rspec-ssltls 0.0.9 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +0 -0
- data/.rspec +0 -0
- data/.rubocop.yml +0 -0
- data/.travis.yml +0 -0
- data/Gemfile +0 -0
- data/LICENSE.txt +0 -0
- data/README.md +16 -0
- data/RELEASE_NOTES.md +6 -0
- data/Rakefile +0 -0
- data/lib/rspec_ssltls.rb +5 -0
- data/lib/rspec_ssltls/choose_cipher.rb +67 -0
- data/lib/rspec_ssltls/have_certificate.rb +0 -0
- data/lib/rspec_ssltls/support_cipher.rb +0 -0
- data/lib/rspec_ssltls/support_protocol.rb +0 -0
- data/lib/rspec_ssltls/util.rb +9 -2
- data/lib/rspec_ssltls/version.rb +1 -1
- data/rspec-ssltls.gemspec +0 -0
- data/spec/rspec_ssltls/choose_cipher_spec.rb +56 -0
- data/spec/rspec_ssltls/have_certificate_spec.rb +0 -0
- data/spec/rspec_ssltls/rspec_ssltls_spec.rb +0 -0
- data/spec/rspec_ssltls/support_cipher_spec.rb +0 -0
- data/spec/rspec_ssltls/support_protocol_spec.rb +0 -0
- data/spec/rspec_ssltls/util_spec.rb +13 -0
- data/spec/spec_helper.rb +0 -0
- metadata +7 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dd74365f4b4faac275c22d991e25685d8864be71
|
4
|
+
data.tar.gz: 41487c61568d72e48c292513e20ff18bef6fef79
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f00e6d65c837ace2f11ecfe5dbd7f1b2143b48ab826db9ad8e877a5bac12038921fccdb25df5a1be2037209abb00c75726d6902799158fbfcdd4ac34ad2b34a2
|
7
|
+
data.tar.gz: 774b28f3011cc7d58c469988a9da07b3227e4d8e76d5cb9ae853268582bf717b22e00e2a1c998748fdd07fcc4e5ace3353af3bd35f702304860a868b183c915a
|
data/.gitignore
CHANGED
File without changes
|
data/.rspec
CHANGED
File without changes
|
data/.rubocop.yml
CHANGED
File without changes
|
data/.travis.yml
CHANGED
File without changes
|
data/Gemfile
CHANGED
File without changes
|
data/LICENSE.txt
CHANGED
File without changes
|
data/README.md
CHANGED
@@ -42,6 +42,11 @@ describe 'www.example.com:443' do
|
|
42
42
|
it { is_expected.to support_protocol('TLSv1_2') }
|
43
43
|
it { is_expected.to support_cipher('AES256-SHA').protocol('TLSv1') }
|
44
44
|
it { is_expected.to support_cipher('DES-CBC3-SHA').protocol('SSLv3') }
|
45
|
+
it do
|
46
|
+
is_expected.to choose_cipher('DES-CBC3-SHA')
|
47
|
+
.protocol('TLSv1')
|
48
|
+
.from(['AES256-SHA', 'AES128-SHA', 'DES-CBC3-SHA'])
|
49
|
+
end
|
45
50
|
end
|
46
51
|
```
|
47
52
|
|
@@ -56,6 +61,17 @@ describe 'www.example.com:443' do
|
|
56
61
|
end
|
57
62
|
```
|
58
63
|
|
64
|
+
You can also specify https_proxy server with `RSpec.configuration.rspec_ssltls_https_proxy`
|
65
|
+
as global configuration.
