sslcheck 0.9.4 → 0.9.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/acceptance/checking_certificates_spec.rb +11 -0
- data/lib/sslcheck/check.rb +1 -0
- data/lib/sslcheck/validator.rb +2 -0
- data/lib/sslcheck/validators/common_name.rb +2 -1
- data/lib/sslcheck/version.rb +1 -1
- data/spec/cert_fixtures.rb +34 -0
- data/spec/check_spec.rb +7 -0
- data/spec/common_name_validator_spec.rb +13 -1
- metadata +2 -3
- data/sslcheck-0.9.0.gem +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c20562eb72f671cb97f212cd1eba23b56bb536ff
|
|
4
|
+
data.tar.gz: 708991cda40f732a0a7227ddd7237d6853682c52
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ddd27cf5c945cc4829da97285e503060db844049bf239a049b41383f094eb14c0a012bf4a457d0151ab30841b599291a9134d8b2c8cee881b9a2de0ff4ba5d39
|
|
7
|
+
data.tar.gz: 76cf8262a72908aa519bea9f2e3af3ab5ab13bd3134200cad7928c5bf0856b4c9a6e3e3c1fa03fbd646abb22aa742f3f7c3d118ef37ed6ec56be335502fc1b3b
|
|
@@ -30,5 +30,16 @@ module SSLCheck
|
|
|
30
30
|
expect(@check.ca_bundle).to be
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
|
+
context "when the common name is not correct" do
|
|
34
|
+
before do
|
|
35
|
+
@check = Check.new.check('https://mismatch.examples.sslinsight.com')
|
|
36
|
+
end
|
|
37
|
+
it 'should not be valid' do
|
|
38
|
+
expect(@check.valid?).to_not be
|
|
39
|
+
end
|
|
40
|
+
it 'should have errors' do
|
|
41
|
+
expect(@check.errors).to_not be_empty
|
|
42
|
+
end
|
|
43
|
+
end
|
|
33
44
|
end
|
|
34
45
|
end
|
data/lib/sslcheck/check.rb
CHANGED
data/lib/sslcheck/validator.rb
CHANGED
|
@@ -12,7 +12,8 @@ module SSLCheck
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def matching_wildcard_domain
|
|
15
|
-
true if (@peer_cert.common_name.match(/\*\./) && @common_name.include?(@peer_cert.common_name.gsub(/\*\./,'')))
|
|
15
|
+
return true if (@peer_cert.common_name.match(/\*\./) && @common_name.include?(@peer_cert.common_name.gsub(/\*\./,'')))
|
|
16
|
+
false
|
|
16
17
|
end
|
|
17
18
|
|
|
18
19
|
def direct_common_name_match
|
data/lib/sslcheck/version.rb
CHANGED
data/spec/cert_fixtures.rb
CHANGED
|
@@ -812,3 +812,37 @@ ReYNnyicsbkqWletNw+vHX/bvZ8=
|
|
|
812
812
|
"""
|
|
813
813
|
|
|
814
814
|
VALID_CA_BUNDLE = [CA_PARENT, CA_GRAND_PARENT, CA_GREAT_GRAND_PARENT]
|
|
815
|
+
|
|
816
|
+
APP_SSL_INSIGHT_CERT = """
|
|
817
|
+
-----BEGIN CERTIFICATE-----
|
|
818
|
+
MIIFWjCCBEKgAwIBAgIQSXt7yzPv7c88GVt1NwDupzANBgkqhkiG9w0BAQsFADCB
|
|
819
|
+
kDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
|
|
820
|
+
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV
|
|
821
|
+
BAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
|
|
822
|
+
QTAeFw0xNTA0MDMwMDAwMDBaFw0xNjA0MDIyMzU5NTlaMFYxITAfBgNVBAsTGERv
|
|
823
|
+
bWFpbiBDb250cm9sIFZhbGlkYXRlZDEUMBIGA1UECxMLUG9zaXRpdmVTU0wxGzAZ
|
|
824
|
+
BgNVBAMTEmFwcC5zc2xpbnNpZ2h0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
|
825
|
+
ADCCAQoCggEBAOMvQ5zflXGZ6JM7fjyOiOvaYsQepgiegG7uxISWCzCXa+lA49xo
|
|
826
|
+
Or2j7Il5HsuOfF9LuCKFo+1H6+V8X71xqZK4P8IW7Z31iyFmw6uIczuhzwVRs1YJ
|
|
827
|
+
xoE8DzErmtKFSV4IHeEgbNZsZlkfdA7YflSTSXwxcDisJv7STFxLNiGHbu1dCVOl
|
|
828
|
+
j3C1ipiF5rZbwh2P8pUcQwGkp8OWr1XS4K7bsDiRqDTuslykOPyAPEqwgKJu1tAm
|
|
829
|
+
lW0tIs653qRuW7VySmBexBNonQ8HmSqO4NVpqejpy+tSS9VrcADS4UGTpwUUQG7V
|
|
830
|
+
2yA8ymg9RnyaKOLoe7wgkwyy/3YyJE44e1MCAwEAAaOCAecwggHjMB8GA1UdIwQY
|
|
831
|
+
MBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBTsG2YDDmHoOTHQZEmO
|
|
832
|
+
