internet_security_event 1.2.1 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +1 -0
- data/CHANGELOG.md +34 -11
- data/HISTORY.md +31 -0
- data/Rakefile +19 -0
- data/internet_security_event.gemspec +2 -1
- data/lib/internet_security_event/tls_status.rb +4 -2
- data/lib/internet_security_event/version.rb +1 -1
- data/lib/internet_security_event/x509_certificate_revocation_list_status.rb +37 -0
- data/lib/internet_security_event/x509_certificate_status.rb +39 -0
- data/lib/internet_security_event/x509_status.rb +21 -24
- data/lib/internet_security_event.rb +2 -0
- metadata +22 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9618c67bc76530f18f67b1c2634fc8a1638f003216c0870bc7aeea96f72136e6
|
|
4
|
+
data.tar.gz: eb38ae645cc40fee9e92b465bb05178d39769bd77aa3804666b13283fb0192bf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1698abecd6ad8f8f76ee0cea45a3e6de1ce4c483b1f5082be060cda480e2e4bef7bdb261f5ed5baf6bc9d243f1a1e948b85f4b755f0a999376fcd9dbe59d1def
|
|
7
|
+
data.tar.gz: da7e963cadddbe85148b28f8a0f4247e36f51d8f9ed6ccd502d0f69f04657180cc1b6c57642b022e7235cf11ed9abfd4be90f95d264918282d59231ba28e2222
|
data/.github/workflows/ci.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -2,37 +2,60 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
|
|
5
|
-
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
|
|
5
|
+
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
-
## [
|
|
8
|
+
## [v3.0.0](https://github.com/smortex/internet_security_event/tree/v3.0.0) (2023-04-17)
|
|
9
|
+
|
|
10
|
+
[Full Changelog](https://github.com/smortex/internet_security_event/compare/v2.0.0...v3.0.0)
|
|
11
|
+
|
|
12
|
+
**Breaking changes:**
|
|
13
|
+
|
|
14
|
+
- Add support for verifying CRL [\#4](https://github.com/smortex/internet_security_event/pull/4) ([smortex](https://github.com/smortex))
|
|
15
|
+
|
|
16
|
+
## [v2.0.0](https://github.com/smortex/internet_security_event/tree/v2.0.0) (2022-07-16)
|
|
17
|
+
|
|
18
|
+
[Full Changelog](https://github.com/smortex/internet_security_event/compare/v1.2.1...v2.0.0)
|
|
19
|
+
|
|
20
|
+
**Breaking changes:**
|
|
21
|
+
|
|
22
|
+
- Bump activesupport to 6.x [\#2](https://github.com/smortex/internet_security_event/pull/2) ([smortex](https://github.com/smortex))
|
|
23
|
+
|
|
24
|
+
**Merged pull requests:**
|
|
25
|
+
|
|
26
|
+
- Integrate github\_changelog\_generator [\#1](https://github.com/smortex/internet_security_event/pull/1) ([smortex](https://github.com/smortex))
|
|
27
|
+
|
|
28
|
+
## [v1.2.1] - 2022-07-15
|
|
9
29
|
|
|
10
30
|
### Changed
|
|
11
31
|
- Emit a `warning` state instead of a `warn` state to match Riemann wording.
|
|
12
32
|
|
|
13
|
-
## [
|
|
33
|
+
## [v1.2.0] - 2019-02-28
|
|
14
34
|
|
|
15
35
|
### Changed
|
|
16
36
|
- Rely on `OpenSSL::SSL.verify_certificate_identity` to check that a certificate
|
|
17
37
|
is valid for the provided hostname.
|
|
18
38
|
|
|
19
|
-
## [
|
|
39
|
+
## [v1.1.0] - 2019-02-21
|
|
20
40
|
|
|
21
41
|
### Added
|
|
22
42
|
- Add basic suport for TLSA events.
|
|
23
43
|
|
|
24
|
-
## [
|
|
44
|
+
## [v1.0.2] - 2019-02-21
|
|
25
45
|
|
|
26
46
|
### Changed
|
|
27
47
|
- Fix checking of TLS hostnames with wildcard certificates.
|
|
28
48
|
|
|
29
|
-
## [
|
|
49
|
+
## [v1.0.1] - 2019-02-18
|
|
30
50
|
|
|
31
51
|
### Changed
|
|
32
52
|
- Improve the way TLS certificates state is computed.
