Are you sure you want to change the base?

horizon: Add SSL protocol option. #2437

Uh oh!

Conversation

OttoHollmann commented Mar 16, 2021

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

dirkmueller Mar 29, 2021

Choose a reason for hiding this comment

Uh oh!

OttoHollmann Mar 29, 2021

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants