Sha256: 97264388e18b53321169393dc865ec58532da6156bdbc9265304feab556ffcb2
Contents?: true
Size: 781 Bytes
Versions: 1
Compression:
Stored size: 781 Bytes
Contents
# frozen_string_literal: true require 'openssl' require 'openssl/sane_defaults/version' module OpenSSL # SaneDefaults module SaneDefaults class Error < StandardError; end # Make OpenSSL default params safer by disabling insecure options def self.patch! # Disable insecure protocols, Postgres on RDS no longer accepts TLSv1 # Shamelessly taken, and slightly modified from https://gist.github.com/tam7t/86eb4793e8ecf3f55037#gistcomment-1361208 SSL::SSLContext::DEFAULT_PARAMS[:options] |= SSL::OP_NO_SSLv2 SSL::SSLContext::DEFAULT_PARAMS[:options] |= SSL::OP_NO_SSLv3 SSL::SSLContext::DEFAULT_PARAMS[:options] |= SSL::OP_NO_TLSv1 SSL::SSLContext::DEFAULT_PARAMS[:options] |= SSL::OP_NO_COMPRESSION true end end end
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
openssl-sane_defaults-0.1.0 | lib/openssl/sane_defaults.rb |