rspec-ssltls 0.0.7 → 0.0.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +11 -0
- data/lib/rspec_ssltls/have_certificate.rb +5 -1
- data/lib/rspec_ssltls/support_cipher.rb +5 -1
- data/lib/rspec_ssltls/support_protocol.rb +5 -1
- data/lib/rspec_ssltls/util.rb +26 -0
- data/lib/rspec_ssltls/version.rb +1 -1
- data/rspec-ssltls.gemspec +1 -0
- data/spec/rspec_ssltls/have_certificate_spec.rb +10 -0
- data/spec/rspec_ssltls/support_cipher_spec.rb +17 -0
- data/spec/rspec_ssltls/support_protocol_spec.rb +14 -0
- data/spec/spec_helper.rb +1 -1
- metadata +17 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 670209d5f9d2bb9fafd5711d927641df20136381
|
4
|
+
data.tar.gz: 589620f5cdbf716fe7ed791613605531d92dc202
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 087229fa195509fcf3c0d10a81ffc1a472491ee574463f6f87d60f99d7714e4aa93b3628076415710cb63bc9862c70adf9a17b051f3ec0e9e3d54ccec1f037bb
|
7
|
+
data.tar.gz: 925215f039568cef80cf861ea44389060f32cea32bc363e8bf8347143620632b7fa4e346027010208533f9735dbf6b8c467b03c0ace7f594603b9be06954a479
|
data/README.md
CHANGED
@@ -45,6 +45,17 @@ describe 'www.example.com:443' do
|
|
45
45
|
end
|
46
46
|
```
|
47
47
|
|
48
|
+
You can use `via_proxy` chain to specify https_proxy server.
|
49
|
+
```ruby
|
50
|
+
describe 'www.example.com:443' do
|
51
|
+
it do
|
52
|
+
is_expected.to have_certificate
|
53
|
+
.subject(CN: '*.example.com').valid_at('2020/09/12 19:00:05 JST')
|
54
|
+
.via_proxy('http://user:pass@proxy.example.com/')
|
55
|
+
end
|
56
|
+
end
|
57
|
+
```
|
58
|
+
|
48
59
|
You can use followings for `support_protocol` and `support_cipher.protocol`:
|
49
60
|
```
|
50
61
|
OpenSSL::SSL::SSLContext::METHODS
|
@@ -8,7 +8,7 @@ RSpec::Matchers.define :have_certificate do
|
|
8
8
|
@result_string ||= ''
|
9
9
|
@chain_number ||= 0
|
10
10
|
uri = URI.parse('https://' + dest)
|
11
|
-
socket =
|
11
|
+
socket = RspecSsltls::Util.open_socket(uri, proxy: @proxy)
|
12
12
|
ssl_context = OpenSSL::SSL::SSLContext.new
|
13
13
|
ssl_context.verify_mode = @verify_mode if @verify_mode
|
14
14
|
ssl_context.cert_store = @cert_store if @cert_store
|
@@ -73,6 +73,10 @@ RSpec::Matchers.define :have_certificate do
|
|
73
73
|
@signature_algorithm = s
|
74
74
|
end
|
75
75
|
|
76
|
+
chain :via_proxy do |proxy|
|
77
|
+
@proxy = proxy
|
78
|
+
end
|
79
|
+
|
76
80
|
def valid_cert?
|
77
81
|
@result_cert = {}
|
78
82
|
@result_cert.merge!(subject: valid_identifier?(:subject, @subject))
|
@@ -15,7 +15,7 @@ RSpec::Matchers.define :support_cipher do |cipher|
|
|
15
15
|
uri = URI.parse('https://' + dest)
|
16
16
|
|
17
17
|
@cipher.each do |ci|
|
18
|
-
socket =
|
18
|
+
socket = RspecSsltls::Util.open_socket(uri, proxy: @proxy)
|
19
19
|
ssl_context = OpenSSL::SSL::SSLContext.new(@protocol)
|
20
20
|
ssl_context.ciphers = [ci]
|
21
21
|
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
|
@@ -41,6 +41,10 @@ RSpec::Matchers.define :support_cipher do |cipher|
|
|
41
41
|
RspecSsltls::Util.add_string(@chain_string, "on #{@protocol}")
|
42
42
|
end
|
43
43
|
|
44
|
+
chain :via_proxy do |proxy|
|
45
|
+
@proxy = proxy
|
46
|
+
end
|
47
|
+
|
44
48
|
description do
|
45
49
|
"support cipher #{@cipher.to_a.join(', ')}#{@chain_string}"
|
46
50
|
end
|
@@ -14,7 +14,7 @@ RSpec::Matchers.define :support_protocol do |protocol|
|
|
14
14
|
uri = URI.parse('https://' + dest)
|
15
15
|
|
16
16
|
@protocol.each do |pr|
|
17
|
-
socket =
|
17
|
+
socket = RspecSsltls::Util.open_socket(uri, proxy: @proxy)
|
18
18
|
ssl_context = OpenSSL::SSL::SSLContext.new(pr)
|
19
19
|
ssl_context.ciphers = ['ALL']
|
20
20
|
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
|
@@ -32,6 +32,10 @@ RSpec::Matchers.define :support_protocol do |protocol|
|
|
32
32
|
(@protocol - @supported_protocol).size == 0
|
33
33
|
end
|
34
34
|
|
35
|
+
chain :via_proxy do |proxy|
|
36
|
+
@proxy = proxy
|
37
|
+
end
|
38
|
+
|
35
39
|
description do
|
36
40
|
"support protocol #{@protocol.to_a.join(', ')}"
|
37
41
|
end
|
data/lib/rspec_ssltls/util.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'net/ssh/proxy/http'
|
2
|
+
|
1
3
|
# Easily test your SSL/TLS with RSpec.
|
2
4
|
module RspecSsltls
|
3
5
|
# Utility class
|
@@ -17,5 +19,29 @@ module RspecSsltls
|
|
17
19
|
OpenSSL::SSL::SSLContext::METHODS.map { |a| a.to_s })
|
18
20
|
invalid_protocol.size > 0 ? invalid_protocol : nil
|
19
21
|
end
|
22
|
+
|
23
|
+
def self.open_socket(uri, options = {})
|
24
|
+
if options[:proxy]
|
25
|
+
proxy_uri = build_uri(options[:proxy])
|
26
|
+
proxy_server = Net::SSH::Proxy::HTTP.new(proxy_uri.host,
|
27
|
+
proxy_uri.host,
|
28
|
+
user: proxy_uri.user,
|
29
|
+
password: proxy_uri.password)
|
30
|
+
proxy_server.open(uri.host, uri.port)
|
31
|
+
else
|
32
|
+
TCPSocket.open(uri.host, uri.port)
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def self.build_uri(source)
|
37
|
+
if source.is_a?(String)
|
38
|
+
source = 'http://' + source unless source.start_with?('http://')
|
39
|
+
URI.parse(source)
|
40
|
+
else
|
41
|
+
source
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
private_class_method :build_uri
|
20
46
|
end
|
21
47
|
end
|
data/lib/rspec_ssltls/version.rb
CHANGED
data/rspec-ssltls.gemspec
CHANGED
@@ -18,6 +18,7 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
19
|
spec.require_paths = ['lib']
|
20
20
|
spec.add_dependency 'rspec', '>= 2.9'
|
21
|
+
spec.add_dependency 'net-ssh', '~> 2.9.2'
|
21
22
|
|
22
23
|
spec.add_development_dependency 'bundler', '>= 1.6'
|
23
24
|
spec.add_development_dependency 'rake', '~> 10.0'
|
@@ -24,6 +24,16 @@ describe 'rspec-ssltls matchers' do
|
|
24
24
|
expect('www.example.com:443').to have_certificate
|
25
25
|
end
|
26
26
|
|
27
|
+
## Having certificate via proxy
|
28
|
+
it 'can evalutate having certificate via proxy' do
|
29
|
+
https_proxy = 'http://user:pass@proxy.example.com/'
|
30
|
+
stub_ssl_socket(peer_cert_chain: [nil])
|
31
|
+
expect('www.example.com:443').not_to(have_certificate
|
32
|
+
.via_proxy(https_proxy))
|
33