|
66
|
+
```
|
67
|
+
RSpec.configuration.rspec_ssltls_https_proxy = 'http://proxy.example.com:3128'
|
68
|
+
|
69
|
+
```
|
70
|
+
or
|
71
|
+
```
|
72
|
+
RSpec.configuration.rspec_ssltls_https_proxy = ENV['https_proxy']
|
73
|
+
```
|
74
|
+
|
59
75
|
You can use followings for `support_protocol` and `support_cipher.protocol`:
|
60
76
|
```
|
61
77
|
OpenSSL::SSL::SSLContext::METHODS
|
data/RELEASE_NOTES.md
ADDED
data/Rakefile
CHANGED
File without changes
|
data/lib/rspec_ssltls.rb
CHANGED
@@ -3,7 +3,12 @@ require 'rspec/expectations'
|
|
3
3
|
require 'socket'
|
4
4
|
require 'openssl'
|
5
5
|
|
6
|
+
RSpec.configure do |c|
|
7
|
+
c.add_setting :rspec_ssltls_https_proxy, default: nil
|
8
|
+
end
|
9
|
+
|
6
10
|
require 'rspec_ssltls/util'
|
7
11
|
require 'rspec_ssltls/have_certificate'
|
8
12
|
require 'rspec_ssltls/support_protocol'
|
9
13
|
require 'rspec_ssltls/support_cipher'
|
14
|
+
require 'rspec_ssltls/choose_cipher'
|
@@ -0,0 +1,67 @@
|
|
1
|
+
require 'rspec_ssltls'
|
2
|
+
require 'uri'
|
3
|
+
|
4
|
+
# See Ciphers
|
5
|
+
# https://www.openssl.org/docs/apps/ciphers.html
|
6
|
+
|
7
|
+
RSpec::Matchers.define :choose_cipher do |cipher|
|
8
|
+
match do |dest|
|
9
|
+
fail 'No Argument Error.' unless cipher
|
10
|
+
@protocol ||= 'SSLv23'
|
11
|
+
@ciphers ||= ['ALL']
|
12
|
+
@expected_cipher = cipher
|
13
|
+
|
14
|
+
uri = URI.parse('https://' + dest)
|
15
|
+
|
16
|
+
socket = RspecSsltls::Util.open_socket(uri, proxy: @proxy)
|
17
|
+
ssl_context = OpenSSL::SSL::SSLContext.new(@protocol)
|
18
|
+
ssl_context.ciphers = @ciphers
|
19
|
+
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
|
20
|
+
ssl_socket.sync_close = true
|
21
|
+
result = false
|
22
|
+
begin
|
23
|
+
ssl_socket.connect
|
24
|
+
@actual_cipher = ssl_socket.cipher ? ssl_socket.cipher.first : nil
|
25
|
+
result = (cipher == @actual_cipher)
|
26
|
+
ssl_socket.close
|
27
|
+
ensure
|
28
|
+
ssl_socket && ssl_socket.close
|
29
|
+
end
|
30
|
+
result
|
31
|
+
end
|
32
|
+
|
33
|
+
chain :from do |ciphers|
|
34
|
+
@ciphers = [ciphers].flatten
|
35
|
+
@chain_string =
|
36
|
+
RspecSsltls::Util.add_string(@chain_string, "from #{@ciphers}")
|
37
|
+
end
|
38
|
+
chain :protocol do |protocol|
|
39
|
+
invalid_protocol = RspecSsltls::Util.invalid_ssl_tls_protocol(protocol)
|
40
|
+
fail "Invalid protocol.#{invalid_protocol.to_a}" if invalid_protocol
|
41
|
+
@protocol = [protocol].flatten.first
|
42
|
+
@chain_string =
|
43
|
+
RspecSsltls::Util.add_string(@chain_string, "on #{@protocol}")
|
44
|
+
end
|
45
|
+
|
46
|
+
chain :via_proxy do |proxy|
|
47
|
+
@proxy = proxy
|
48
|
+
end
|
49
|
+
|
50
|
+
description do
|
51
|
+
"choose cipher #{@expected_cipher}#{@chain_string}"
|
52
|
+
end
|
53
|
+
|
54
|
+
failure_message do
|
55
|
+
s = "expected to choose cipher #{@expected_cipher}"
|
56
|
+
s += "#{@chain_string}, but did not."
|
57
|
+
s += "\n expected: #{@expected_cipher}."
|
58
|
+
s + "\n actual: #{@actual_cipher ? @actual_cipher : 'nil'}."
