rspec-ssltls 0.0.7 → 0.0.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 22a5bfa0f3ceeea792d4ea2afaaf3b47602062af
-  data.tar.gz: 4a321f42d84d785870a4deef599e9c05a9c78216
+  metadata.gz: 670209d5f9d2bb9fafd5711d927641df20136381
+  data.tar.gz: 589620f5cdbf716fe7ed791613605531d92dc202
 SHA512:
-  metadata.gz: 324e3e06008f554cbd7386958106ce95249a48ed7db37f5cbc2ed2c05e49d42fd2a2a917c2202ff7c867d1fdb5cdd7c813add31da11f0599c8092f6731b79e5e
-  data.tar.gz: 57db920d7b9793975f26ba5b99941bdcb6efdb8b386b3d84191c94fa4fb6e5ff6ad3ea3ac44a6b8c0ce682855d4e87c19db036e09e11eab472c58d59613558e0
+  metadata.gz: 087229fa195509fcf3c0d10a81ffc1a472491ee574463f6f87d60f99d7714e4aa93b3628076415710cb63bc9862c70adf9a17b051f3ec0e9e3d54ccec1f037bb
+  data.tar.gz: 925215f039568cef80cf861ea44389060f32cea32bc363e8bf8347143620632b7fa4e346027010208533f9735dbf6b8c467b03c0ace7f594603b9be06954a479

data/README.md

@@ -45,6 +45,17 @@ describe 'www.example.com:443' do
 end
 ```
 
+You can use `via_proxy` chain to specify https_proxy server.
+```ruby
+describe 'www.example.com:443' do
+  it do
+    is_expected.to have_certificate
+      .subject(CN: '*.example.com').valid_at('2020/09/12 19:00:05 JST')
+      .via_proxy('http://user:pass@proxy.example.com/')
+  end
+end
+```
+
 You can use followings for `support_protocol` and `support_cipher.protocol`:
 ```
  OpenSSL::SSL::SSLContext::METHODS

data/lib/rspec_ssltls/have_certificate.rb

@@ -8,7 +8,7 @@ RSpec::Matchers.define :have_certificate do
     @result_string ||= ''
     @chain_number  ||= 0
     uri = URI.parse('https://' + dest)
-    socket = TCPSocket.open(uri.host, uri.port)
+    socket = RspecSsltls::Util.open_socket(uri, proxy: @proxy)
     ssl_context = OpenSSL::SSL::SSLContext.new
     ssl_context.verify_mode = @verify_mode if @verify_mode
     ssl_context.cert_store  = @cert_store  if @cert_store
@@ -73,6 +73,10 @@ RSpec::Matchers.define :have_certificate do
     @signature_algorithm = s
   end
 
+  chain :via_proxy do |proxy|
+    @proxy = proxy
+  end
+
   def valid_cert?
     @result_cert = {}
     @result_cert.merge!(subject: valid_identifier?(:subject, @subject))

data/lib/rspec_ssltls/support_cipher.rb

@@ -15,7 +15,7 @@ RSpec::Matchers.define :support_cipher do |cipher|
     uri = URI.parse('https://' + dest)
 
     @cipher.each do |ci|
-      socket = TCPSocket.open(uri.host, uri.port)
+      socket = RspecSsltls::Util.open_socket(uri, proxy: @proxy)
       ssl_context = OpenSSL::SSL::SSLContext.new(@protocol)
       ssl_context.ciphers = [ci]
       ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
@@ -41,6 +41,10 @@ RSpec::Matchers.define :support_cipher do |cipher|
       RspecSsltls::Util.add_string(@chain_string, "on #{@protocol}")
   end
 
+  chain :via_proxy do |proxy|
+    @proxy = proxy
+  end
+
   description do
     "support cipher #{@cipher.to_a.join(', ')}#{@chain_string}"
   end

data/lib/rspec_ssltls/support_protocol.rb

@@ -14,7 +14,7 @@ RSpec::Matchers.define :support_protocol do |protocol|
     uri = URI.parse('https://' + dest)
 
     @protocol.each do |pr|
-      socket = TCPSocket.open(uri.host, uri.port)
+      socket = RspecSsltls::Util.open_socket(uri, proxy: @proxy)
       ssl_context = OpenSSL::SSL::SSLContext.new(pr)
       ssl_context.ciphers = ['ALL']
       ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
@@ -32,6 +32,10 @@ RSpec::Matchers.define :support_protocol do |protocol|
     (@protocol - @supported_protocol).size == 0
   end
 
