Commit 7155a800 authored by Dmytro Zaporozhets (DZ)'s avatar Dmytro Zaporozhets (DZ)

Merge branch 'Lint/DeprecatedOpenSSLConstant' into 'master'

Replace OpenSSL constants with strings (CE)

See merge request gitlab-org/gitlab!52432
parents 85972542 8d2e200c
......@@ -155,20 +155,6 @@ Lint/BinaryOperatorWithIdenticalOperands:
Lint/ConstantDefinitionInBlock:
Enabled: false
# Offense count: 9
# Cop supports --auto-correct.
Lint/DeprecatedOpenSSLConstant:
Exclude:
- 'app/services/clusters/kubernetes/configure_istio_ingress_service.rb'
- 'ee/lib/gitlab/geo/oauth/logout_state.rb'
- 'lib/gitlab/conan_token.rb'
- 'lib/gitlab/gitaly_client.rb'
- 'lib/gitlab/kubernetes/helm/v2/certificate.rb'
- 'spec/lib/gitlab/conan_token_spec.rb'
- 'spec/services/pages_domains/obtain_lets_encrypt_certificate_service_spec.rb'
- 'spec/support/helpers/smime_helper.rb'
- 'spec/support/shared_contexts/requests/api/conan_packages_shared_context.rb'
# Offense count: 1
Lint/DuplicateRequire:
Exclude:
......
......@@ -60,7 +60,7 @@ module Clusters
cert.public_key = key.public_key
cert.subject = name
cert.issuer = name
cert.sign(key, OpenSSL::Digest::SHA256.new)
cert.sign(key, OpenSSL::Digest.new('SHA256'))
serverless_domain_cluster.update!(
key: key.to_pem,
......
---
title: Replace OpenSSL constants with strings
merge_request: 52432
author: Takuya Noguchi
type: other
......@@ -35,7 +35,7 @@ module Gitlab
def secret
OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::SHA256.new,
OpenSSL::Digest.new('SHA256'),
::Settings.attr_encrypted_db_key_base,
HMAC_KEY
)
......
......@@ -203,7 +203,7 @@ module Gitlab
def self.authorization_token(storage)
token = token(storage).to_s
issued_at = real_time.to_i.to_s
hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, token, issued_at)
hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('SHA256'), token, issued_at)
"v2.#{hmac}.#{issued_at}"
end
......
......@@ -59,7 +59,7 @@ module Gitlab
cert.add_extension(extension_factory.create_extension('keyUsage', 'cRLSign,keyCertSign', true))
end
cert.sign(signed_by&.key || key, OpenSSL::Digest::SHA256.new)
cert.sign(signed_by&.key || key, OpenSSL::Digest.new('SHA256'))
new(key, cert)
end
......
......@@ -6,7 +6,7 @@ RSpec.describe Gitlab::ConanToken do
let(:jwt_secret) do
OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::SHA256.new,
OpenSSL::Digest.new('SHA256'),
base_secret,
described_class::HMAC_KEY
)
......
......@@ -135,7 +135,7 @@ RSpec.describe PagesDomains::ObtainLetsEncryptCertificateService do
cert.add_extension ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always")
cert.sign key, OpenSSL::Digest::SHA1.new
cert.sign key, OpenSSL::Digest.new('SHA1')
cert.to_pem
end
......
......@@ -52,7 +52,7 @@ module SmimeHelper
cert.add_extension(extension_factory.create_extension('extendedKeyUsage', 'clientAuth,emailProtection', false))
end
cert.sign(signed_by&.fetch(:key, nil) || key, OpenSSL::Digest::SHA256.new)
cert.sign(signed_by&.fetch(:key, nil) || key, OpenSSL::Digest.new('SHA256'))
{ key: key, cert: cert }
end
......
......@@ -22,7 +22,7 @@ RSpec.shared_context 'conan api setup' do
let(:jwt_secret) do
OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::SHA256.new,
OpenSSL::Digest.new('SHA256'),
base_secret,
Gitlab::ConanToken::HMAC_KEY
)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment