sslcheck 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +14 -0
- data/.rspec +3 -0
- data/.travis.yml +6 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +177 -0
- data/Rakefile +14 -0
- data/acceptance/acceptance_helper.rb +1 -0
- data/acceptance/checking_certificates_spec.rb +23 -0
- data/acceptance/client_spec.rb +67 -0
- data/blinky_tests +3 -0
- data/lib/sslcheck.rb +20 -0
- data/lib/sslcheck/certificate.rb +121 -0
- data/lib/sslcheck/certificate_client.rb +10 -0
- data/lib/sslcheck/check.rb +65 -0
- data/lib/sslcheck/client.rb +68 -0
- data/lib/sslcheck/generic_error.rb +15 -0
- data/lib/sslcheck/parser.rb +96 -0
- data/lib/sslcheck/validator.rb +111 -0
- data/lib/sslcheck/validators/ca_bundle.rb +23 -0
- data/lib/sslcheck/validators/common_name.rb +27 -0
- data/lib/sslcheck/validators/errors.rb +15 -0
- data/lib/sslcheck/validators/expiration_date.rb +10 -0
- data/lib/sslcheck/validators/generic_validator.rb +15 -0
- data/lib/sslcheck/validators/issue_date.rb +10 -0
- data/lib/sslcheck/version.rb +3 -0
- data/run_acceptance_on_ci +7 -0
- data/sentinal +10 -0
- data/spec/ca_bundle_validator_spec.rb +24 -0
- data/spec/cert_fixtures.rb +814 -0
- data/spec/certificate_spec.rb +134 -0
- data/spec/check_spec.rb +172 -0
- data/spec/common_name_validator_spec.rb +40 -0
- data/spec/expiration_date_validator_spec.rb +36 -0
- data/spec/issue_date_validator_spec.rb +36 -0
- data/spec/parser_spec.rb +0 -0
- data/spec/response_spec.rb +13 -0
- data/spec/spec_helper.rb +100 -0
- data/spec/validator_spec.rb +84 -0
- data/sslcheck.gemspec +26 -0
- metadata +165 -0
@@ -0,0 +1,134 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module SSLCheck
|
4
|
+
describe Certificate do
|
5
|
+
before(:each) do
|
6
|
+
@sut = Certificate.new(VALID_CERT)
|
7
|
+
end
|
8
|
+
describe 'to_h' do
|
9
|
+
it 'should easily turn into a hash' do
|
10
|
+
clock = class_double(DateTime, :now => DateTime.parse("2014-12-31 00:00:00"))
|
11
|
+
sut = Certificate.new(VALID_CERT, clock)
|
12
|
+
actual_hash = sut.to_h
|
13
|
+
expected_hash = {
|
14
|
+
:common_name => "www.npboards.com",
|
15
|
+
:organization_unit => "Domain Control Validated",
|
16
|
+
:not_before => DateTime.parse("Tue, 17 Jun 2014 18:16:01 +0000"),
|
17
|
+
:not_after => DateTime.parse("Tue, 17 Jun 2015 18:16:01 +0000"),
|
18
|
+
:issued => true,
|
19
|
+
:expired => false,
|
20
|
+
:issuer => {
|
21
|
+
:common_name => "Go Daddy Secure Certificate Authority - G2",
|
22
|
+
:country => "US",
|
23
|
+
:state => "Arizona",
|
24
|
+
:locality => "Scottsdale",
|
25
|
+
:organization => "GoDaddy.com, Inc."
