Skip to content

Commit 9c40d7f

Browse files
committed
Merge pull request #301 from dalees/bug/enable-ssl-versions-2
Bugfix for ssl_versions in rabbitmq.config
2 parents c47a8be + ae66ee8 commit 9c40d7f

2 files changed

Lines changed: 34 additions & 7 deletions

File tree

spec/classes/rabbitmq_spec.rb

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -519,6 +519,7 @@
519519
should contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
520520
should contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
521521
should contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.1', 'tlsv1.2'\]\}\]})
522+
should contain_file('rabbitmq.config').with_content(%r{versions, \['tlsv1.1', 'tlsv1.2'\]})
522523
end
523524
end
524525

@@ -552,6 +553,29 @@
552553
end
553554
end
554555

556+
describe 'ssl admin options with specific ssl versions' do
557+
let(:params) {
558+
{ :ssl => true,
559+
:ssl_management_port => 5926,
560+
:ssl_cacert => '/path/to/cacert',
561+
:ssl_cert => '/path/to/cert',
562+
:ssl_key => '/path/to/key',
563+
:ssl_versions => ['tlsv1.2', 'tlsv1.1'],
564+
:admin_enable => true
565+
} }
566+
567+
it 'should set admin ssl opts to specified values' do
568+
should contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
569+
should contain_file('rabbitmq.config').with_content(%r{listener, \[})
570+
should contain_file('rabbitmq.config').with_content(%r{port, 5926\}})
571+
should contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
572+
should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},})
573+
should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
574+
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
575+
should contain_file('rabbitmq.config').with_content(%r{,\{versions, \['tlsv1.1', 'tlsv1.2'\]\}[\r\n ]*\]\}})
576+
end
577+
end
578+
555579
describe 'ssl admin options' do
556580
let(:params) {
557581
{ :ssl => true,
@@ -569,7 +593,7 @@
569593
should contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
570594
should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},})
571595
should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
572-
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}\]\}})
596+
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}[\r\n ]*\]\}})
573597
end
574598
end
575599

@@ -604,7 +628,7 @@
604628
should contain_file('rabbitmq.config').with_content(%r{ssl, true\},})
605629
should contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},})
606630
should contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
607-
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}\]\}})
631+
should contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}[\r\n ]*\]\}})
608632
end
609633
end
610634

templates/rabbitmq.config.erb

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
% This file managed by Puppet
22
% Template Path: <%= @module_name %>/templates/rabbitmq.config
33
[
4+
<%- if @ssl and @ssl_versions -%>
5+
{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]},
6+
<%- end -%>
47
{rabbit, [
58
<% if @ldap_auth -%>
69
{auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},
@@ -16,17 +19,14 @@
1619
{tcp_listeners, []},
1720
<%- end -%>
1821
<%- if @ssl -%>
19-
<%- if @ssl_versions -%>
20-
{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]},
21-
<%- end -%>
2222
{ssl_listeners, [<%= @ssl_port %>]},
2323
{ssl_options, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile,"<%= @ssl_cacert %>"},<%- end -%>
2424
{certfile,"<%= @ssl_cert %>"},
2525
{keyfile,"<%= @ssl_key %>"},
2626
{verify,<%= @ssl_verify %>},
2727
{fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>}
2828
<%- if @ssl_versions -%>
29-
,{ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]}
29+
,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}
3030
<% end -%>]},
3131
<%- end -%>
3232
<% if @config_variables -%>
@@ -49,7 +49,10 @@
4949
{ssl, true},
5050
{ssl_opts, [<%- if @ssl_cacert != 'UNSET' -%>{cacertfile, "<%= @ssl_cacert %>"},<%- end -%>
5151
{certfile, "<%= @ssl_cert %>"},
52-
{keyfile, "<%= @ssl_key %>"}]}
52+
{keyfile, "<%= @ssl_key %>"}
53+
<%- if @ssl_versions -%>
54+
,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}
55+
<% end -%>]}
5356
<%- else -%>
5457
{port, <%= @management_port %>}
5558
<%- end -%>

0 commit comments

Comments
 (0)