RubyGems - internet_security_event - Versions diffs - 1.1.0 → 1.2.0 - Mend

internet_security_event 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -1
data/internet_security_event.gemspec +0 -1
data/lib/internet_security_event/tls_status.rb +1 -30
data/lib/internet_security_event/version.rb +1 -1
data/lib/internet_security_event/x509_status.rb +32 -8
metadata +3 -18

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2d93be47b6e84cb8d7e40c2f604732ee48ba6582235253710dd473e0634099c1
-  data.tar.gz: b58978d3f62628a1239a03e60438ca5f516f19ac59ff6946987c4541080b90ca
+  metadata.gz: b6923d00090d3e6b18ace47b442146eedef8dc61a3a25cca68ba4080787db760
+  data.tar.gz: f8d9b8e164285b72fa9905590a389bb522552867d4cd20c435f415f1cb330cb8
 SHA512:
-  metadata.gz: c936050537ef4665d970fea58906b3c1de303a80abe73a082a09040801ebfda12c0826d055c89345591c7844472c82bfb8ccce01bed48dd79618f3a89b78f2e5
-  data.tar.gz: e03ee5ccf138e9d4a9bc6534dcfa3987f631fca669ed1cf0f450d159536c88a43405de338abb71508abb8297f05689818b7ace1abcab97238f6122ecf2519c86
+  metadata.gz: e92aa02b66c60f44cb10bd4b9d1f0a70a14beb2d101d174ec4d6b2fa34d1952ce37646df26db470ad683541d0aa3fc746e53b61bc71e644b60d5b1de589df415
+  data.tar.gz: ec0d055bd386f1a15692e8f6044510cb4060f8b4bc56b54ebdb85d14376660125516a37840436404239e35a848d90640a7b45974afe07965d0793dbc590b31ee

data/CHANGELOG.md CHANGED

@@ -1,10 +1,18 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [1.2.0] - 2019-02-28
+### Changed
+- Rely on `OpenSSL::SSL.verify_certificate_identity` to check that a certificate
+  is valid for the provided hostname.
 ## [1.1.0] - 2019-02-21
 ### Added
 - Add basic suport for TLSA events.
@@ -18,7 +26,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 - Improve the way TLS certificates state is computed.
-[Unreleased]: https://github.com/smortex/internet_security_event/compare/v1.1.0...HEAD
+[Unreleased]: https://github.com/smortex/internet_security_event/compare/v1.2.0...HEAD
+[1.2.0]: https://github.com/smortex/internet_security_event/compare/v1.1.0...v1.2.0
 [1.1.0]: https://github.com/smortex/internet_security_event/compare/v1.0.2...v1.1.0
 [1.0.2]: https://github.com/smortex/internet_security_event/compare/v1.0.1...v1.0.2
 [1.0.1]: https://github.com/smortex/internet_security_event/compare/v1.0.0...v1.0.1

data/internet_security_event.gemspec CHANGED

@@ -23,7 +23,6 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
-  spec.add_dependency 'actionview', '~> 5.2'
   spec.add_dependency 'activesupport', '~> 5.2'
   spec.add_development_dependency 'bundler'

data/lib/internet_security_event/tls_status.rb CHANGED

@@ -33,36 +33,7 @@ module InternetSecurityEvent
     def hostname_is_valid_for_this_certificate?
       return true if hostname.nil?
-      hostname_match_subject? || hostname_match_subject_alternative_name?
-    end
-    def hostname_match_subject?
-      name_match_patern(hostname, common_name)
-    end
-    def hostname_match_subject_alternative_name?
-      return false unless certificate
-      san = certificate.extensions.select { |ext| ext.oid == 'subjectAltName' }.first
-      if san
-        alt_names = san.value.split(', ').map { |name| name.sub(/\ADNS:/, '') }
-        return true if alt_names.any? { |alt_name| name_match_patern(hostname, alt_name) }
-      end
-      false
-    end
-    def name_match_patern(hostname, pattern)
-      re = Regexp.new('\A' + pattern.split('*').map do |st|
-        Regexp.escape(st)
-      end.join('[^.]*') + '\z')
-      re.match(hostname)
-    end
-    def common_name
-      certificate.subject.to_a.select { |data| data[0] == 'CN' }.map { |data| data[1] }.first if certificate
+      OpenSSL::SSL.verify_certificate_identity(certificate, hostname)
     end
   end
 end

data/lib/internet_security_event/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module InternetSecurityEvent
-  VERSION = '1.1.0'
+  VERSION = '1.2.0'
 end

data/lib/internet_security_event/x509_status.rb CHANGED

@@ -1,13 +1,9 @@
 # frozen_string_literal: true
-require 'action_view'
-require 'action_view/helpers'
 require 'active_support/core_ext/numeric/time'
 module InternetSecurityEvent
   class X509Status
-    include ActionView::Helpers::DateHelper
     attr_reader :certificate, :hostname
     def initialize(certificate)
@@ -32,6 +28,10 @@ module InternetSecurityEvent
       }
     end
+    def renewal_duration
+      [validity_duration / 3, 90.days].min
+    end
     private
     def description
@@ -71,10 +71,6 @@ module InternetSecurityEvent
       now + 2 * renewal_duration / 3 > certificate.not_after
     end
-    def renewal_duration
-      [validity_duration / 3, 90.days].min
-    end
     def validity_duration
       certificate.not_after - certificate.not_before
     end
@@ -82,5 +78,33 @@ module InternetSecurityEvent
     def now
       Now.instance.now
     end
+    # Stolen from ActionView, to avoid pulling a lot of dependencies
+    def distance_of_time_in_words_to_now(to_time)
+      distance_in_seconds = (to_time - now).round.abs
+      distance_in_minutes = distance_in_seconds / 60
+      case distance_in_minutes
+      when 0                then 'less than 1 minute'
+      when 1...45           then pluralize_string('%d %s', distance_in_minutes, 'minute')
+      when 45...1440        then pluralize_string('about %d %s', (distance_in_minutes.to_f / 60.0).round, 'hour')
+        # 24 hours up to 30 days
+      when 1440...43_200    then pluralize_string('%d %s', (distance_in_minutes.to_f / 1440.0).round, 'day')
+        # 30 days up to 60 days
+      when 43_200...86_400  then pluralize_string('about %d %s', (distance_in_minutes.to_f / 43_200.0).round, 'month')
+        # 60 days up to 365 days
+      when 86_400...525_600 then pluralize_string('%d %s', (distance_in_minutes.to_f / 43_200.0).round, 'month')
+      else
+        pluralize_string('about %d %s', (distance_in_minutes.to_f / 525_600.0).round, 'year')
+      end
+    end
+    def pluralize_string(string, number, word)
+      format(string, number, pluralize_word(number, word))
+    end
+    def pluralize_word(number, word)
+      word + (number.abs == 1 ? '' : 's')
+    end
   end
 end

metadata CHANGED

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: internet_security_event
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Romain Tartière
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-02-22 00:00:00.000000000 Z
+date: 2019-02-28 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: actionview
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.2'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.2'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -139,8 +125,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.7.8
+rubygems_version: 3.0.2
 signing_key:
 specification_version: 4
 summary: Build events describing the status of various internet services