summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Smith <tsmith84@gmail.com>2020-05-22 10:13:51 -0700
committerTim Smith <tsmith84@gmail.com>2020-05-22 10:13:51 -0700
commit003fbc132935961e93667f11c3f45ce4914b83ac (patch)
tree473cf75cf4442ac5424b70197ad278ac670407d3
parentc6666085f6a47bcb1b32446750760d6170927608 (diff)
downloadchef-003fbc132935961e93667f11c3f45ce4914b83ac.tar.gz
Update our usage of OpenSSL::Digest to avoid Ruby 3 breaking changeopenssl_fixes
There's a RuboCop cop to fix these before Ruby 3 breaks it. Signed-off-by: Tim Smith <tsmith@chef.io>
-rw-r--r--lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb2
-rw-r--r--lib/chef/digester.rb8
-rw-r--r--lib/chef/encrypted_data_bag_item/decryptor.rb2
-rw-r--r--lib/chef/encrypted_data_bag_item/encryptor.rb2
-rw-r--r--lib/chef/key.rb2
-rw-r--r--lib/chef/mixin/openssl_helper.rb8
-rw-r--r--lib/chef/provider/user/dscl.rb4
-rw-r--r--lib/chef/provider/user/mac.rb4
-rw-r--r--lib/chef/resource/windows_certificate.rb2
-rw-r--r--lib/chef/resource/windows_user_privilege.rb4
-rw-r--r--spec/support/chef_helpers.rb2
-rw-r--r--spec/unit/mixin/openssl_helper_spec.rb8
12 files changed, 24 insertions, 24 deletions
diff --git a/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb b/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb
index 8ac4a9dffa..1a81676c26 100644
--- a/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb
+++ b/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb
@@ -69,7 +69,7 @@ class Chef
private
def calc_checksum(value)
- OpenSSL::Digest::MD5.hexdigest(value)
+ OpenSSL::Digest.hexdigest("MD5", value)
end
end
end
diff --git a/lib/chef/digester.rb b/lib/chef/digester.rb
index 52a0a3c65c..2f6869728c 100644
--- a/lib/chef/digester.rb
+++ b/lib/chef/digester.rb
@@ -39,9 +39,9 @@ class Chef
def generate_checksum(file)
if file.is_a?(StringIO)
- checksum_io(file, OpenSSL::Digest::SHA256.new)
+ checksum_io(file, OpenSSL::Digest.new("SHA256"))
else
- checksum_file(file, OpenSSL::Digest::SHA256.new)
+ checksum_file(file, OpenSSL::Digest.new("SHA256"))
end
end
@@ -50,11 +50,11 @@ class Chef
end
def generate_md5_checksum_for_file(file)
- checksum_file(file, OpenSSL::Digest::MD5.new)
+ checksum_file(file, OpenSSL::Digest.new("MD5"))
end
def generate_md5_checksum(io)
- checksum_io(io, OpenSSL::Digest::MD5.new)
+ checksum_io(io, OpenSSL::Digest.new("MD5"))
end
private
diff --git a/lib/chef/encrypted_data_bag_item/decryptor.rb b/lib/chef/encrypted_data_bag_item/decryptor.rb
index 9d341d5cab..19c3a82bb7 100644
--- a/lib/chef/encrypted_data_bag_item/decryptor.rb
+++ b/lib/chef/encrypted_data_bag_item/decryptor.rb
@@ -158,7 +158,7 @@ class Chef::EncryptedDataBagItem
d = OpenSSL::Cipher.new(algorithm)
d.decrypt
# We must set key before iv: https://bugs.ruby-lang.org/issues/8221
- d.key = OpenSSL::Digest::SHA256.digest(key)
+ d.key = OpenSSL::Digest.digest("SHA256", key)
d.iv = iv
d
end
diff --git a/lib/chef/encrypted_data_bag_item/encryptor.rb b/lib/chef/encrypted_data_bag_item/encryptor.rb
index 0910a2e0b9..2d38b9d44e 100644
--- a/lib/chef/encrypted_data_bag_item/encryptor.rb
+++ b/lib/chef/encrypted_data_bag_item/encryptor.rb
@@ -102,7 +102,7 @@ class Chef::EncryptedDataBagItem
encryptor = OpenSSL::Cipher.new(algorithm)
encryptor.encrypt
# We must set key before iv: https://bugs.ruby-lang.org/issues/8221
- encryptor.key = OpenSSL::Digest::SHA256.digest(key)
+ encryptor.key = OpenSSL::Digest.digest("SHA256", key)