|
|
33
53
|
|
|
34
|
-
[
|
|
35
|
-
[
|
|
36
|
-
[
|
|
37
|
-
[
|
|
38
|
-
[
|
|
54
|
+
[v1.2.1]: https://github.com/smortex/internet_security_event/compare/v1.2.0...v1.2.1
|
|
55
|
+
[v1.2.0]: https://github.com/smortex/internet_security_event/compare/v1.1.0...v1.2.0
|
|
56
|
+
[v1.1.0]: https://github.com/smortex/internet_security_event/compare/v1.0.2...v1.1.0
|
|
57
|
+
[v1.0.2]: https://github.com/smortex/internet_security_event/compare/v1.0.1...v1.0.2
|
|
58
|
+
[v1.0.1]: https://github.com/smortex/internet_security_event/compare/v1.0.0...v1.0.1
|
|
59
|
+
|
|
60
|
+
|
|
61
|
+
\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
|
data/HISTORY.md
ADDED
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
## [v1.2.1] - 2022-07-15
|
|
2
|
+
|
|
3
|
+
### Changed
|
|
4
|
+
- Emit a `warning` state instead of a `warn` state to match Riemann wording.
|
|
5
|
+
|
|
6
|
+
## [v1.2.0] - 2019-02-28
|
|
7
|
+
|
|
8
|
+
### Changed
|
|
9
|
+
- Rely on `OpenSSL::SSL.verify_certificate_identity` to check that a certificate
|
|
10
|
+
is valid for the provided hostname.
|
|
11
|
+
|
|
12
|
+
## [v1.1.0] - 2019-02-21
|
|
13
|
+
|
|
14
|
+
### Added
|
|
15
|
+
- Add basic suport for TLSA events.
|
|
16
|
+
|
|
17
|
+
## [v1.0.2] - 2019-02-21
|
|
18
|
+
|
|
19
|
+
### Changed
|
|
20
|
+
- Fix checking of TLS hostnames with wildcard certificates.
|
|
21
|
+
|
|
22
|
+
## [v1.0.1] - 2019-02-18
|
|
23
|
+
|
|
24
|
+
### Changed
|
|
25
|
+
- Improve the way TLS certificates state is computed.
|
|
26
|
+
|
|
27
|
+
[v1.2.1]: https://github.com/smortex/internet_security_event/compare/v1.2.0...v1.2.1
|
|
28
|
+
[v1.2.0]: https://github.com/smortex/internet_security_event/compare/v1.1.0...v1.2.0
|
|
29
|
+
[v1.1.0]: https://github.com/smortex/internet_security_event/compare/v1.0.2...v1.1.0
|
|
30
|
+
[v1.0.2]: https://github.com/smortex/internet_security_event/compare/v1.0.1...v1.0.2
|
|
31
|
+
[v1.0.1]: https://github.com/smortex/internet_security_event/compare/v1.0.0...v1.0.1
|
data/Rakefile
CHANGED
|
@@ -1,8 +1,27 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'bundler/gem_tasks'
|
|
4
|
+
require 'github_changelog_generator/task'
|
|
4
5
|
require 'rspec/core/rake_task'
|
|
5
6
|
|
|
6
7
|
RSpec::Core::RakeTask.new(:spec)
|
|
7
8
|
|
|
9
|
+
GitHubChangelogGenerator::RakeTask.new :changelog do |config|
|
|
10
|
+
config.header = <<~HEADER.chomp
|
|
11
|
+
# Changelog
|
|
12
|
+
|
|
13
|
+
All notable changes to this project will be documented in this file.
