certificate-checker 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 566689bca2b7298b06a7dbafd7d9687dc7fcdb4ef333337a8c8747c6b96a6a6d
4
+ data.tar.gz: 7fce38290f5f8c98454529fe672926c387097f61c6ccae6dbdb05d2f46362035
5
+ SHA512:
6
+ metadata.gz: 1387cb34c6ce0630f0ff9070fba1b8266060aa1d9ebb38e6f17cbac8bcff25ce9cb112774e63611c806f427cb9c4260c1dacf0978c3704592336a614312850af
7
+ data.tar.gz: 60caabbc4d514a2076c65f0ae79d6df8f13714912f9ef35ea5ed7cb2cb1b9d3e2f4760db7e2d898d1ddb489a8ec070310d907e24139d743ed041740f124924bc
data/.gitignore ADDED
@@ -0,0 +1,24 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.local
7
+ Gemfile.lock
8
+ InstalledFiles
9
+ _yardoc
10
+ coverage
11
+ doc/
12
+ lib/bundler/man
13
+ pkg
14
+ rdoc
15
+ spec/examples.txt
16
+ spec/reports
17
+ test/tmp
18
+ test/version_tmp
19
+ tmp
20
+ *.bundle
21
+ *.so
22
+ *.o
23
+ *.a
24
+ mkmf.log
data/.rspec ADDED
@@ -0,0 +1 @@
1
+ --require spec_helper
data/.travis.yml ADDED
@@ -0,0 +1,11 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.4
4
+ - 2.5
5
+ - 2.6
6
+ before_script:
7
+ - curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
8
+ - chmod +x ./cc-test-reporter
9
+ - ./cc-test-reporter before-build
10
+ after_script:
11
+ - ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT
@@ -0,0 +1,74 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ In the interest of fostering an open and welcoming environment, we as
6
+ contributors and maintainers pledge to making participation in our project and
7
+ our community a harassment-free experience for everyone, regardless of age, body
8
+ size, disability, ethnicity, gender identity and expression, level of experience,
9
+ nationality, personal appearance, race, religion, or sexual identity and
10
+ orientation.
11
+
12
+ ## Our Standards
13
+
14
+ Examples of behavior that contributes to creating a positive environment
15
+ include:
16
+
17
+ * Using welcoming and inclusive language
18
+ * Being respectful of differing viewpoints and experiences
19
+ * Gracefully accepting constructive criticism
20
+ * Focusing on what is best for the community
21
+ * Showing empathy towards other community members
22
+
23
+ Examples of unacceptable behavior by participants include:
24
+
25
+ * The use of sexualized language or imagery and unwelcome sexual attention or
26
+ advances
27
+ * Trolling, insulting/derogatory comments, and personal or political attacks
28
+ * Public or private harassment
29
+ * Publishing others' private information, such as a physical or electronic
30
+ address, without explicit permission
31
+ * Other conduct which could reasonably be considered inappropriate in a
32
+ professional setting
33
+
34
+ ## Our Responsibilities
35
+
36
+ Project maintainers are responsible for clarifying the standards of acceptable
37
+ behavior and are expected to take appropriate and fair corrective action in
38
+ response to any instances of unacceptable behavior.
39
+
40
+ Project maintainers have the right and responsibility to remove, edit, or
41
+ reject comments, commits, code, wiki edits, issues, and other contributions
42
+ that are not aligned to this Code of Conduct, or to ban temporarily or
43
+ permanently any contributor for other behaviors that they deem inappropriate,
44
+ threatening, offensive, or harmful.
45
+
46
+ ## Scope
47
+
48
+ This Code of Conduct applies both within project spaces and in public spaces
49
+ when an individual is representing the project or its community. Examples of
50
+ representing a project or community include using an official project e-mail
51
+ address, posting via an official social media account, or acting as an appointed
52
+ representative at an online or offline event. Representation of a project may be
53
+ further defined and clarified by project maintainers.
54
+
55
+ ## Enforcement
56
+
57
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
+ reported by contacting the project team at romain@blogreen.org. All
59
+ complaints will be reviewed and investigated and will result in a response that
60
+ is deemed necessary and appropriate to the circumstances. The project team is
61
+ obligated to maintain confidentiality with regard to the reporter of an incident.
