Revert "Merge pull request voxpupuli#547 from xepa/feature/extra_ssl_…

…options" This reverts commit 2b2c4ac, reversing changes made to 0af454f.
slm0n87 · Aug 10, 2017 · 6088b98 · 6088b98
1 parent dc7e43e
commit 6088b98
Show file tree

Hide file tree

Showing 5 changed files with 0 additions and 34 deletions.
diff --git a/README.md b/README.md
@@ -448,22 +448,6 @@ rabbitmq.config SSL verify setting.
 
 rabbitmq.config `fail_if_no_peer_cert` setting.
 
-####`ssl_secure_renegotiate`
-
-Use ssl secure renegotiate [boolean: default true]
-
-####`ssl_reuse_sessions`
-
-Reuse ssl sessions [boolean: default true]
-
-####`ssl_honor_cipher_order`
-
-Force use of server cipher order [boolean: default true]
-
-####`ssl_dhfile`
-
-Use this dhparam file [example: generate with `openssl dhparam -out /etc/rabbitmq/ssl/dhparam.pem 2048`, default empty]
-
 ####`ssl_versions`
 
 Choose which SSL versions to enable. Example: `['tlsv1.2', 'tlsv1.1']`.

diff --git a/manifests/config.pp b/manifests/config.pp
@@ -46,10 +46,6 @@
   $ssl_stomp_port             = $rabbitmq::ssl_stomp_port
   $ssl_verify                 = $rabbitmq::ssl_verify
   $ssl_fail_if_no_peer_cert   = $rabbitmq::ssl_fail_if_no_peer_cert
-  $ssl_secure_renegotiate     = $rabbitmq::ssl_secure_renegotiate
-  $ssl_reuse_sessions         = $rabbitmq::ssl_reuse_sessions
-  $ssl_honor_cipher_order     = $rabbitmq::ssl_honor_cipher_order
-  $ssl_dhfile                 = $rabbitmq::ssl_dhfile
   $ssl_versions               = $rabbitmq::ssl_versions
   $ssl_ciphers                = $rabbitmq::ssl_ciphers
   $stomp_port                 = $rabbitmq::stomp_port

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -54,10 +54,6 @@
   $ssl_stomp_port                                = $rabbitmq::params::ssl_stomp_port,
   $ssl_verify                                    = $rabbitmq::params::ssl_verify,
   $ssl_fail_if_no_peer_cert                      = $rabbitmq::params::ssl_fail_if_no_peer_cert,
-  Boolean $ssl_secure_renegotiate                = $rabbitmq::params::ssl_secure_renegotiate,
-  Boolean $ssl_reuse_sessions                    = $rabbitmq::params::ssl_reuse_sessions,
-  Boolean $ssl_honor_cipher_order                = $rabbitmq::params::ssl_honor_cipher_order,
-  String $ssl_dhfile                             = $rabbitmq::params::ssl_dhfile,
   Optional[Array] $ssl_versions                  = $rabbitmq::params::ssl_versions,
   Array $ssl_ciphers                             = $rabbitmq::params::ssl_ciphers,
   Boolean $stomp_ensure                          = $rabbitmq::params::stomp_ensure,

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -112,10 +112,6 @@
   $ssl_stomp_port              = '6164'
   $ssl_verify                  = 'verify_none'
   $ssl_fail_if_no_peer_cert    = false
-  $ssl_secure_renegotiate      = true
-  $ssl_reuse_sessions          = true
-  $ssl_honor_cipher_order      = true
-  $ssl_dhfile                  = 'UNSET'
   $ssl_versions                = undef
   $ssl_ciphers                 = []
   $stomp_ensure                = false

diff --git a/templates/rabbitmq.config.erb b/templates/rabbitmq.config.erb
@@ -65,12 +65,6 @@
                    <%- if @ssl_depth -%>
                    {depth,<%= @ssl_depth %>},
                    <%- end -%>
-                   <%- if @ssl_dhfile != 'UNSET' -%>
-                   {dhfile, "<%= @ssl_dhfile %>"},
-                   <%- end -%>
-                   {secure_renegotiate,<%= @ssl_secure_renegotiate %>},
-                   {reuse_sessions,<%= @ssl_reuse_sessions %>},
-                   {honor_cipher_order,<%= @ssl_honor_cipher_order %>},
                    {verify,<%= @ssl_verify %>},
                    {fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>}
                    <%- if @ssl_versions -%>