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
34
|
+
expect('www.example.com:443').to have_certificate.via_proxy(https_proxy)
|
35
|
+
end
|
36
|
+
|
27
37
|
## Subject
|
28
38
|
it 'can evalutate having certificate subject' do
|
29
39
|
stub_ssl_socket(peer_cert_chain: [example_cert])
|
@@ -16,6 +16,23 @@ describe 'rspec-ssltls matchers' do
|
|
16
16
|
expect('www.example.com:443')
|
17
17
|
.not_to support_cipher('AES256-SHA')
|
18
18
|
end
|
19
|
+
|
20
|
+
it 'can evalutate support cipher via proxy' do
|
21
|
+
https_proxy = 'http://user:pass@proxy.example.com/'
|
22
|
+
stub_ssl_socket(cipher: ['DES-CBC3-SHA', 'TLSv1/SSLv3', 168, 168])
|
23
|
+
expect('www.example.com:443')
|
24
|
+
.to support_cipher('DES-CBC3-SHA').via_proxy(https_proxy)
|
25
|
+
|
26
|
+
stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
|
27
|
+
expect('www.example.com:443')
|
28
|
+
.to(support_cipher(['AES256-SHA', 'DES-CBC3-SHA'])
|
29
|
+
.via_proxy(https_proxy))
|
30
|
+
|
31
|
+
stub_ssl_socket(cipher: nil)
|
32
|
+
expect('www.example.com:443')
|
33
|
+
.not_to support_cipher('AES256-SHA').via_proxy(https_proxy)
|
34
|
+
end
|
35
|
+
|
19
36
|
it 'can evalutate support cipher specified with protocol' do
|
20
37
|
stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
|
21
38
|
expect('www.example.com:443')
|
@@ -20,6 +20,20 @@ describe 'rspec-ssltls matchers' do
|
|
20
20
|
expect('www.example.com:443').not_to support_protocol([:TLSv1, 'SSLv3'])
|
21
21
|
end
|
22
22
|
|
23
|
+
it 'can evalutate support protocol via_proxy' do
|
24
|
+
https_proxy = 'http://user:pass@proxy.example.com/'
|
25
|
+
stub_ssl_socket(ssl_version: 'TLSv1')
|
26
|
+
expect('www.example.com:443').to(support_protocol('TLSv1')
|
27
|
+
.via_proxy(https_proxy))
|
28
|
+
expect('www.example.com:443').to(support_protocol(:TLSv1)
|
29
|
+
.via_proxy(https_proxy))
|
30
|
+
stub_ssl_socket(ssl_version: nil)
|
31
|
+
expect('www.example.com:443').not_to(support_protocol('SSLv3')
|
32
|
+
.via_proxy(https_proxy))
|
33
|
+
expect('www.example.com:443').not_to(support_protocol([:TLSv1, 'SSLv3'])
|
34
|
+
.via_proxy(https_proxy))
|
35
|
+
end
|
36
|
+
|
23
37
|
it do
|
24
38
|
# show default description
|
25
39
|
stub_ssl_socket(ssl_version: 'TLSv1')
|
data/spec/spec_helper.rb
CHANGED
@@ -18,7 +18,7 @@ require 'openssl'
|
|
18
18
|
require 'fileutils'
|
19
19
|
|
20
20
|
def stub_ssl_socket(params = nil)
|
21
|
-
allow(
|
21
|
+
allow(RspecSsltls::Util).to receive(:open_socket).and_return(nil)
|
22
22
|
allow(OpenSSL::SSL::SSLSocket).to receive(:new) do
|
23
23
|
ssl_socket = double('ssl_socket')
|
24
24
|
allow(ssl_socket).to receive(:method_missing).and_return(nil)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rspec-ssltls
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OTA Hiroshi
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2015-01-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|
@@ -24,6 +24,20 @@ dependencies:
|
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '2.9'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: net-ssh
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 2.9.2
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 2.9.2
|
27
41
|
- !ruby/object:Gem::Dependency
|
28
42
|
name: bundler
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -141,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
141
155
|
version: '0'
|
142
156
|
requirements: []
|
143
157
|
rubyforge_project:
|
144
|
-
rubygems_version: 2.
|
158
|
+
rubygems_version: 2.4.5
|
145
159
|
signing_key:
|
146
160
|
specification_version: 4
|
147
161
|
summary: Easily test your SSL/TLS with RSpec.
|