@iv ||= encryptor.random_iv
encryptor.iv = @iv
encryptor
diff --git a/lib/chef/key.rb b/lib/chef/key.rb
index 47c1782b1e..6d30c97ad1 100644
--- a/lib/chef/key.rb
+++ b/lib/chef/key.rb
@@ -252,7 +252,7 @@ class Chef
OpenSSL::ASN1::Integer.new(openssl_key_object.public_key.n),
OpenSSL::ASN1::Integer.new(openssl_key_object.public_key.e),
])
- OpenSSL::Digest::SHA1.hexdigest(data_string.to_der).scan(/../).join(":")
+ OpenSSL::Digest.hexdigest("SHA1", data_string.to_der).scan(/../).join(":")
end
def list(keys, actor, load_method_symbol, inflate)
diff --git a/lib/chef/mixin/openssl_helper.rb b/lib/chef/mixin/openssl_helper.rb
index 7b94096a79..a30ccb5f69 100644
--- a/lib/chef/mixin/openssl_helper.rb
+++ b/lib/chef/mixin/openssl_helper.rb
@@ -218,7 +218,7 @@ class Chef
# Chef 12 backward compatibility
::OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)
- request.sign(key, ::OpenSSL::Digest::SHA256.new)
+ request.sign(key, ::OpenSSL::Digest.new("SHA256"))
request
end
@@ -289,7 +289,7 @@ class Chef
cert.add_extension ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always")
- cert.sign(key, ::OpenSSL::Digest::SHA256.new)
+ cert.sign(key, ::OpenSSL::Digest.new("SHA256"))
cert
end
@@ -319,7 +319,7 @@ class Chef
crl.add_extension ::OpenSSL::X509::Extension.new("crlNumber", ::OpenSSL::ASN1::Integer(1))
crl.add_extension ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always")
- crl.sign(ca_private_key, ::OpenSSL::Digest::SHA256.new)
+ crl.sign(ca_private_key, ::OpenSSL::Digest.new("SHA256"))
crl
end
@@ -398,7 +398,7 @@ class Chef
::OpenSSL::ASN1::Integer(get_next_crl_number(crl)))]
crl.add_extension ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always")
- crl.sign(ca_private_key, ::OpenSSL::Digest::SHA256.new)
+ crl.sign(ca_private_key, ::OpenSSL::Digest.new("SHA256"))
crl
end
diff --git a/lib/chef/provider/user/dscl.rb b/lib/chef/provider/user/dscl.rb
index 39faa3d45c..50030c885f 100644
--- a/lib/chef/provider/user/dscl.rb
+++ b/lib/chef/provider/user/dscl.rb
@@ -382,7 +382,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
salt,
iterations,
128,
- OpenSSL::Digest::SHA512.new
+ OpenSSL::Digest.new("SHA512")
)
end
@@ -627,7 +627,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
salt,
current_resource.iterations,
128,
- OpenSSL::Digest::SHA512.new
+ OpenSSL::Digest.new("SHA512")
).unpack("H*").first == current_resource.password
end
diff --git a/lib/chef/provider/user/mac.rb b/lib/chef/provider/user/mac.rb
index 05684d77d8..a2561e2ccd 100644
--- a/lib/chef/provider/user/mac.rb
+++ b/lib/chef/provider/user/mac.rb
@@ -495,7 +495,7 @@ class Chef
convert_to_binary(current_resource.salt),
current_resource.iterations.to_i,
128,
- OpenSSL::Digest::SHA512.new
+ OpenSSL::Digest.new("SHA512")
).unpack("H*")[0] != current_resource.password
end
@@ -521,7 +521,7 @@ class Chef
salt.string,
new_resource.iterations,
128,
- OpenSSL::Digest::SHA512.new
+ OpenSSL::Digest.new("SHA512")
)
)
end
diff --git a/lib/chef/resource/windows_certificate.rb b/lib/chef/resource/windows_certificate.rb
index cfe119e97a..c6e32d9fa5 100644
--- a/lib/chef/resource/windows_certificate.rb
+++ b/lib/chef/resource/windows_certificate.rb
@@ -308,7 +308,7 @@ class Chef
#
def import_certificates(cert_objs, is_pfx)
[cert_objs].flatten.each do |cert_obj|
- thumbprint = OpenSSL::Digest::SHA1.new(cert_obj.to_der).to_s # Fetch its thumbprint