|
26
|
+
}
|
27
|
+
}
|
28
|
+
|
29
|
+
expect(actual_hash).to eq(expected_hash)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
describe 'extensions' do
|
33
|
+
describe 'Subject Alternate Name' do
|
34
|
+
context "when it has as subject alternate name extension" do
|
35
|
+
it 'should expose the altername names as alternate common names' do
|
36
|
+
sut = Certificate.new(VALID_CERT)
|
37
|
+
|
38
|
+
expect(sut.alternate_common_names).to include("www.npboards.com")
|
39
|
+
expect(sut.alternate_common_names).to include("npboards.com")
|
40
|
+
end
|
41
|
+
end
|
42
|
+
context "when it only has one alternate name in the extension" do
|
43
|
+
it 'should expose only that name' do
|
44
|
+
ext = OpenSSL::X509::Extension.new "subjectAltName", "DNS:example.com"
|
45
|
+
cert = OpenSSL::X509::Certificate.new VALID_CERT
|
46
|
+
|
47
|
+
allow(cert).to receive(:extensions).and_return [ext]
|
48
|
+
sut = Certificate.new(cert)
|
49
|
+
|
50
|
+
expect(sut.alternate_common_names).to include("example.com")
|
51
|
+
expect(sut.alternate_common_names).to_not include("npboards.com")
|
52
|
+
expect(sut.alternate_common_names).to_not include("www.npboards.com")
|
53
|
+
end
|
54
|
+
end
|
55
|
+
context "when it has no subject alternate name extension" do
|
56
|
+
it 'should expose no alternate names' do
|
57
|
+
cert = OpenSSL::X509::Certificate.new VALID_CERT
|
58
|
+
allow(cert).to receive(:extensions).and_return []
|
59
|
+
sut = Certificate.new(cert)
|
60
|
+
|
61
|
+
expect(sut.alternate_common_names).to eq([])
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
describe "subject" do
|
67
|
+
it "should expose the certificate's subject" do
|
68
|
+
expect(@sut.subject).to eq "/OU=Domain Control Validated/CN=www.npboards.com"
|
69
|
+
end
|
70
|
+
it "should expose the common name on the certificate" do
|
71
|
+
expect(@sut.common_name).to eq "www.npboards.com"
|
72
|
+
end
|
73
|
+
it "should expose the organizational unit on the certificate" do
|
74
|
+
expect(@sut.organizational_unit).to eq "Domain Control Validated"
|
75
|
+
end
|
76
|
+
end
|
77
|
+
describe "issuer" do
|
78
|
+
it "should expose the certificate's issuer" do
|
79
|
+
expect(@sut.issuer).to eq "/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2"
|
80
|
+
end
|
81
|
+
it "should expose a friendly version of the issuer" do
|
82
|
+
expect(@sut.issued_by).to eq "Go Daddy Secure Certificate Authority - G2"
|
83
|
+
end
|
84
|
+
it "should expose the issuer's country" do
|
85
|
+
expect(@sut.issuer_country).to eq "US"
|
86
|
+
end
|
87
|
+
it "should expose the issuer's state" do
|
88
|
+
expect(@sut.issuer_state).to eq "Arizona"
|
89
|
+
end
|
90
|
+
it "should expose the issuer's locality" do
|
91
|
+
expect(@sut.issuer_locality).to eq "Scottsdale"
|
92
|
+
end
|
93
|
+
it "should expose the issuer's organization" do
|
94
|
+
expect(@sut.issuer_organization).to eq "GoDaddy.com, Inc."