A/hUsAr4FDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
|
|
833
|
+
BggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzAr
|
|
834
|
+
MCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZn
|
|
835
|
+
gQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20v
|
|
836
|
+
Q09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYI
|
|
837
|
+
KwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNv
|
|
838
|
+
bS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQG
|
|
839
|
+
CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wNQYDVR0RBC4wLIIS
|
|
840
|
+
YXBwLnNzbGluc2lnaHQuY29tghZ3d3cuYXBwLnNzbGluc2lnaHQuY29tMA0GCSqG
|
|
841
|
+
SIb3DQEBCwUAA4IBAQBugXKmDVrHxahyQhOc4FJjV3QeMlgu2wHwjziUdwCFFVLA
|
|
842
|
+
HrJjNsdkgL0/yggTafwHYSq2FF1ZrP8w261frl+JpLSB/Xmfe8eai6lN6/vAGH8U
|
|
843
|
+
vckcrWFEwoEDp1ui4sWEfibHjaDjIcNRkSBuaodhK9Y8OPlhzO0Sw/hRQ1rfaQF1
|
|
844
|
+
y4RKl6auZwAmccdcYDICrbHqocX76tSyZMi6UmE3kQzqH5YUAVP4G3pAn2/kCI4p
|
|
845
|
+
X4nnqR6A1Qz7WsWIY0PdHA4wK5sOSy11a3c7Z2vOABG8LF6HL/UZZIVvSnDvoPWT
|
|
846
|
+
FXKBj7iNTKZDyn1G8b0kxE7zaLF6kAryW3F7IXr0
|
|
847
|
+
-----END CERTIFICATE-----
|
|
848
|
+
"""
|
data/spec/check_spec.rb
CHANGED
|
@@ -111,6 +111,13 @@ module SSLCheck
|
|
|
111
111
|
expect(@sut.valid?).to be
|
|
112
112
|
end
|
|
113
113
|
end
|
|
114
|
+
context "when the certificate is invalid" do
|
|
115
|
+
it 'should bubble up any errors found during validation' do
|
|
116
|
+
@sut = Check.new(FakeClient.new(FakeClientResponse.new(@peer_cert, @ca_bundle)), FakeValidator.new(false, [SSLCheck::Errors::GenericError.new({:name => "generic error", :message => "generic error"})]))
|
|
117
|
+
@sut.check('www.example.com')
|
|
118
|
+
expect(@sut.errors.empty?).to_not be
|
|
119
|
+
end
|
|
120
|
+
end
|
|
114
121
|
end
|
|
115
122
|
end
|
|
116
123
|
end
|
|
@@ -27,7 +27,6 @@ module SSLCheck
|
|
|
27
27
|
expect(result).to_not be
|
|
28
28
|
end
|
|
29
29
|
end
|
|
30
|
-
|
|
31
30
|
end
|
|
32
31
|
context "when the common name is mismatched" do
|
|
33
32
|
it 'should return errors' do
|
|
@@ -36,5 +35,18 @@ module SSLCheck
|
|
|
36
35
|
expect(result).to be_a SSLCheck::Errors::Validation::CommonNameMismatch
|
|
37
36
|
end
|
|
38
37
|
end
|
|
38
|
+
context "When not a wildcard domain" do
|
|
39
|
+
|
|
40
|
+
context "and part of the common name matches" do
|
|
41
|
+
@cert = Certificate.new(APP_SSL_INSIGHT_CERT)
|
|
42
|
+
@ca_bundle = [Certificate.new(CA_PARENT), Certificate.new(CA_GRAND_PARENT)]
|
|
43
|
+
it 'should return errors' do
|
|
44
|
+
sut = Validators::CommonName.new("mismatch.examples.sslinsight.com", @cert, @ca_bundle)
|
|
45
|
+
result = sut.validate
|
|
46
|
+
expect(result).to be_a SSLCheck::Errors::Validation::CommonNameMismatch
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
39
51
|
end
|
|
40
52
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sslcheck
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.9.4
|
|
4
|
+
version: 0.9.4.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Clayton Lengel-Zigich
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-04-
|
|
11
|
+
date: 2015-04-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -140,7 +140,6 @@ files:
|
|
|
140
140
|
- spec/response_spec.rb
|
|
141
141
|
- spec/spec_helper.rb
|
|
142
142
|
- spec/validator_spec.rb
|
|
143
|
-
- sslcheck-0.9.0.gem
|
|
144
143
|
- sslcheck.gemspec
|
|
145
144
|
homepage: http://github.com/clayton/sslcheck
|
|
146
145
|
licenses:
|
data/sslcheck-0.9.0.gem
DELETED
|
Binary file
|