Module: Puma::MiniSSL
- Defined in:
- lib/puma.rb,
lib/puma/minissl.rb,
lib/puma/minissl/context_builder.rb,
ext/puma_http11/mini_ssl.c,
ext/puma_http11/mini_ssl.c
Defined Under Namespace
Classes: Context, ContextBuilder, Engine, SSLContext, SSLError, Server, Socket
Constant Summary collapse
- HAS_TLS1_3 =
Define constant at runtime, as it's easy to determine at built time, but Puma could (it shouldn't) be loaded with an older OpenSSL version
!IS_JRUBY && (OPENSSL_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) != -1 && (OPENSSL_LIBRARY_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) !=-1
- OPENSSL_NO_SSL3 =
True if SSL3 is not available
Qfalse- OPENSSL_NO_TLS1 =
True if TLS1 is not available
Qfalse- VERIFY_NONE =
0- VERIFY_PEER =
1- VERIFY_FAIL_IF_NO_PEER_CERT =
2- VERIFICATION_FLAGS =
github.com/openssl/openssl/blob/master/include/openssl/x509_vfy.h.in /* Certificate verify flags */
{ "USE_CHECK_TIME" => 0x2, "CRL_CHECK" => 0x4, "CRL_CHECK_ALL" => 0x8, "IGNORE_CRITICAL" => 0x10, "X509_STRICT" => 0x20, "ALLOW_PROXY_CERTS" => 0x40, "POLICY_CHECK" => 0x80, "EXPLICIT_POLICY" => 0x100, "INHIBIT_ANY" => 0x200, "INHIBIT_MAP" => 0x400, "NOTIFY_POLICY" => 0x800, "EXTENDED_CRL_SUPPORT" => 0x1000, "USE_DELTAS" => 0x2000, "CHECK_SS_SIGNATURE" => 0x4000, "TRUSTED_FIRST" => 0x8000, "SUITEB_128_LOS_ONLY" => 0x10000, "SUITEB_192_LOS" => 0x20000, "SUITEB_128_LOS" => 0x30000, "PARTIAL_CHAIN" => 0x80000, "NO_ALT_CHAINS" => 0x100000, "NO_CHECK_TIME" => 0x200000 }.freeze
- OPENSSL_VERSION =
Version of OpenSSL that Puma was compiled with
rb_str_new2(OPENSSL_VERSION_TEXT)
- OPENSSL_LIBRARY_VERSION =
Version of OpenSSL that Puma loaded with
rb_str_new2(SSLeay_version(SSLEAY_VERSION))
- OPENSSL_NO_TLS1_1 =
True if TLS1_1 is not available
Qfalse
Class Method Summary collapse
Class Method Details
.check ⇒ Object
625 626 627 |
# File 'ext/puma_http11/mini_ssl.c', line 625 VALUE noop(VALUE self) { return Qnil; } |