+  chain :via_proxy do |proxy|
+    @proxy = proxy
+  end
+
   description do
     "support protocol #{@protocol.to_a.join(', ')}"
   end

data/lib/rspec_ssltls/util.rb

@@ -1,3 +1,5 @@
+require 'net/ssh/proxy/http'
+
 # Easily test your SSL/TLS with RSpec.
 module RspecSsltls
   # Utility class
@@ -17,5 +19,29 @@ module RspecSsltls
           OpenSSL::SSL::SSLContext::METHODS.map { |a| a.to_s })
       invalid_protocol.size > 0 ? invalid_protocol : nil
     end
+
+    def self.open_socket(uri, options = {})
+      if options[:proxy]
+        proxy_uri = build_uri(options[:proxy])
+        proxy_server = Net::SSH::Proxy::HTTP.new(proxy_uri.host,
+                                                 proxy_uri.host,
+                                                 user: proxy_uri.user,
+                                                 password: proxy_uri.password)
+        proxy_server.open(uri.host, uri.port)
+      else
+        TCPSocket.open(uri.host, uri.port)
+      end
+    end
+
+    def self.build_uri(source)
+      if source.is_a?(String)
+        source = 'http://' + source unless source.start_with?('http://')
+        URI.parse(source)
+      else
+        source
+      end
+    end
+
+    private_class_method :build_uri
   end
 end

data/lib/rspec_ssltls/version.rb

@@ -1,4 +1,4 @@
 # Easily test your SSL/TLS with RSpec.
 module RspecSsltls
-  VERSION = '0.0.7'
+  VERSION = '0.0.8'
 end

data/rspec-ssltls.gemspec

@@ -18,6 +18,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
   spec.add_dependency 'rspec', '>= 2.9'
+  spec.add_dependency 'net-ssh', '~> 2.9.2'
 
   spec.add_development_dependency 'bundler', '>= 1.6'
   spec.add_development_dependency 'rake', '~> 10.0'

data/spec/rspec_ssltls/have_certificate_spec.rb

@@ -24,6 +24,16 @@ describe 'rspec-ssltls matchers' do
       expect('www.example.com:443').to have_certificate
     end
 
+    ## Having certificate via proxy
+    it 'can evalutate having certificate via proxy' do
+      https_proxy = 'http://user:pass@proxy.example.com/'
+      stub_ssl_socket(peer_cert_chain: [nil])
+      expect('www.example.com:443').not_to(have_certificate
+                                             .via_proxy(https_proxy))
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate.via_proxy(https_proxy)
+    end
+
     ## Subject
     it 'can evalutate having certificate subject' do
       stub_ssl_socket(peer_cert_chain: [example_cert])

data/spec/rspec_ssltls/support_cipher_spec.rb

@@ -16,6 +16,23 @@ describe 'rspec-ssltls matchers' do
       expect('www.example.com:443')
         .not_to support_cipher('AES256-SHA')
     end
+
+    it 'can evalutate support cipher via proxy' do
+      https_proxy = 'http://user:pass@proxy.example.com/'
+      stub_ssl_socket(cipher: ['DES-CBC3-SHA', 'TLSv1/SSLv3', 168, 168])
+      expect('www.example.com:443')
+        .to support_cipher('DES-CBC3-SHA').via_proxy(https_proxy)
+
+      stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
+      expect('www.example.com:443')
+        .to(support_cipher(['AES256-SHA', 'DES-CBC3-SHA'])
+              .via_proxy(https_proxy))
+
+      stub_ssl_socket(cipher: nil)
+      expect('www.example.com:443')
+        .not_to support_cipher('AES256-SHA').via_proxy(https_proxy)
+    end
+
     it 'can evalutate support cipher specified with protocol' do
       stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
       expect('www.example.com:443')

data/spec/rspec_ssltls/support_protocol_spec.rb

@@ -20,6 +20,20 @@ describe 'rspec-ssltls matchers' do
       expect('www.example.com:443').not_to support_protocol([:TLSv1, 'SSLv3'])
     end
 
+    it 'can evalutate support protocol via_proxy' do
+      https_proxy = 'http://user:pass@proxy.example.com/'
+      stub_ssl_socket(ssl_version: 'TLSv1')
+      expect('www.example.com:443').to(support_protocol('TLSv1')
+                                         .via_proxy(https_proxy))
+      expect('www.example.com:443').to(support_protocol(:TLSv1)
+                                         .via_proxy(https_proxy))
+      stub_ssl_socket(ssl_version: nil)
+      expect('www.example.com:443').not_to(support_protocol('SSLv3')
+                                             .via_proxy(https_proxy))
+      expect('www.example.com:443').not_to(support_protocol([:TLSv1, 'SSLv3'])
+                                             .via_proxy(https_proxy))
+    end
+
     it do
       # show default description
       stub_ssl_socket(ssl_version: 'TLSv1')

data/spec/spec_helper.rb

@@ -18,7 +18,7 @@ require 'openssl'
 require 'fileutils'
 
 def stub_ssl_socket(params = nil)
-  allow(TCPSocket).to receive(:open).and_return(nil)
+  allow(RspecSsltls::Util).to receive(:open_socket).and_return(nil)
   allow(OpenSSL::SSL::SSLSocket).to receive(:new) do
     ssl_socket = double('ssl_socket')
     allow(ssl_socket).to receive(:method_missing).and_return(nil)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rspec-ssltls
 version: !ruby/object:Gem::Version
-  version: 0.0.7
+  version: 0.0.8
 platform: ruby
 authors:
 - OTA Hiroshi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-02 00:00:00.000000000 Z
+date: 2015-01-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '2.9'
+- !ruby/object:Gem::Dependency
+  name: net-ssh
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.9.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.9.2
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -141,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: Easily test your SSL/TLS with RSpec.