(PUP-10889) Handle ruby < 2.5

Ruby didn't define the OpenSSL::SSL::TLS1_VERSION constant until 2.5 and
the `SSLContext#min_version=` wasn't supported.

Author: joshcooper

lib/puppet/network/http/factory.rb

@@ -28,7 +28,7 @@ def create_connection(site)
     http = Puppet::Util::HttpProxy.proxy(URI(site.addr))
     http.use_ssl = site.use_ssl?
     if site.use_ssl?
-      http.min_version = OpenSSL::SSL::TLS1_VERSION
+      http.min_version = OpenSSL::SSL::TLS1_VERSION if http.respond_to?(:min_version)
       http.ciphers = Puppet[:ciphers]
     end
     http.read_timeout = Puppet[:http_read_timeout]

lib/puppet/util/monkey_patches.rb

@@ -32,6 +32,13 @@ def daemonize
 # (#19151) Reject all SSLv2 ciphers and handshakes
 require 'puppet/ssl/openssl_loader'
 unless Puppet::Util::Platform.jruby_fips?
+  unless defined?(OpenSSL::SSL::TLS1_VERSION)
+    module OpenSSL::SSL
+      # see https://github.com/ruby/ruby/commit/609103dbb5fb182eec12f052226c43e39b907682#diff-09f822c26289f5347111795ca22ed7ed1cfadd6ebd28f987991d1d414eef565aR2755-R2759
+      OpenSSL::SSL::TLS1_VERSION = 0x301
+    end
+  end
+
   class OpenSSL::SSL::SSLContext
     if DEFAULT_PARAMS[:options]
       DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3

spec/integration/http/client_spec.rb

@@ -159,7 +159,7 @@
       https_server.start_server do |port|
         expect {
           client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
-        }.to raise_error(Puppet::HTTP::ConnectionError, /no cipher match/)
+        }.to raise_error(Puppet::HTTP::ConnectionError, /no cipher match|sslv3 alert handshake failure/)
       end
     end
   end

spec/unit/network/http/factory_spec.rb

@@ -146,7 +146,7 @@ def create_connection(site)
   end
 
   context 'tls' do
-    it "sets the minimum version to TLS 1.0" do
+    it "sets the minimum version to TLS 1.0", if: RUBY_VERSION.to_f >= 2.5 do
       conn = create_connection(site)
       expect(conn.min_version).to eq(OpenSSL::SSL::TLS1_VERSION)
     end