62
+ Further details of specific enforcement policies may be posted separately.
63
+
64
+ Project maintainers who do not follow or enforce the Code of Conduct in good
65
+ faith may face temporary or permanent repercussions as determined by other
66
+ members of the project's leadership.
67
+
68
+ ## Attribution
69
+
70
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71
+ available at [http://contributor-covenant.org/version/1/4][version]
72
+
73
+ [homepage]: http://contributor-covenant.org
74
+ [version]: http://contributor-covenant.org/version/1/4/
data/Gemfile ADDED
@@ -0,0 +1,20 @@
1
+ # frozen_string_literal: true
2
+
3
+ source 'https://rubygems.org'
4
+
5
+ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
6
+
7
+ # Specify your gem's dependencies in certificate-checker.gemspec
8
+ gemspec
9
+
10
+ # rubocop:disable Security/Eval
11
+ #
12
+ # Gemfile.local is ignored in .gitignore. When hacking this gem, it might be
13
+ # useful to use a pre-release version of some dependency, in this case add them
14
+ # to Gemfile.local:
15
+ #
16
+ # ------------------------------------- 8< -------------------------------------
17
+ # gem 'internet_security_event', path: '../internet_security_event'
18
+ # ------------------------------------- 8< -------------------------------------
19
+ eval(File.read('Gemfile.local'), binding) if File.exist? 'Gemfile.local'
20
+ # rubocop:enable Security/Eval
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2014-2019 Romain Tartière
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,57 @@
1
+ # certificate-checker
2
+
3
+ [![Build Status](https://travis-ci.com/smortex/certificate-checker.svg?branch=master)](https://travis-ci.com/smortex/certificate-checker)
4
+ [![Maintainability](https://api.codeclimate.com/v1/badges/183f536f05771eca87f2/maintainability)](https://codeclimate.com/github/smortex/certificate-checker/maintainability)
5
+ [![Test Coverage](https://api.codeclimate.com/v1/badges/183f536f05771eca87f2/test_coverage)](https://codeclimate.com/github/smortex/certificate-checker/test_coverage)
6
+
7
+ Find certificates in a directory tree and report any expired or about to expire
8
+ certificate.
9
+
10
+ ## Installation
11
+
12
+ As simple as:
13
+
14
+ $ gem install certificate-checker
15
+
16
+ ## Usage
17
+
18
+ As simple as:
19
+
20
+ $ certificate-checker /usr/local/etc/apache2/ssl /usr/local/etc/slapd/cert
21
+
22
+ ## Development
23
+
24
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run
25
+ `rake spec` to run the tests. You can also run `bin/console` for an interactive
26
+ prompt that will allow you to experiment.
27
+
28
+ To install this gem onto your local machine, run `bundle exec rake install`. To
29
+ release a new version, update the version number in `version.rb`, and then run
30
+ `bundle exec rake release`, which will create a git tag for the version, push
31
+ git commits and tags, and push the `.gem` file to
32
+ [rubygems.org](https://rubygems.org).
33
+
34
+ ## Contributing
35
+
36
+ Bug reports and pull requests are welcome on GitHub at
37
+ https://github.com/smortex/certificate-checker. This project is intended to be
38
+ a safe, welcoming space for collaboration, and contributors are expected to
39
+ adhere to the [Contributor Covenant](http://contributor-covenant.org) code of
40
+ conduct.
41
+
42
+ 1. Fork it (https://github.com/smortex/certificate-checker/fork)
43
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
44
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
45
+ 4. Push to the branch (`git push origin my-new-feature`)
46
+ 5. Create a new Pull Request
47
+
48
+ ## License
49
+
50
+ The gem is available as open source under the terms of the [MIT
51
+ License](https://opensource.org/licenses/MIT).
52
+
53
+ ## Code of Conduct
54
+
55
+ Everyone interacting in the certificate-checker project’s codebases, issue
56
+ trackers, chat rooms and mailing lists is expected to follow the [code of
57
+ conduct](https://github.com/smortex/certificate-checker/blob/master/CODE_OF_CONDUCT.md).
data/Rakefile ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'bundler/gem_tasks'
4
+ require 'rspec/core/rake_task'
5
+
6
+ RSpec::Core::RakeTask.new(:spec)
7
+
8
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require 'bundler/setup'
5
+ require 'certificate-checker'
6
+
7
+ # You can add fixtures and/or initialization code here to make experimenting
8
+ # with your gem easier. You can also use a different console, if you like.