|
95
|
+
end
|
96
|
+
it "should expose the issuer's common name" do
|
97
|
+
expect(@sut.issuer_common_name).to eq "Go Daddy Secure Certificate Authority - G2"
|
98
|
+
end
|
99
|
+
end
|
100
|
+
describe "public key" do
|
101
|
+
it "should expose the certificate's public key" do
|
102
|
+
expect(@sut.public_key).to be_a OpenSSL::PKey::RSA
|
103
|
+
end
|
104
|
+
end
|
105
|
+
describe "verify" do
|
106
|
+
it "should be able to verify a certificate with the public key of another" do
|
107
|
+
ca_bundle = Certificate.new(CA_BUNDLE)
|
108
|
+
expect(@sut.verify(ca_bundle)).to be
|
109
|
+
end
|
110
|
+
end
|
111
|
+
describe "dates" do
|
112
|
+
it "should expose the certificate's issue date" do
|
113
|
+
expect(@sut.not_before).to eq DateTime.parse("Tue, 17 Jun 2014 18:16:01 +0000")
|
114
|
+
end
|
115
|
+
it "should expose the certificate's expiry date" do
|
116
|
+
expect(@sut.not_after).to eq DateTime.parse("Tue, 17 Jun 2015 18:16:01 +0000")
|
117
|
+
end
|
118
|
+
end
|
119
|
+
describe "expired?" do
|
120
|
+
it "should know if it has expired" do
|
121
|
+
clock = class_double(DateTime, :now => DateTime.parse("3000-01-01 00:00:00"))
|
122
|
+
@sut = Certificate.new(VALID_CERT, clock)
|
123
|
+
expect(@sut.expired?).to be
|
124
|
+
end
|
125
|
+
end
|
126
|
+
describe "issued?" do
|
127
|
+
it "should know if it has been issued" do
|
128
|
+
clock = class_double(DateTime, :now => DateTime.parse("3000-01-01 00:00:00"))
|
129
|
+
@sut = Certificate.new(VALID_CERT, clock)
|
130
|
+
expect(@sut.issued?).to be
|
131
|
+
end
|
132
|
+
end
|
133
|
+
end
|
134
|
+
end
|
data/spec/check_spec.rb
ADDED
@@ -0,0 +1,172 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module SSLCheck
|
4
|
+
describe Check do
|
5
|
+
before do
|
6
|
+
@peer_cert = SSLCheck::Certificate.new(VALID_CERT)
|
7
|
+
@ca_parent = SSLCheck::Certificate.new(CA_PARENT)
|
8
|
+
@ca_grand_parent = SSLCheck::Certificate.new(CA_GRAND_PARENT)
|
9
|
+
@ca_bundle = [@ca_parent, @ca_grand_parent]
|
10
|
+
end
|
11
|
+
|
12
|
+
it 'should not be failed by default' do
|
13
|
+
sut = Check.new(FakeClient.new)
|
14
|
+
expect(sut.failed?).to_not be
|
15
|
+
expect(sut.errors).to be_empty
|
16
|
+
end
|
17
|
+
|
18
|
+
it 'should be invalid by default' do
|
19
|
+
sut = Check.new(FakeClient.new)
|
20
|
+
expect(sut.valid?).to_not be
|
21
|
+
end
|
22
|
+
|
23
|
+
it 'should not be done checking by default' do
|
24
|
+
sut = Check.new(FakeClient.new)
|
25
|
+
expect(sut.checked?).to_not be
|
26
|
+
end
|
27
|
+
|
28
|
+
describe 'checking' do
|
29
|
+
it 'should tell the client to get the certs' do
|
30
|
+
fake_client = FakeClient.new
|
31
|
+
@sut = Check.new(fake_client, FakeValidator.new)
|
32
|
+
expect(fake_client).to receive(:get).with("www.example.com").and_return(FakeClientResponse.new)
|
33
|
+
@sut.check('www.example.com')
|
34
|
+
end
|
35
|
+
|
36
|
+
it 'should expose the certificates that were found' do
|
37
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle)), FakeValidator.new)
|
38
|
+
@sut.check('www.example.com')
|
39
|
+
expect(@sut.peer_cert).to be
|
40
|
+
expect(@sut.ca_bundle).to be
|
41
|
+
end
|
42
|
+
|
43
|
+
it 'should expose the hostname parsed from the URL' do
|
44
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle, "www.example.com")), FakeValidator.new)