+ thumbprint = OpenSSL::Digest.new("SHA1", cert_obj.to_der).to_s # Fetch its thumbprint
# Need to check if return value is Boolean:true
# If not then the given certificate should be added in certstore
if verify_cert(thumbprint) == true
diff --git a/lib/chef/resource/windows_user_privilege.rb b/lib/chef/resource/windows_user_privilege.rb
index 1228712092..862a348e68 100644
--- a/lib/chef/resource/windows_user_privilege.rb
+++ b/lib/chef/resource/windows_user_privilege.rb
@@ -126,8 +126,8 @@ class Chef
required: true,
coerce: proc { |v| v.is_a?(String) ? Array[v] : v },
callbacks: {
- "Option privilege must include any of the: #{privilege_opts}" => lambda {
- |v| (privilege_opts & v).size == v.size
+ "Option privilege must include any of the: #{privilege_opts}" => lambda { |v|
+ (privilege_opts & v).size == v.size
},
}
diff --git a/spec/support/chef_helpers.rb b/spec/support/chef_helpers.rb
index 88c4524e97..c566ced8b1 100644
--- a/spec/support/chef_helpers.rb
+++ b/spec/support/chef_helpers.rb
@@ -27,7 +27,7 @@ Chef::Log.level(Chef::Config.log_level)
Chef::Config.solo(false)
def sha256_checksum(path)
- OpenSSL::Digest::SHA256.hexdigest(File.read(path))
+ OpenSSL::Digest.hexdigest("SHA256", File.read(path))
end
# extracted from Ruby < 2.5 to return a unique temp file name without creating it
diff --git a/spec/unit/mixin/openssl_helper_spec.rb b/spec/unit/mixin/openssl_helper_spec.rb
index 79d9a809f9..1cd3960757 100644
--- a/spec/unit/mixin/openssl_helper_spec.rb
+++ b/spec/unit/mixin/openssl_helper_spec.rb
@@ -488,7 +488,7 @@ describe Chef::Mixin::OpenSSLHelper do
@ca_cert.add_extension(ef.create_extension("keyUsage", "keyCertSign, cRLSign", true))
@ca_cert.add_extension(ef.create_extension("subjectKeyIdentifier", "hash", false))
@ca_cert.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always", false))
- @ca_cert.sign(@ca_key, OpenSSL::Digest::SHA256.new)
+ @ca_cert.sign(@ca_key, OpenSSL::Digest.new("SHA256"))
@info_with_issuer = { "validity" => 365, "issuer" => @ca_cert }
@info_without_issuer = { "validity" => 365 }
@@ -614,7 +614,7 @@ describe Chef::Mixin::OpenSSLHelper do
@ca_cert.add_extension(ef.create_extension("keyUsage", "keyCertSign, cRLSign", true))
@ca_cert.add_extension(ef.create_extension("subjectKeyIdentifier", "hash", false))
@ca_cert.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always", false))
- @ca_cert.sign(@ca_key, OpenSSL::Digest::SHA256.new)
+ @ca_cert.sign(@ca_key, OpenSSL::Digest.new("SHA256"))
@info = { "validity" => 8, "issuer" => @ca_cert }
end
@@ -684,7 +684,7 @@ describe Chef::Mixin::OpenSSLHelper do
@ca_cert.add_extension(ef.create_extension("keyUsage", "keyCertSign, cRLSign", true))
@ca_cert.add_extension(ef.create_extension("subjectKeyIdentifier", "hash", false))
@ca_cert.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always", false))
- @ca_cert.sign(@ca_key, OpenSSL::Digest::SHA256.new)
+ @ca_cert.sign(@ca_key, OpenSSL::Digest.new("SHA256"))
@info = { "validity" => 8, "issuer" => @ca_cert }
@@ -765,7 +765,7 @@ describe Chef::Mixin::OpenSSLHelper do
@ca_cert.add_extension(ef.create_extension("keyUsage", "keyCertSign, cRLSign", true))
@ca_cert.add_extension(ef.create_extension("subjectKeyIdentifier", "hash", false))
@ca_cert.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always", false))
- @ca_cert.sign(@ca_key, OpenSSL::Digest::SHA256.new)
+ @ca_cert.sign(@ca_key, OpenSSL::Digest.new("SHA256"))
@info = { "validity" => 8, "issuer" => @ca_cert }