[Buildbot] #3436: documentation inaccurately claims that SSL is not supported by 'www' config
Buildbot trac
trac at buildbot.net
Mon Feb 1 23:58:29 UTC 2016
#3436: documentation inaccurately claims that SSL is not supported by 'www' config
----------------------+-------------------
Reporter: glyph | Owner:
Type: undecided | Status: new
Priority: minor | Milestone: 0.9.0
Version: master | Keywords:
----------------------+-------------------
https://github.com/buildbot/buildbot/blob/034c150c9fd7526ad7f33c228d06131953ddfa97/master/docs/manual
/cfg-www.rst says
- port
The TCP port on which to serve requests. Note that SSL is not
supported. To host Buildbot with SSL, use an HTTP proxy such as lighttpd,
nginx, or Apache. If this is None, the default, then the master will not
implement a web server.
In my opinion, this is bad security advice, because Twisted comes with
better SSL support out of the box than any of the above options
(particularly, Twisted maintains an up-to-date cipher suite configuration
and doesn't make it the user's problem).
It also conflicts with the actual implementation, which as far as I can
tell is in
https://github.com/buildbot/buildbot/blob/034c150c9fd7526ad7f33c228d06131953ddfa97/master/buildbot/www/service.py#L92-L119
and uses `strports.service`, which totally supports SSL. It even supports
virtual-hosted SSL, with a plugin: https://github.com/glyph/txsni
Would you be amenable to changing the documentation?
--
Ticket URL: <http://trac.buildbot.net/ticket/3436>
Buildbot <http://buildbot.net/>
Buildbot: build/test automation
More information about the bugs
mailing list