Skip to content

Add support for ciphers in SSLOptions setting #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
olleolleolle merged 3 commits into from
Jan 27, 2026
Merged

Add support for ciphers in SSLOptions setting #44

olleolleolle merged 3 commits into from
Jan 27, 2026

Conversation

@bellvat
Copy link
Contributor

@bellvat bellvat commented Jan 24, 2026

This PR is related to this open issue, which aims to support ciphers SSLOptions setting across adapters.

@olleolleolle
Copy link
Member

olleolleolle commented Jan 26, 2026

@bellvat Thanks, that's a nice addition. Can you think of some way to prove or test this code path? https://github.com/lostisland/faraday-http/blob/master/spec/faraday/http/adapter_spec.rb#L72 has some test code which may give you ideas.

@bellvat
Copy link
Contributor Author

bellvat commented Jan 26, 2026
edited
Loading

Hello @olleolleolle, I ensured that adding ciphers still allows the request to be successful.
The downside to this is it passes whether I added the ciphers keyword or not.

I tried to spy on OpenSSL::SSL::SSLContext, to see that it sets ciphers param, but it then it prevents actual OpenSSL behavior. I think calling the real OpenSSL is more valuable and saw the previous tests take this approach, so I chose to stick with this.

olleolleolle
olleolleolle reviewed Jan 27, 2026
View reviewed changes
lib/faraday/adapter/http.rb
params = {}
%i[
ca_file ca_path cert_store verify_depth
ca_file ca_path cert_store ciphers verify_depth
Copy link
Member

@olleolleolle olleolleolle Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Q: If I remove the ciphers word from this, does the test fail?

Copy link
Contributor Author

@bellvat bellvat Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, the test will pass.
I will try another way to make the test fail without adding the ciphers word. 🫡

Copy link
Contributor Author

@bellvat bellvat Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have updated the test to address this in the latest commit. Thanks!

@bellvat
Increase effectiveness of test
e8903f4 
- without adding ciphers option/keyword, the test will now fail
olleolleolle
olleolleolle approved these changes Jan 27, 2026
View reviewed changes
Copy link
Member

@olleolleolle olleolleolle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, this improves things!

@olleolleolle olleolleolle merged commit d346aa5 into lostisland:master Jan 27, 2026
@bellvat
Copy link
Contributor Author

bellvat commented Jan 27, 2026

Hello @olleolleolle, CI is failing on Ruby 2.7. I will investigate and open a new PR to fix this.

@olleolleolle
Copy link
Member

olleolleolle commented Jan 28, 2026

@bellvat I began a PR that polishes away very outdated Ruby versions that Faraday does not test with. #45

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@olleolleolle olleolleolle olleolleolle approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bellvat @olleolleolle