sslcheck 0.9.1 → 0.9.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/acceptance/checking_certificates_spec.rb +11 -0
- data/lib/sslcheck/check.rb +7 -3
- data/lib/sslcheck/client.rb +1 -1
- data/lib/sslcheck/validator.rb +0 -54
- data/lib/sslcheck/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1c3ce9df50f1a9a75dfb026a443247e70f2af5c0
|
4
|
+
data.tar.gz: bc183a64ea589568f9040b5e1b3472ebd3b898e1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e09b4272a3cbc40320f2e5d99d1bcebc8b5a94abdb0be054f5fb7964b68072923d071045e125a9c4bd80a7f99a30e8836a36e6cfbce3ac2759352cd1a3cfe8c0
|
7
|
+
data.tar.gz: db41d48b91c4beabf136608d2b94290403d9e95d63fe5efc50dcd38ade28b1a732d882d0b603f9720a5585cdd0d344edf0f94678e485be2b54c3a0134519d762
|
@@ -2,6 +2,17 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
module SSLCheck
|
4
4
|
describe 'Checking Certificates' do
|
5
|
+
context "when the certificate is missing" do
|
6
|
+
before do
|
7
|
+
@check = Check.new.check("www.claytonlz.com")
|
8
|
+
end
|
9
|
+
it 'should not be valid' do
|
10
|
+
expect(@check.valid?).to_not be
|
11
|
+
end
|
12
|
+
it 'should have errors' do
|
13
|
+
expect(@check.errors).to_not be_empty
|
14
|
+
end
|
15
|
+
end
|
5
16
|
context "when the certificate is valid" do
|
6
17
|
before do
|
7
18
|
@check = Check.new.check("http://www.sslinsight.com")
|
data/lib/sslcheck/check.rb
CHANGED
@@ -47,13 +47,17 @@ module SSLCheck
|
|
47
47
|
|
48
48
|
def fetch(url)
|
49
49
|
response = @client.get(url)
|
50
|
-
|
51
|
-
|
52
|
-
|
50
|
+
|
51
|
+
if response.errors.empty?
|
52
|
+
self.peer_cert = response.peer_cert
|
53
|
+
self.ca_bundle = response.ca_bundle
|
54
|
+
self.host_name = response.host_name
|
55
|
+
end
|
53
56
|
|
54
57
|
response.errors.each do |error|
|
55
58
|
@errors << error
|
56
59
|
end
|
60
|
+
|
57
61
|
true
|
58
62
|
end
|
59
63
|
|
data/lib/sslcheck/client.rb
CHANGED
@@ -38,7 +38,7 @@ module SSLCheck
|
|
38
38
|
|
39
39
|
sock = TCPSocket.new(uri.host, 443)
|
40
40
|
ctx = OpenSSL::SSL::SSLContext.new
|
41
|
-
ctx.set_params(verify_mode
|
41
|
+
ctx.set_params(:verify_mode => OpenSSL::SSL::VERIFY_PEER)
|
42
42
|
|
43
43
|
@socket = OpenSSL::SSL::SSLSocket.new(sock, ctx).tap do |socket|
|
44
44
|
socket.sync_close = true
|
data/lib/sslcheck/validator.rb
CHANGED
@@ -55,57 +55,3 @@ module SSLCheck
|
|
55
55
|
|
56
56
|
end
|
57
57
|
end
|
58
|
-
|
59
|
-
# class InvalidCertificate < StandardError;end
|
60
|
-
# class InvalidCommonName < StandardError;end
|
61
|
-
# class InvalidDates < StandardError;end
|
62
|
-
# class MissingCACertificate < StandardError;end
|
63
|
-
|
64
|
-
# def initialize(parser=nil)
|
65
|
-
# @parser = parser
|
66
|
-
# @url = parser.url
|
67
|
-
# end
|
68
|
-
|
69
|
-
# def validate
|
70
|
-
# raise InvalidCertificate unless validate_certificates
|
71
|
-
# raise InvalidCommonName, "expected #{@url} but got #{certificate.common_name}" unless validate_common_name
|
72
|
-
# raise InvalidDates, "Issued On: #{certificate.not_before}, Expires On: #{certificate.not_after}" unless validate_dates
|
73
|
-
# true
|
74
|
-
# end
|
75
|
-
|
76
|
-
# def validate_certificates
|
77
|
-
# certificate.verify(ca_bundle)
|
78
|
-
# end
|
79
|
-
|
80
|
-
# def validate_common_name
|
81
|
-
# matching_wildcard_domain || certificate.common_name.downcase == @url.downcase
|
82
|
-
# end
|
83
|
-
|
84
|
-
# def validate_expiration_date
|
85
|
-
# !certificate.expired?
|
86
|
-
# end
|
87
|
-
|
88
|
-
# def validate_issue_date
|
89
|
-
# certificate.issued?
|
90
|
-
# end
|
91
|
-
|
92
|
-
# def validate_dates
|
93
|
-
# validate_expiration_date && validate_issue_date
|
94
|
-
# end
|
95
|
-
|
96
|
-
# private
|
97
|
-
# def certificate
|
98
|
-
# @parser.certificate
|
99
|
-
# end
|
100
|
-
|
101
|
-
# def matching_wildcard_domain
|
102
|
-
# true if (certificate.common_name.match(/\*\./) && @url.include?(certificate.common_name.gsub(/\*\./,'')))
|
103
|
-
# end
|
104
|
-
|
105
|
-
# def ca_bundle
|
106
|
-
# begin
|
107
|
-
# @parser.ca_bundle
|
108
|
-
# rescue OpenSSL::X509::CertificateError => e
|
109
|
-
# raise MissingCACertificate
|
110
|
-
# end
|
111
|
-
# end
|
data/lib/sslcheck/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sslcheck
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Clayton Lengel-Zigich
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-03-
|
11
|
+
date: 2015-03-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|