|
45
|
+
@sut.check('www.example.com')
|
46
|
+
expect(@sut.host_name).to eq("www.example.com")
|
47
|
+
end
|
48
|
+
|
49
|
+
it 'should know when the check has completed' do
|
50
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle)), FakeValidator.new)
|
51
|
+
@sut.check('www.example.com')
|
52
|
+
expect(@sut.checked?).to be
|
53
|
+
end
|
54
|
+
|
55
|
+
it 'should know what URL was checked' do
|
56
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle)), FakeValidator.new)
|
57
|
+
@sut.check('www.example.com')
|
58
|
+
expect(@sut.url).to eq("www.example.com")
|
59
|
+
end
|
60
|
+
|
61
|
+
context "when there is an error checking the certificate" do
|
62
|
+
it 'should not be valid' do
|
63
|
+
error = SSLCheck::Errors::GenericError.new({:name => :invalid_uri, :message => "Invalid URI"})
|
64
|
+
@sut = Check.new(FakeClient.new(nil, [error]), FakeValidator.new)
|
65
|
+
@sut.check('www.example.com')
|
66
|
+
expect(@sut.valid?).to_not be
|
67
|
+
end
|
68
|
+
context "when the URI is malformed" do
|
69
|
+
it 'should add an error to the error list' do
|
70
|
+
error = SSLCheck::Errors::GenericError.new({:name => :invalid_uri, :message => "Invalid URI"})
|
71
|
+
validator = FakeValidator.new
|
72
|
+
@sut = Check.new(FakeClient.new(nil, [error]), validator)
|
73
|
+
|
74
|
+
expect(validator).to_not receive(:validate)
|
75
|
+
@sut.check('www.example.com')
|
76
|
+
end
|
77
|
+
it 'should not try to validate the certificate' do
|
78
|
+
error = SSLCheck::Errors::GenericError.new({:name => :invalid_uri, :message => "Invalid URI"})
|
79
|
+
@sut = Check.new(FakeClient.new(nil, [error]))
|
80
|
+
@sut.check('www.example.com')
|
81
|
+
end
|
82
|
+
end
|
83
|
+
context "when there was an OpenSSL error" do
|
84
|
+
it 'should add an error to the error list' do
|
85
|
+
error = SSLCheck::Errors::GenericError.new({:name => :openssl_error, :message => "OpenSSL Verification Error"})
|
86
|
+
@sut = Check.new(FakeClient.new(nil, [error]))
|
87
|
+
@sut.check('www.example.com')
|
88
|
+
expect(@sut.errors).to eq([error])
|
89
|
+
expect(@sut.failed?).to be
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
describe 'validation' do
|
96
|
+
it 'should tell the validator to validate the peer certificate' do
|
97
|
+
validator = FakeValidator.new
|
98
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle)), validator)
|
99
|
+
expect(validator).to receive(:validate).with("www.example.com", @peer_cert, @ca_bundle)
|
100
|
+
@sut.check("www.example.com")
|
101
|
+
end
|
102
|
+
context "when the certificate is valid" do
|
103
|
+
it 'should have no errors' do
|
104
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle)), FakeValidator.new)
|
105
|
+
@sut.check('www.example.com')
|
106
|
+
expect(@sut.errors).to eq([])
|
107
|
+
end
|
108
|
+
it 'should be valid' do
|
109
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle)), FakeValidator.new)
|
110
|
+
@sut.check('www.example.com')
|
111
|
+
expect(@sut.valid?).to be
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
class FakeClient
|
119
|
+
def initialize(response=nil, errors=[])
|
120
|
+
@response = response || FakeClientResponse.new
|
121
|
+
@errors = errors
|
122
|
+
end
|
123
|
+
def get(url)
|
124
|
+
@response
|
125
|
+
|
126
|
+
