Module: Puma::MiniSSL

Defined in:
lib/puma.rb,
lib/puma/minissl.rb,
lib/puma/minissl/context_builder.rb,
ext/puma_http11/mini_ssl.c,
ext/puma_http11/mini_ssl.c

Defined Under Namespace

Classes: Context, ContextBuilder, Engine, SSLContext, SSLError, Server, Socket

Constant Summary collapse

HAS_TLS1_3 =

Define constant at runtime, as it’s easy to determine at built time, but Puma could (it shouldn’t) be loaded with an older OpenSSL version

Version:

  • 5.0.0

!IS_JRUBY &&
(OPENSSL_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) != -1 &&
(OPENSSL_LIBRARY_VERSION[/ \d+\.\d+\.\d+/].split('.').map(&:to_i) <=> [1,1,1]) !=-1
OPENSSL_NO_SSL3 =

True if SSL3 is not available

Qfalse
OPENSSL_NO_TLS1 =

True if TLS1 is not available

Qfalse
VERIFY_NONE =
0
VERIFY_PEER =
1
VERIFY_FAIL_IF_NO_PEER_CERT =
2
VERIFICATION_FLAGS =
{
  "USE_CHECK_TIME"       => 0x2,
  "CRL_CHECK"            => 0x4,
  "CRL_CHECK_ALL"        => 0x8,
  "IGNORE_CRITICAL"      => 0x10,
  "X509_STRICT"          => 0x20,
  "ALLOW_PROXY_CERTS"    => 0x40,
  "POLICY_CHECK"         => 0x80,
  "EXPLICIT_POLICY"      => 0x100,
  "INHIBIT_ANY"          => 0x200,
  "INHIBIT_MAP"          => 0x400,
  "NOTIFY_POLICY"        => 0x800,
  "EXTENDED_CRL_SUPPORT" => 0x1000,
  "USE_DELTAS"           => 0x2000,
  "CHECK_SS_SIGNATURE"   => 0x4000,
  "TRUSTED_FIRST"        => 0x8000,
  "SUITEB_128_LOS_ONLY"  => 0x10000,
  "SUITEB_192_LOS"       => 0x20000,
  "SUITEB_128_LOS"       => 0x30000,
  "PARTIAL_CHAIN"        => 0x80000,
  "NO_ALT_CHAINS"        => 0x100000,
  "NO_CHECK_TIME"        => 0x200000
}.freeze
OPENSSL_VERSION =

Version of OpenSSL that Puma was compiled with

rb_str_new2(OPENSSL_VERSION_TEXT)
OPENSSL_LIBRARY_VERSION =

Version of OpenSSL that Puma loaded with

rb_str_new2(SSLeay_version(SSLEAY_VERSION))
OPENSSL_NO_TLS1_1 =

True if TLS1_1 is not available

Qfalse

Class Method Summary collapse

Class Method Details

.checkObject



565
566
567
# File 'ext/puma_http11/mini_ssl.c', line 565

VALUE noop(VALUE self) {
  return Qnil;
}