|
59
|
+
end
|
60
|
+
|
61
|
+
failure_message_when_negated do
|
62
|
+
s = "expected not to choose cipher #{@expected_cipher}"
|
63
|
+
s += "#{@chain_string}, but did."
|
64
|
+
s += "\n expected not: #{@expected_cipher}."
|
65
|
+
s + "\n actual: #{@actual_cipher ? @actual_cipher : 'nil'}."
|
66
|
+
end
|
67
|
+
end
|
File without changes
|
File without changes
|
File without changes
|
data/lib/rspec_ssltls/util.rb
CHANGED
@@ -21,8 +21,9 @@ module RspecSsltls
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def self.open_socket(uri, options = {})
|
24
|
-
|
25
|
-
|
24
|
+
proxy = proxy_config(options)
|
25
|
+
if proxy
|
26
|
+
proxy_uri = build_uri(proxy)
|
26
27
|
proxy_server = Net::SSH::Proxy::HTTP.new(proxy_uri.host,
|
27
28
|
proxy_uri.port,
|
28
29
|
user: proxy_uri.user,
|
@@ -33,6 +34,11 @@ module RspecSsltls
|
|
33
34
|
end
|
34
35
|
end
|
35
36
|
|
37
|
+
def self.proxy_config(options = {})
|
38
|
+
options[:proxy] ? options[:proxy] :
|
39
|
+
RSpec.configuration.rspec_ssltls_https_proxy
|
40
|
+
end
|
41
|
+
|
36
42
|
def self.build_uri(source)
|
37
43
|
if source.is_a?(String)
|
38
44
|
source = 'http://' + source unless source.start_with?('http://')
|
@@ -42,6 +48,7 @@ module RspecSsltls
|
|
42
48
|
end
|
43
49
|
end
|
44
50
|
|
51
|
+
private_class_method :proxy_config
|
45
52
|
private_class_method :build_uri
|
46
53
|
end
|
47
54
|
end
|
data/lib/rspec_ssltls/version.rb
CHANGED
data/rspec-ssltls.gemspec
CHANGED
File without changes
|
@@ -0,0 +1,56 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'rspec_ssltls'
|
3
|
+
|
4
|
+
describe 'rspec-ssltls matchers' do
|
5
|
+
describe '#choose_cipher' do
|
6
|
+
it 'can evalutate choose cipher' do
|
7
|
+
stub_ssl_socket(cipher: ['DES-CBC3-SHA', 'TLSv1/SSLv3', 168, 168])
|
8
|
+
expect('www.example.com:443')
|
9
|
+
.to choose_cipher('DES-CBC3-SHA')
|
10
|
+
|
11
|
+
stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
|
12
|
+
expect('www.example.com:443')
|
13
|
+
.to choose_cipher('AES256-SHA')
|
14
|
+
|
15
|
+
stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
|
16
|
+
expect('www.example.com:443')
|
17
|
+
.not_to choose_cipher('DES-CBC3-SHA')
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'can evalutate choose cipher from list' do
|
21
|
+
stub_ssl_socket(cipher: ['DES-CBC3-SHA', 'TLSv1/SSLv3', 168, 168])
|
22
|
+
expect('www.example.com:443')
|
23
|
+
.to choose_cipher('DES-CBC3-SHA').from(['ALL', '!EXP'])
|
24
|
+
|
25
|
+
stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
|
26
|
+
expect('www.example.com:443')
|
27
|
+
.not_to choose_cipher('DES-CBC3-SHA').from('ALL')
|
28
|
+
end
|
29
|
+
|
30
|
+
it 'can evalutate choose cipher via proxy' do
|
31
|
+
https_proxy = 'http://user:pass@proxy.example.com/'
|
32
|
+
stub_ssl_socket(cipher: ['DES-CBC3-SHA', 'TLSv1/SSLv3', 168, 168])
|
33
|
+
expect('www.example.com:443')
|
34
|
+
.to choose_cipher('DES-CBC3-SHA').via_proxy(https_proxy)
|
35
|
+
|
36
|
+
stub_ssl_socket(cipher: nil)
|
37
|
+
expect('www.example.com:443')