@errors.each do |error|
|
127
|
+
@response.errors << error
|
128
|
+
end
|
129
|
+
@response
|
130
|
+
end
|
131
|
+
end
|
132
|
+
|
133
|
+
class FakeClientResponse
|
134
|
+
def initialize(peer_cert=nil, ca_bundle=nil, host_name=nil)
|
135
|
+
@peer_cert = peer_cert || SSLCheck::Certificate.new(VALID_CERT)
|
136
|
+
@ca_bundle = ca_bundle || [SSLCheck::Certificate.new(CA_PARENT), SSLCheck::Certificate.new(CA_GRAND_PARENT)]
|
137
|
+
@host_name = host_name || "www.example.com"
|
138
|
+
@errors = []
|
139
|
+
end
|
140
|
+
|
141
|
+
def peer_cert
|
142
|
+
@peer_cert
|
143
|
+
end
|
144
|
+
|
145
|
+
def ca_bundle
|
146
|
+
@ca_bundle
|
147
|
+
end
|
148
|
+
|
149
|
+
def host_name
|
150
|
+
@host_name
|
151
|
+
end
|
152
|
+
|
153
|
+
def errors
|
154
|
+
@errors
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
|
159
|
+
class FakeValidator
|
160
|
+
def initialize(valid=true, errors=[])
|
161
|
+
@valid = valid
|
162
|
+
@errors = errors
|
163
|
+
end
|
164
|
+
|
165
|
+
def validate(common_name, peer_cert, ca_bundle)
|
166
|
+
@valid
|
167
|
+
end
|
168
|
+
|
169
|
+
def errors
|
170
|
+
@errors
|
171
|
+
end
|
172
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module SSLCheck
|
4
|
+
describe 'CommonNameValidatorSpec' do
|
5
|
+
before do
|
6
|
+
@cert = Certificate.new(VALID_CERT)
|
7
|
+
@ca_bundle = [Certificate.new(CA_PARENT), Certificate.new(CA_GRAND_PARENT)]
|
8
|
+
end
|
9
|
+
context "when the common name is valid" do
|
10
|
+
it 'should return nothing' do
|
11
|
+
sut = Validators::CommonName.new("npboards.com", @cert, @ca_bundle)
|
12
|
+
result = sut.validate
|
13
|
+
expect(result).to_not be
|
14
|
+
end
|
15
|
+
context "when the certificate was issued to a wildcard domain" do
|
16
|
+
it 'should return nothing' do
|
17
|
+
wildcard_cert = Certificate.new(WILDCARD_CERT)
|
18
|
+
sut = Validators::CommonName.new("example.squarespace.com", wildcard_cert, @ca_bundle)
|
19
|
+
result = sut.validate
|
20
|
+
expect(result).to_not be
|
21
|
+
end
|
22
|
+
end
|
23
|
+
context "when the certificate has alternate subject names" do
|
24
|
+
it 'should allow matches against the supplied common name' do
|
25
|
+
sut = Validators::CommonName.new("npboards.com", @cert, @ca_bundle)
|
26
|
+
result = sut.validate
|
27
|
+
expect(result).to_not be
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
end
|
32
|
+
context "when the common name is mismatched" do
|
33
|
+
it 'should return errors' do
|
34
|
+
sut = Validators::CommonName.new("example.com", @cert, @ca_bundle)
|
35
|
+
result = sut.validate
|
36
|
+
expect(result).to be_a SSLCheck::Errors::Validation::CommonNameMismatch
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module SSLCheck
|
4
|
+
describe 'ExpirationDateValidatorSpec' do
|
5
|
+
before do
|
6
|
+
@cert = Certificate.new(VALID_CERT)
|
7
|
+
@ca_bundle = [Certificate.new(CA_PARENT), Certificate.new(CA_GRAND_PARENT)]
|
8
|
+
end
|
9
|
+
context "when the expiration date is in the future" do
|
10
|
+
it 'should return errors' do
|
11
|
+
sut = Validators::ExpirationDate.new("npboards.com", @cert, @ca_bundle)
|
12
|
+
result = sut.validate(FutureClock.new)
|
13
|
+
expect(result).to be_a SSLCheck::Errors::Validation::CertificateExpired
|
14
|
+
end
|
15
|
+
end
|
16
|
+
context "when the expiration date is in the past" do
