github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

remove obsolete http secutiry settings (#41569) (#41738)

Browse source
This commit is contained in:
Mikhail Shustov 2019-07-23 10:47:44 +02:00 committed by GitHub
parent 929801cb1c
commit cf8b37925d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 0 additions and 87 deletions
Download patch file Download diff file Expand all files Collapse all files

41
src/legacy/server/http/secure_options.js
View file

@ -1,41 +0,0 @@
/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import crypto from 'crypto';
import { chain } from 'lodash';
const protocolMap = {
TLSv1: crypto.constants.SSL_OP_NO_TLSv1,
'TLSv1.1': crypto.constants.SSL_OP_NO_TLSv1_1,
'TLSv1.2': crypto.constants.SSL_OP_NO_TLSv1_2
};
export default function (supportedProtocols) {
if (!supportedProtocols || !supportedProtocols.length) {
return null;
}
return chain(protocolMap)
.omit(supportedProtocols)
.values()
.reduce(function (value, sum) {
return value | sum;
}, 0)
.value();
}

46
src/legacy/server/http/secure_options.test.js
View file

@ -1,46 +0,0 @@
/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import secureOptions from './secure_options';
import crypto from 'crypto';
const constants = crypto.constants;
describe('secure_options', function () {
it('allows null', function () {
expect(secureOptions(null)).toBe(null);
});
it ('allows an empty array', function () {
expect(secureOptions([])).toBe(null);
});
it ('removes TLSv1 if we only support TLSv1.1 and TLSv1.2', function () {
expect(secureOptions(['TLSv1.1', 'TLSv1.2'])).toBe(constants.SSL_OP_NO_TLSv1);
});
it ('removes TLSv1.1 and TLSv1.2 if we only support TLSv1', function () {
expect(secureOptions(['TLSv1'])).toBe(constants.SSL_OP_NO_TLSv1_1 | constants.SSL_OP_NO_TLSv1_2);
});
it ('removes TLSv1 and TLSv1.1 if we only support TLSv1.2', function () {
expect(secureOptions(['TLSv1.2'])).toBe(constants.SSL_OP_NO_TLSv1 | constants.SSL_OP_NO_TLSv1_1);
});
});