|
38
|
+
.not_to choose_cipher('AES256-SHA').via_proxy(https_proxy)
|
39
|
+
end
|
40
|
+
|
41
|
+
it 'can evalutate choose cipher specified with protocol' do
|
42
|
+
stub_ssl_socket(cipher: ['AES256-SHA', 'TLSv1/SSLv3', 168, 168])
|
43
|
+
expect('www.example.com:443')
|
44
|
+
.to choose_cipher('AES256-SHA').protocol('TLSv1')
|
45
|
+
end
|
46
|
+
|
47
|
+
# show default description
|
48
|
+
it do
|
49
|
+
stub_ssl_socket(cipher: ['DES-CBC3-SHA', 'TLSv1/SSLv3', 168, 168])
|
50
|
+
expect('www.example.com:443')
|
51
|
+
.to(choose_cipher('DES-CBC3-SHA')
|
52
|
+
.protocol('TLSv1')
|
53
|
+
.from(['AES256-SHA', 'AES128-SHA', 'DES-CBC3-SHA']))
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -28,6 +28,19 @@ describe RspecSsltls::Util do
|
|
28
28
|
socket = described_class.open_socket(uri, proxy: proxy_url)
|
29
29
|
expect(socket).to eq(:direct)
|
30
30
|
end
|
31
|
+
context 'when RSpec.configuration.rspec_ssltls_https_proxy is given' do
|
32
|
+
before :each do
|
33
|
+
RSpec.configuration.rspec_ssltls_https_proxy =
|
34
|
+
'http://proxy.example.com'
|
35
|
+
end
|
36
|
+
after :each do
|
37
|
+
RSpec.configuration.rspec_ssltls_https_proxy = nil
|
38
|
+
end
|
39
|
+
it 'should connect target via specified proxy server' do
|
40
|
+
socket = described_class.open_socket(uri, proxy: proxy_url)
|
41
|
+
expect(socket).to eq(:proxy)
|
42
|
+
end
|
43
|
+
end
|
31
44
|
end
|
32
45
|
end
|
33
46
|
|
data/spec/spec_helper.rb
CHANGED
File without changes
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rspec-ssltls
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OTA Hiroshi
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-03-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|
@@ -122,14 +122,17 @@ files:
|
|
122
122
|
- Gemfile
|
123
123
|
- LICENSE.txt
|
124
124
|
- README.md
|
125
|
+
- RELEASE_NOTES.md
|
125
126
|
- Rakefile
|
126
127
|
- lib/rspec_ssltls.rb
|
128
|
+
- lib/rspec_ssltls/choose_cipher.rb
|
127
129
|
- lib/rspec_ssltls/have_certificate.rb
|
128
130
|
- lib/rspec_ssltls/support_cipher.rb
|
129
131
|
- lib/rspec_ssltls/support_protocol.rb
|
130
132
|
- lib/rspec_ssltls/util.rb
|
131
133
|
- lib/rspec_ssltls/version.rb
|
132
134
|
- rspec-ssltls.gemspec
|
135
|
+
- spec/rspec_ssltls/choose_cipher_spec.rb
|
133
136
|
- spec/rspec_ssltls/have_certificate_spec.rb
|
134
137
|
- spec/rspec_ssltls/rspec_ssltls_spec.rb
|
135
138
|
- spec/rspec_ssltls/support_cipher_spec.rb
|
@@ -156,11 +159,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
156
159
|
version: '0'
|
157
160
|
requirements: []
|
158
161
|
rubyforge_project:
|
159
|
-
rubygems_version: 2.
|
162
|
+
rubygems_version: 2.4.5
|
160
163
|
signing_key:
|
161
164
|
specification_version: 4
|
162
165
|
summary: Easily test your SSL/TLS with RSpec.
|
163
166
|
test_files:
|
167
|
+
- spec/rspec_ssltls/choose_cipher_spec.rb
|
164
168
|
- spec/rspec_ssltls/have_certificate_spec.rb
|
165
169
|
- spec/rspec_ssltls/rspec_ssltls_spec.rb
|
166
170
|
- spec/rspec_ssltls/support_cipher_spec.rb
|