9
+
10
+ # (If you use this, don't forget to add pry to your Gemfile!)
11
+ # require "pry"
12
+ # Pry.start
13
+
14
+ require 'irb'
15
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,32 @@
1
+ # frozen_string_literal: true
2
+
3
+ lib = File.expand_path('lib', __dir__)
4
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
+ require 'certificate-checker/version'
6
+
7
+ Gem::Specification.new do |spec|
8
+ spec.name = 'certificate-checker'
9
+ spec.version = CertificateChecker::VERSION
10
+ spec.authors = ['Romain Tartière']
11
+ spec.email = ['romain@blogreen.org']
12
+
13
+ spec.summary = 'Report expired/about to expires certificates in a directory tree.'
14
+ spec.homepage = 'https://github.com/smortex/certificate-checker'
15
+ spec.license = 'MIT'
16
+
17
+ # Specify which files should be added to the gem when it is released.
18
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
19
+ spec.files = Dir.chdir(File.expand_path(__dir__)) do
20
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
21
+ end
22
+ spec.bindir = 'exe'
23
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
24
+ spec.require_paths = ['lib']
25
+
26
+ spec.add_dependency 'internet_security_event', '~> 1.0'
27
+
28
+ spec.add_development_dependency 'bundler', '~> 1.6'
29
+ spec.add_development_dependency 'rake'
30
+ spec.add_development_dependency 'rspec'
31
+ spec.add_development_dependency 'simplecov'
32
+ end
@@ -0,0 +1,26 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require 'json'
5
+ require 'optparse'
6
+ require 'certificate-checker'
7
+
8
+ factory = CertificateChecker::CertificateCheckerFactory.new
9
+
10
+ options = {
11
+ output: $stdout,
12
+ }
13
+
14
+ OptionParser.new do |opts|
15
+ opts.banner = 'Usage: tls-checker [options] specification...'
16
+
17
+ opts.on('-o', '--output=FILE', 'Write to FILE') do |f|
18
+ options[:output] = File.open(f, File::CREAT | File::APPEND | File::LOCK_EX)
19
+ end
20
+ end.parse!
21
+
22
+ ARGV.each do |arg|
23
+ factory.certificate_checkers_for(arg).each do |checker|
24
+ options[:output].puts checker.to_e.to_json
25
+ end
26
+ end
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'certificate-checker/certificate_checker'
4
+ require 'certificate-checker/certificate_checker_factory'
5
+ require 'certificate-checker/certificate_finder'
6
+ require 'certificate-checker/certificate_parser'
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'internet_security_event'
4
+
5
+ module CertificateChecker
6
+ # EventWrapper
7
+ class CertificateChecker
8
+ attr_reader :file, :line, :certificate
9
+
10
+ def initialize(file, line, certificate)
11
+ @file = file
12
+ @line = line
13
+ @certificate = certificate
14
+ end
15
+
16
+ def to_e
17
+ InternetSecurityEvent::X509Status.build(certificate).merge(
18
+ service: service,
19
+ ttl: 3600 * 12,
20
+ tags: ['certificate-checker'],
21
+ )
22
+ end
23
+
24
+ private
25
+
26
+ def service
27
+ "#{file}:#{line}"
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CertificateChecker
4
+ class CertificateCheckerFactory
5
+ def initialize
6
+ @finder = CertificateFinder.new
7
+ end
8
+
9
+ def certificate_checkers_for(filename)
10
+ @finder.search(filename).map do |file|
11
+ parser = CertificateParser.new(file)
12
+ parser.certificates.map do |line, certificate|
13
+ CertificateChecker.new(file, line, certificate)
14
+ end
15
+ end.flatten
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,34 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CertificateChecker
4
+ class CertificateFinder
5
+ def initialize(config = {})
6
+ @config = config.merge(ext: ['*.pem', '*.crt'])
7
+ end
8
+
9
+ def search(path)
10
+ if File.directory?(path)
11
+ search_directory(path)
12
+ elsif File.exist?(path)
13
+ search_file(path)
14
+ else
15
+ warn "No such file or directory @ #{self.class.name}##{__callee__} - #{path}"
16
+ []
17
+ end
18
+ end
19
+
20
+ private
21
+
22
+ def search_directory(path)
23
+ res = []
24
+ @config[:ext].each do |ext|
25
+ res << Dir.glob(File.join(path, '**', ext))
26
+ end
27
+ res.flatten
28
+ end
29
+
30
+ def search_file(path)
31
+ [path]
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'openssl'
4
+
5
+ module CertificateChecker
6
+ class CertificateParser
7
+ attr_reader :certificates
8
+
9
+ def initialize(filename)
10
+ @filename = filename
11
+ @certificates = {}
12
+ @lineno = 0
13
+
14
+ @f = File.open(@filename, 'rb')
15
+ begin
16
+ read_random_data
17
+ ensure
18
+ @f.close
19
+ end
20
+ end
21
+
22
+ private
23
+
24
+ def read_random_data
25
+ until @f.eof?