|
|
14
|
+
|
|
15
|
+
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
|
|
16
|
+
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
17
|
+
HEADER
|
|
18
|
+
config.exclude_labels = %w[duplicate question invalid wontfix wont-fix skip-changelog ignore]
|
|
19
|
+
config.user = 'smortex'
|
|
20
|
+
config.project = 'internet_security_event'
|
|
21
|
+
config.since_tag = 'v1.2.1'
|
|
22
|
+
config.issues = false
|
|
23
|
+
require 'internet_security_event/version'
|
|
24
|
+
config.future_release = "v#{InternetSecurityEvent::VERSION}"
|
|
25
|
+
end
|
|
26
|
+
|
|
8
27
|
task default: :spec
|
|
@@ -24,9 +24,10 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
25
25
|
spec.require_paths = ['lib']
|
|
26
26
|
|
|
27
|
-
spec.add_dependency 'activesupport', '~>
|
|
27
|
+
spec.add_dependency 'activesupport', '~> 6.0'
|
|
28
28
|
|
|
29
29
|
spec.add_development_dependency 'bundler'
|
|
30
|
+
spec.add_development_dependency 'github_changelog_generator'
|
|
30
31
|
spec.add_development_dependency 'rake'
|
|
31
32
|
spec.add_development_dependency 'rspec'
|
|
32
33
|
spec.add_development_dependency 'rubocop'
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require 'internet_security_event/
|
|
3
|
+
require 'internet_security_event/x509_certificate_status'
|
|
4
4
|
|
|
5
5
|
module InternetSecurityEvent
|
|
6
|
-
class TLSStatus <
|
|
6
|
+
class TLSStatus < X509CertificateStatus
|
|
7
|
+
attr_reader :hostname
|
|
8
|
+
|
|
7
9
|
def initialize(hostname, certificate)
|
|
8
10
|
@hostname = hostname
|
|
9
11
|
super(certificate)
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'internet_security_event/x509_status'
|
|
4
|
+
|
|
5
|
+
module InternetSecurityEvent
|
|
6
|
+
class X509CertificateRevocationListStatus < X509Status
|
|
7
|
+
attr_reader :crl
|
|
8
|
+
|
|
9
|
+
def initialize(crl)
|
|
10
|
+
@crl = crl
|
|
11
|
+
|
|
12
|
+
super()
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def description
|
|
16
|
+
super('crl')
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def to_e
|
|
20
|
+
super.merge({
|
|
21
|
+
issuer: crl.issuer.to_s,
|
|
22
|
+
last_update: crl.last_update.to_s,
|
|
23
|
+
next_update: crl.next_update.to_s,
|
|
24
|
+
})
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
private
|
|
28
|
+
|
|
29
|
+
def not_before
|
|
30
|
+
crl.last_update
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def not_after
|
|
34
|
+
crl.next_update
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'internet_security_event/x509_status'
|
|
4
|
+
|
|
5
|
+
module InternetSecurityEvent
|
|
6
|
+
class X509CertificateStatus < X509Status
|
|
7
|
+
attr_reader :certificate
|
|
8
|
+
|
|
9
|
+
def initialize(certificate)
|
|
10
|
+
@certificate = certificate
|
|
11
|
+
|
|
12
|
+
super()
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def description
|
|
16
|
+
super('certificate')
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def to_e
|
|
20
|
+
super.merge({
|
|
21
|
+
subject: certificate.subject.to_s,
|
|
22
|
+
issuer: certificate.issuer.to_s,
|
|
23
|
+
serial: certificate.serial.to_i,
|
|
24
|
+
not_before: certificate.not_before.to_s,
|
|
25
|
+
not_after: certificate.not_after.to_s,
|
|
26
|
+
})
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
private
|
|
30
|
+
|
|
31
|
+
def not_before
|
|
32
|
+
certificate.not_before
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def not_after
|
|
36
|
+
certificate.not_after
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
@@ -4,27 +4,20 @@ require 'active_support/core_ext/numeric/time'
|
|
|
4
4
|
|
|
5
5
|
module InternetSecurityEvent
|
|
6
6
|
class X509Status
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
def self.build(certificate)
|
|
14
|
-
obj = new(certificate)
|
|
7
|
+
def self.build(object)
|
|
8
|
+
obj = if object.is_a?(OpenSSL::X509::Certificate)
|
|
9
|
+
X509CertificateStatus.new(object)
|
|
10
|
+
elsif object.is_a?(OpenSSL::X509::CRL)
|
|
11
|
+
X509CertificateRevocationListStatus.new(object)
|
|
12
|
+
end
|
|
15
13
|
obj.to_e
|
|
16
14
|
end
|
|
17
15
|
|
|
18
|
-
def to_e
|
|
16
|
+
def to_e
|
|
19
17
|
{
|
|
20
18
|
state: state,
|
|
21
19
|
description: description,
|
|
22
20
|
metric: metric,
|
|
23
|
-
subject: certificate.subject.to_s,
|
|
24
|
-
issuer: certificate.issuer.to_s,
|
|
25
|
-
serial: certificate.serial.to_i,
|
|
26
|
-
not_before: certificate.not_before.to_s,
|
|
27
|
-
not_after: certificate.not_after.to_s,
|
|
28
21
|
}
|
|
29
22
|
end
|
|
30
23
|
|
|
@@ -34,11 +27,15 @@ module InternetSecurityEvent
|
|
|
34
27
|
|
|
35
28
|
private
|
|
36
29
|
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
30
|
+
# Define these method in sub-classes
|
|
31
|
+
# def not_before; end
|
|
32
|
+
# def not_after; end
|
|
33
|
+
|
|
34
|
+
def description(name)
|
|
35
|
+
return "#{name} will become valid in #{distance_of_time_in_words_to_now(not_before)}" if not_valid_yet?
