sensu-plugins-ssl 0.0.4 → 0.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 730401068603b4e4f95fd83600bd49736fe9f663
-  data.tar.gz: faecc1987c6a5be33f93bcfb7f016f326846f70a
+  metadata.gz: 4ae6462ba9f5b5a362400ccca8f9e716d910b62f
+  data.tar.gz: d4e4b84ed29ad5d43affed4779de59b89ca42aa2
 SHA512:
-  metadata.gz: 08c83077b37e649c37158b8de4938caef4489c30b395f70aede52051c20b01543c09aad0100f264694501365dd54208ea9c0e68253e334025695d6b7a2055836
-  data.tar.gz: 3b79980303443dbadf9217e36e86103aa5ba54848577c45353dc5864259298fa772359b5bc3261fb28eafb9d3ce423518c3f8f20ce7843b7108e163fee99ee1d
+  metadata.gz: 94ba8727dd0c5874d1076dfa76f5b8baa768cdcafb2b4f446c9c4d2b0a8df46793479f76901c0d9f37374bb16102572d4cdf7864788f695a142b20838cb3b067
+  data.tar.gz: 3637b2b08adf11810f7c40dd98818b329d2c74cdaf0cbe68b5a64823f8be2a70cfc138777b50363aefe4d13e4da16ad1d004958c7c4db3ddc94fb061c78760df

data/CHANGELOG.md

@@ -4,6 +4,14 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachangelog.com/)
 
 ## [Unreleased][unreleased]
+- nothing
+
+## [0.0.5] - 2015-08-05
+### Changed
+- updated sensu-plugin gem to 1.2.0
+
+### Added
+- Basic support for STARTTLS negotiation (only SMTP to start with)
 
 ## [0.0.4] - 2015-07-14
 ### Changed
@@ -23,3 +31,9 @@ This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachang
 ## 0.0.1 - 2015-05-21
 ### Added
 - initial release
+
+[unreleased]: https://github.com/sensu-plugins/sensu-plugins-ssl/compare/0.0.4...HEAD
+[0.0.5]: https://github.com/sensu-plugins/sensu-plugins-ssl/compare/0.0.4...0.0.5
+[0.0.4]: https://github.com/sensu-plugins/sensu-plugins-ssl/compare/0.0.3...0.0.4
+[0.0.3]: https://github.com/sensu-plugins/sensu-plugins-ssl/compare/0.0.2...0.0.3
+[0.0.2]: https://github.com/sensu-plugins/sensu-plugins-ssl/compare/0.0.1...0.0.2

data/README.md

@@ -18,6 +18,6 @@
 
 ## Installation
 
-[Installation and Setup](https://github.com/sensu-plugins/documentation/blob/master/user_docs/installation_instructions.md)
+[Installation and Setup](http://sensu-plugins.io/docs/installation_instructions.html)
 
 ## Notes

data/bin/check-ssl-cert.rb

@@ -79,7 +79,7 @@ class CheckSSLCert < Sensu::Plugin::Check::CLI
     end
   end
 
-  def run # rubocop:disable all
+  def run
     validate_opts
     expiry = config[:pem] ? ssl_pem_expiry : ssl_cert_expiry
     days_until = (Date.parse(expiry.to_s) - Date.today).to_i

data/bin/check-ssl-host.rb

@@ -42,6 +42,8 @@ require 'socket'
 # Check SSL Host
 #
 class CheckSSLHost < Sensu::Plugin::Check::CLI
+  STARTTLS_PROTOS = %w(smtp)
+
   check_name 'check_ssl_host'
 
   option :critical,
@@ -81,8 +83,14 @@ class CheckSSLHost < Sensu::Plugin::Check::CLI
          long: '--skip-chain-verification',
          boolean: true
 
+  option :starttls,
+         description: 'use STARTTLS negotiation for the given protocol '\
+                      "(#{STARTTLS_PROTOS.join(', ')})",
+         long: '--starttls PROTO'
+
   def get_cert_chain(host, port)
     tcp_client = TCPSocket.new(host, port)
+    handle_starttls(config[:starttls], tcp_client) if config[:starttls]
     ssl_context = OpenSSL::SSL::SSLContext.new
     ssl_client = OpenSSL::SSL::SSLSocket.new(tcp_client, ssl_context)
     # SNI
@@ -93,7 +101,28 @@ class CheckSSLHost < Sensu::Plugin::Check::CLI
     certs
   end
 
-  def verify_expiry(cert) # rubocop:disable all
+  def handle_starttls(proto, socket)
+    if STARTTLS_PROTOS.include?(proto)
+      send("starttls_#{proto}", socket)
+    else
+      fail ArgumentError, "STARTTLS supported only for #{STARTTLS_PROTOS.join(', ')}"
+    end
+  end
+
+  def starttls_smtp(socket)
+    status = socket.readline
+    unless /^220 /.match(status)
+      critical "#{config[:host]} - did not receive initial SMTP 220"
+      # no fall-through
+    end
+    socket.puts 'STARTTLS'
+
+    status = socket.readline
+    return if /^220 /.match(status)
+    critical "#{config[:host]} - did not receive SMTP 220 in response to STARTTLS"
+  end
+
+  def verify_expiry(cert)
     # Expiry check
     days = (cert.not_after.to_date - Date.today).to_i
     message = "#{config[:host]} - #{days} days until expiry"

data/lib/sensu-plugins-ssl/version.rb

@@ -2,7 +2,7 @@ module SensuPluginsSSL
   module Version
     MAJOR = 0
     MINOR = 0
-    PATCH = 4
+    PATCH = 5
 
     VER_STRING = [MAJOR, MINOR, PATCH].compact.join('.')
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sensu-plugins-ssl
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - Sensu-Plugins and contributors
@@ -30,7 +30,7 @@ cert_chain:
   8sHuVruarogxxKPBzlL2is4EUb6oN/RdpGx2l4254+nyR+abg//Ed27Ym0PkB4lk
   HP0m8WSjZmFr109pE/sVsM5jtOCvogyujQOjNVGN4gz1wwPr
   -----END CERTIFICATE-----
-date: 2015-07-14 00:00:00.000000000 Z
+date: 2015-08-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sensu-plugin
@@ -47,61 +47,61 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 1.2.0
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: '1.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.30'
+        version: '0.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.30'
+        version: '0.4'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: github-markup
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0.10'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -117,62 +117,65 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: github-markup
+  name: redcarpet
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '3.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '3.2'
 - !ruby/object:Gem::Dependency
-  name: redcarpet
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '3.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '3.1'
 - !ruby/object:Gem::Dependency
-  name: yard
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.32.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.32.1
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.10'
-description: Sensu plugins for SSL
+        version: '0.8'
+description: |-
+  This plugin provides native SSL instrumentation
+                                for monitoring, including: hostname and chain
+                                verification, cert expiry, and Qualys SSL Labs reporting
 email: "<sensu-users@googlegroups.com>"
 executables:
 - check-ssl-qualys.rb
@@ -215,7 +218,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.6
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: Sensu plugins for SSL