(PE-36344) Stop using fork of ntlm gem #705
Conversation
We are now shipping openssl runtimes with the required crypto algorithms. This commit stops using the ntlm fork that provided a ruby implementation for the crypto algs.
| @@ -176,6 +176,7 @@ | |||
| proj.component('rubygem-net-ssh') | |||
| proj.component('rubygem-net-ssh-krb') | |||
| proj.component('rubygem-nori') | |||
| proj.component('rubygem-rubyntlm') | |||
There was a problem hiding this comment.
Oh, when I reverted the usage of the ntlm fork in pe-installer-runtime-main (d993409) I didn't see a dependency on 'rubygem-rubyntlm' added. Does something similar need to be done to pe-instlaler?
There was a problem hiding this comment.
Not now, when i was looking at this i realized for installer we actually use rubygems to do dependency resolution. This is not ideal because https://tickets.puppetlabs.com/browse/PE-36494 We will explicitly package that when we do that ticket but for now rubygems will find the latest rubyntmlm and we will be good to go.
| @@ -11,9 +11,6 @@ | |||
| proj.setting(:openssl_version, '3.0') | |||
|
|
|||
| instance_eval File.read(File.join(File.dirname(__FILE__), '_shared-pe-bolt-server_with_ruby.rb')) | |||
|
|
|||
| # TODO: Work around PE-36078 by using forked non-optimal solution | |||
| proj.component('rubygem-rubyntlm-fork') | |||
There was a problem hiding this comment.
whoops! I should have removed this when I added the proj.setting(:use_legacy_openssl_algos, true) in the bolt server, sorry.
There was a problem hiding this comment.
oh, lol, i hadn't noticed that Sean didn't include my update for :use_legacy_openssl_algos. Thanks, Cas!
We are now shipping openssl runtimes with the required crypto algorithms. This commit stops using the ntlm fork that provided a ruby implementation for the crypto algs.