26
+ line = @f.readline
27
+ @lineno += 1
28
+ next unless line.match?(/^-----BEGIN CERTIFICATE-----/)
29
+
30
+ @data_start_lineno = @lineno
31
+ @data = line
32
+ read_certificate
33
+ end
34
+ end
35
+
36
+ def read_certificate
37
+ until @f.eof?
38
+ line = @f.readline
39
+ @lineno += 1
40
+ @data += line
41
+ if line.match?(/^-----END CERTIFICATE-----/)
42
+ add_certificate
43
+ return
44
+ end
45
+ end
46
+
47
+ raise "#{@filename}:#{@lineno}: Unexpected end of file"
48
+ end
49
+
50
+ def add_certificate
51
+ certificates[@data_start_lineno] = OpenSSL::X509::Certificate.new(@data)
52
+ rescue OpenSSL::X509::CertificateError => e
53
+ warn "Error parsing certificate at #{@filename}:#{@data_start_lineno}: #{e.message}"
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CertificateChecker
4
+ VERSION = '1.0.0'
5
+ end
metadata ADDED
@@ -0,0 +1,133 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: certificate-checker
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Romain Tartière
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2019-02-19 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: internet_security_event
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.6'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.6'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rspec
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: simplecov
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ description:
84
+ email:
85
+ - romain@blogreen.org
86
+ executables:
87
+ - certificate-checker
88
+ extensions: []
89
+ extra_rdoc_files: []
90
+ files:
91
+ - ".gitignore"
92
+ - ".rspec"
93
+ - ".travis.yml"
94
+ - CODE_OF_CONDUCT.md
95
+ - Gemfile
96
+ - LICENSE.txt
97
+ - README.md
98
+ - Rakefile
99
+ - bin/console
100
+ - bin/setup
101
+ - certificate-checker.gemspec
102
+ - exe/certificate-checker
103
+ - lib/certificate-checker.rb
104
+ - lib/certificate-checker/certificate_checker.rb
105
+ - lib/certificate-checker/certificate_checker_factory.rb
106
+ - lib/certificate-checker/certificate_finder.rb
107
+ - lib/certificate-checker/certificate_parser.rb
108
+ - lib/certificate-checker/version.rb
109
+ homepage: https://github.com/smortex/certificate-checker
110
+ licenses:
111
+ - MIT
112
+ metadata: {}
113
+ post_install_message:
114
+ rdoc_options: []
115
+ require_paths:
116
+ - lib
117
+ required_ruby_version: !ruby/object:Gem::Requirement
118
+ requirements:
119
+ - - ">="
120
+ - !ruby/object:Gem::Version
121
+ version: '0'
122
+ required_rubygems_version: !ruby/object:Gem::Requirement
123
+ requirements:
124
+ - - ">="
125
+ - !ruby/object:Gem::Version
126
+ version: '0'
127
+ requirements: []
128
+ rubyforge_project:
129
+ rubygems_version: 2.7.8
130
+ signing_key:
131
+ specification_version: 4
132
+ summary: Report expired/about to expires certificates in a directory tree.
133
+ test_files: []