You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Recently, the #1581 "Add ciphers to SSL options" was fixed, and one adapter supports it.
A good mapping-out of the rest of the adapter landscape was created by @womblep, which this Issue summarizes as a sign-post Issue, with a checklist.
About SSL ciphers
What are "ciphers"? Well, in this context, it is a setting to HTTP clients' use of SSL, telling them explicitly which SSL cipher suites should be available. The kinds of strings to accept can be seen in the openssl-ciphers documentation.
TODO: Support the ciphers option
This list of adapters is about "are we done supporting the ciphers option for it?".
This lists what is known about the current landscape, as "developer hints".
Excon - support
option params [String] :ciphers Only use the specified SSL/TLS cipher suites; use OpenSSL cipher spec format e.g. 'HIGH:!aNULL:!3DES' or 'AES256-SHA:DES-CBC3-SHA'
# A String of OpenSSL's cipher configuration. Default value is# ALL:!ADH:!LOW:!EXP:!MD5:+SSLv2:@STRENGTH# See ciphers(1) man in OpenSSL for more detail.attr_config:ciphers
I am getting lost in the adapter but I think all the SSL options are passed through Async::HTTP::Faraday::Clients.make_client. Ciphers would be passed through without any change required.
I want to contribute to one of the adapters first. However, I am not yet knowledgeable about Chipers and their usage.
Do you have any good resources that I can read/learn before analyzing the Faraday codebase to make the changes?
So far, I only use Faraday for basic HTTP(s) requests.
Hi @olleolleolle
I just made this PR excon/faraday-excon#21.
All RSpec tests are green. I found that the adapter tests are inherited from the Faraday source code.
The tests were failing when I added unknown OPT KEYS.
However, I am not sure that my PR is enough, but this lostisland/faraday-net_http#45 doesn't modify any tests, either.
Basic Info
Recently, the #1581 "Add ciphers to SSL options" was fixed, and one adapter supports it.
A good mapping-out of the rest of the adapter landscape was created by @womblep, which this Issue summarizes as a sign-post Issue, with a checklist.
About SSL ciphers
What are "ciphers"? Well, in this context, it is a setting to HTTP clients' use of SSL, telling them explicitly which SSL cipher suites should be available. The kinds of strings to accept can be seen in the
openssl-ciphers
documentation.TODO: Support the
ciphers
optionThis list of adapters is about "are we done supporting the
ciphers
option for it?".ciphers
SSL option (#45) excon/faraday-excon#21 by @saiqulhaqDetails, per adapter
This lists what is known about the current landscape, as "developer hints".
Excon - support
HTTPClient - supported
Net::HTTP::Persistent - supported
https://github.com/drbrain/net-http-persistent/blob/master/lib/net/http/persistent.rb#L571
Patron - investigate
the adapter doesn't look like it does any SSL options other than
verify
. The Patron gem doesn't look like it supports ciphers (or many SSL settings)HTTP.rb - supported
adapter and gem use OpenSSL SSLContext which support ciphers
httpx - supported
uses OpenSSL SSLContext so should be able to be added to the adapter in "def ssl_options_from_env(env)"
Typhoeus - supported
using
ssl_cipher_list
Async::HTTP - supported
I am getting lost in the adapter but I think all the SSL options are passed through Async::HTTP::Faraday::Clients.make_client. Ciphers would be passed through without any change required.
EM::HTTP - supported
using
cipher_list
The text was updated successfully, but these errors were encountered: