From 72d8b1e40aa96f575aac9a8c9dada09e66cd7a9d Mon Sep 17 00:00:00 2001 From: Michael Kozono Date: Fri, 9 Jun 2017 10:39:29 -0700 Subject: [PATCH] Move backwards compatibility logic out of the code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit And closer to the configuration setup. The code doesn’t need to know about this. --- config/initializers/1_settings.rb | 6 +++++- lib/gitlab/ldap/config.rb | 6 +----- spec/lib/gitlab/ldap/config_spec.rb | 24 ------------------------ 3 files changed, 6 insertions(+), 30 deletions(-) diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 9344a42540b..20fe92dd6b3 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -145,7 +145,11 @@ if Settings.ldap['enabled'] || Rails.env.test? server['attributes'] = {} if server['attributes'].nil? server['provider_name'] ||= "ldap#{key}".downcase server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name']) - server['encryption'] ||= server['method'] # for backwards compatibility + + # For backwards compatibility + server['encryption'] ||= server['method'] + server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl' + server['encryption'] = 'start_tls' if server['encryption'] == 'tls' # Certificates are not verified for backwards compatibility. # This default should be flipped to true in 9.5. diff --git a/lib/gitlab/ldap/config.rb b/lib/gitlab/ldap/config.rb index efc3c50e038..db76ee098c5 100644 --- a/lib/gitlab/ldap/config.rb +++ b/lib/gitlab/ldap/config.rb @@ -5,11 +5,7 @@ module Gitlab NET_LDAP_ENCRYPTION_METHOD = { :simple_tls => :simple_tls, :start_tls => :start_tls, - :plain => nil, - - # Deprecated. Better to pass-through the actual `Net::LDAP` encryption type. - :ssl => :simple_tls, - :tls => :start_tls, + :plain => nil } attr_accessor :provider, :options diff --git a/spec/lib/gitlab/ldap/config_spec.rb b/spec/lib/gitlab/ldap/config_spec.rb index 7679c9ea913..e3a9505531d 100644 --- a/spec/lib/gitlab/ldap/config_spec.rb +++ b/spec/lib/gitlab/ldap/config_spec.rb @@ -69,18 +69,6 @@ describe Gitlab::LDAP::Config, lib: true do expect(config.adapter_options[:encryption]).to include({ method: :simple_tls }) end - it 'sets encryption method to simple_tls when configured as ssl, for backwards compatibility' do - stub_ldap_config( - options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'ssl' - } - ) - - expect(config.adapter_options[:encryption]).to include({ method: :simple_tls }) - end - it 'sets encryption method to start_tls when configured as start_tls' do stub_ldap_config( options: { @@ -93,18 +81,6 @@ describe Gitlab::LDAP::Config, lib: true do expect(config.adapter_options[:encryption]).to include({ method: :start_tls }) end - it 'sets encryption method to start_tls when configured as tls, for backwards compatibility' do - stub_ldap_config( - options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'tls' - } - ) - - expect(config.adapter_options[:encryption]).to include({ method: :start_tls }) - end - context 'when verify_certificates is enabled' do it 'sets tls_options to OpenSSL defaults' do stub_ldap_config(