|
17
|
+
it 'should return nothing' do
|
18
|
+
sut = Validators::ExpirationDate.new("npboards.com", @cert, @ca_bundle)
|
19
|
+
result = sut.validate(PastClock.new)
|
20
|
+
expect(result).to_not be
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
class FutureClock
|
27
|
+
def now
|
28
|
+
DateTime.parse("3000-01-01 00:00:00")
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
class PastClock
|
33
|
+
def now
|
34
|
+
DateTime.parse("1000-01-01 00:00:00")
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module SSLCheck
|
4
|
+
describe 'IssueDateValidatorSpec' do
|
5
|
+
before do
|
6
|
+
@cert = Certificate.new(VALID_CERT)
|
7
|
+
@ca_bundle = [Certificate.new(CA_PARENT), Certificate.new(CA_GRAND_PARENT)]
|
8
|
+
end
|
9
|
+
context "when the issue date is in the past" do
|
10
|
+
it 'should return nothing' do
|
11
|
+
sut = Validators::IssueDate.new("npboards.com", @cert, @ca_bundle)
|
12
|
+
result = sut.validate(FutureClock.new)
|
13
|
+
expect(result).to_not be
|
14
|
+
end
|
15
|
+
end
|
16
|
+
context "when the issue date is in the future" do
|
17
|
+
it 'should return errors' do
|
18
|
+
sut = Validators::IssueDate.new("npboards.com", @cert, @ca_bundle)
|
19
|
+
result = sut.validate(PastClock.new)
|
20
|
+
expect(result).to be_a SSLCheck::Errors::Validation::NotYetIssued
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
class FutureClock
|
27
|
+
def now
|
28
|
+
DateTime.parse("3000-01-01 00:00:00")
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
class PastClock
|
33
|
+
def now
|
34
|
+
DateTime.parse("1000-01-01 00:00:00")
|
35
|
+
end
|
36
|
+
end
|
data/spec/parser_spec.rb
ADDED
File without changes
|
@@ -0,0 +1,13 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module SSLCheck
|
4
|
+
describe Client::Response do
|
5
|
+
it 'should alias ca_bundle to peer_cert_chain' do
|
6
|
+
response = Client::Response.new
|
7
|
+
response.raw_peer_cert_chain = [CA_PARENT, CA_GRAND_PARENT]
|
8
|
+
expect(response.ca_bundle).to be
|
9
|
+
expect(response.ca_bundle.first.to_s).to eq(Certificate.new(CA_PARENT).to_s)
|
10
|
+
expect(response.ca_bundle.last.to_s).to eq(Certificate.new(CA_GRAND_PARENT).to_s)
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,100 @@
|
|
1
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
2
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
3
|
+
# The generated `.rspec` file contains `--require spec_helper` which will cause
|
4
|
+
# this file to always be loaded, without a need to explicitly require it in any
|
5
|
+
# files.
|
6
|
+
#
|
7
|
+
# Given that it is always loaded, you are encouraged to keep this file as
|
8
|
+
# light-weight as possible. Requiring heavyweight dependencies from this file
|
9
|
+
# will add to the boot time of your test suite on EVERY test run, even for an
|
10
|
+
# individual file that may not need all of that loaded. Instead, consider making
|
11
|
+
# a separate helper file that requires the additional dependencies and performs
|
12
|
+
# the additional setup, and require it from the spec files that actually need
|
13
|
+
# it.
|
14
|
+
|
15
|
+
require 'simplecov'
|
16
|
+
SimpleCov.start do
|
17
|
+
add_filter "/spec/"
|
18
|
+
end
|
19
|
+
|
20
|
+
require_relative '../lib/sslcheck'
|
21
|
+
require 'cert_fixtures'