|
|
36
|
+
return "#{name} has expired #{distance_of_time_in_words_to_now(not_after)} ago" if expired?
|
|
40
37
|
|
|
41
|
-
"
|
|
38
|
+
"#{name} will expire in #{distance_of_time_in_words_to_now(not_after)}"
|
|
42
39
|
end
|
|
43
40
|
|
|
44
41
|
def state
|
|
@@ -52,27 +49,27 @@ module InternetSecurityEvent
|
|
|
52
49
|
end
|
|
53
50
|
|
|
54
51
|
def metric
|
|
55
|
-
|
|
52
|
+
not_after - now
|
|
56
53
|
end
|
|
57
54
|
|
|
58
55
|
def not_valid_yet?
|
|
59
|
-
now <
|
|
56
|
+
now < not_before
|
|
60
57
|
end
|
|
61
58
|
|
|
62
59
|
def expired_or_expire_soon?
|
|
63
|
-
now + renewal_duration / 3 >
|
|
60
|
+
now + renewal_duration / 3 > not_after
|
|
64
61
|
end
|
|
65
62
|
|
|
66
63
|
def expired?
|
|
67
|
-
now >
|
|
64
|
+
now > not_after
|
|
68
65
|
end
|
|
69
66
|
|
|
70
67
|
def expire_soonish?
|
|
71
|
-
now + 2 * renewal_duration / 3 >
|
|
68
|
+
now + 2 * renewal_duration / 3 > not_after
|
|
72
69
|
end
|
|
73
70
|
|
|
74
71
|
def validity_duration
|
|
75
|
-
|
|
72
|
+
not_after - not_before
|
|
76
73
|
end
|
|
77
74
|
|
|
78
75
|
def now
|
|
@@ -4,4 +4,6 @@ require 'internet_security_event/now'
|
|
|
4
4
|
require 'internet_security_event/tls_status'
|
|
5
5
|
require 'internet_security_event/tlsa_status'
|
|
6
6
|
require 'internet_security_event/x509_status'
|
|
7
|
+
require 'internet_security_event/x509_certificate_status'
|
|
8
|
+
require 'internet_security_event/x509_certificate_revocation_list_status'
|
|
7
9
|
require 'resolv/dns/resource/in/tlsa'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: internet_security_event
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 3.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Romain Tartière
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-04-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
19
|
+
version: '6.0'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '
|
|
26
|
+
version: '6.0'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: bundler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -38,6 +38,20 @@ dependencies:
|
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: github_changelog_generator
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
type: :development
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ">="
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '0'
|
|
41
55
|
- !ruby/object:Gem::Dependency
|
|
42
56
|
name: rake
|
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -136,6 +150,7 @@ files:
|
|
|
136
150
|
- CHANGELOG.md
|
|
137
151
|
- CODE_OF_CONDUCT.md
|
|
138
152
|
- Gemfile
|
|
153
|
+
- HISTORY.md
|
|
139
154
|
- LICENSE.txt
|
|
140
155
|
- README.md
|
|
141
156
|
- Rakefile
|
|
@@ -147,6 +162,8 @@ files:
|
|
|
147
162
|
- lib/internet_security_event/tls_status.rb
|
|
148
163
|
- lib/internet_security_event/tlsa_status.rb
|
|
149
164
|
- lib/internet_security_event/version.rb
|
|
165
|
+
- lib/internet_security_event/x509_certificate_revocation_list_status.rb
|
|
166
|
+
- lib/internet_security_event/x509_certificate_status.rb
|
|
150
167
|
- lib/internet_security_event/x509_status.rb
|
|
151
168
|
- lib/resolv/dns/resource/in/tlsa.rb
|
|
152
169
|
homepage: https://github.com/smortex/internet_security_event
|
|
@@ -168,7 +185,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
168
185
|
- !ruby/object:Gem::Version
|
|
169
186
|
version: '0'
|
|
170
187
|
requirements: []
|
|
171
|
-
rubygems_version: 3.
|
|
188
|
+
rubygems_version: 3.4.10
|
|
172
189
|
signing_key:
|
|
173
190
|
specification_version: 4
|
|
174
191
|
summary: Build events describing the status of various internet services
|