|
22
|
+
|
23
|
+
#
|
24
|
+
# The `.rspec` file also contains a few flags that are not defaults but that
|
25
|
+
# users commonly want.
|
26
|
+
#
|
27
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
28
|
+
RSpec.configure do |config|
|
29
|
+
# rspec-expectations config goes here. You can use an alternate
|
30
|
+
# assertion/expectation library such as wrong or the stdlib/minitest
|
31
|
+
# assertions if you prefer.
|
32
|
+
config.expect_with :rspec do |expectations|
|
33
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
34
|
+
# and `failure_message` of custom matchers include text for helper methods
|
35
|
+
# defined using `chain`, e.g.:
|
36
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
37
|
+
# # => "be bigger than 2 and smaller than 4"
|
38
|
+
# ...rather than:
|
39
|
+
# # => "be bigger than 2"
|
40
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
41
|
+
end
|
42
|
+
|
43
|
+
# rspec-mocks config goes here. You can use an alternate test double
|
44
|
+
# library (such as bogus or mocha) by changing the `mock_with` option here.
|
45
|
+
config.mock_with :rspec do |mocks|
|
46
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
47
|
+
# a real object. This is generally recommended, and will default to
|
48
|
+
# `true` in RSpec 4.
|
49
|
+
mocks.verify_partial_doubles = true
|
50
|
+
end
|
51
|
+
|
52
|
+
# The settings below are suggested to provide a good initial experience
|
53
|
+
# with RSpec, but feel free to customize to your heart's content.
|
54
|
+
=begin
|
55
|
+
# These two settings work together to allow you to limit a spec run
|
56
|
+
# to individual examples or groups you care about by tagging them with
|
57
|
+
# `:focus` metadata. When nothing is tagged with `:focus`, all examples
|
58
|
+
# get run.
|
59
|
+
config.filter_run :focus
|
60
|
+
config.run_all_when_everything_filtered = true
|
61
|
+
|
62
|
+
# Limits the available syntax to the non-monkey patched syntax that is
|
63
|
+
# recommended. For more details, see:
|
64
|
+
# - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
|
65
|
+
# - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
|
66
|
+
# - http://myronmars.to/n/dev-blog/2014/05/notable-changes-in-rspec-3#new__config_option_to_disable_rspeccore_monkey_patching
|
67
|
+
config.disable_monkey_patching!
|
68
|
+
|
69
|
+
# This setting enables warnings. It's recommended, but in some cases may
|
70
|
+
# be too noisy due to issues in dependencies.
|
71
|
+
config.warnings = true
|
72
|
+
|
73
|
+
# Many RSpec users commonly either run the entire suite or an individual
|
74
|
+
# file, and it's useful to allow more verbose output when running an
|
75
|
+
# individual spec file.
|
76
|
+
if config.files_to_run.one?
|
77
|
+
# Use the documentation formatter for detailed output,
|
78
|
+
# unless a formatter has already been configured
|
79
|
+
# (e.g. via a command-line flag).
|
80
|
+
config.default_formatter = 'doc'
|
81
|
+
end
|
82
|
+
|
83
|
+
# Print the 10 slowest examples and example groups at the
|
84
|
+
# end of the spec run, to help surface which specs are running
|
85
|
+
# particularly slow.
|
86
|
+
config.profile_examples = 10
|
87
|
+
|
88
|
+
# Run specs in random order to surface order dependencies. If you find an
|
89
|
+
# order dependency and want to debug it, you can fix the order by providing
|
90
|
+
# the seed, which is printed after each run.
|
91
|
+
# --seed 1234
|
92
|
+
config.order = :random
|
93
|
+
|
94
|
+
# Seed global randomization in this process using the `--seed` CLI option.
|
95
|
+
# Setting this allows you to use `--seed` to deterministically reproduce
|
96
|
+
# test failures related to randomization by passing the same `--seed` value
|
97
|
+
# as the one that triggered the failure.
|
98
|
+
Kernel.srand config.seed
|
99
|
+
=end
|
100
|
+
end
|