RubyGems - tls-checker - Versions diffs - 1.1.1 → 1.2.0 - Mend

tls-checker 1.1.1 → 1.2.0

Files changed (8) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ce545144ea29f3fd2dbdabfa80e2390fc1fa5856e2c15a569844fa48123801f
-  data.tar.gz: 96475b0c4a3a51c93e665df117de9763cbb8a7ef5b314e6ff95d8eea3a7a8eef
+  metadata.gz: 436c913ebd77a63c430df1dc3a365d4458c58cdd4e6070d3db7aed7ead5ddb95
+  data.tar.gz: 5e23c16c3717c32fb6d558f0d5fc5f48d61bbcf50e36e76ca0418752e913a0e0
 SHA512:
-  metadata.gz: 85f17f395246854272299b83f1b95e9a13364b1ac0402f9bda6a0f0ebf2a5668535ffc1df4c5fc53855fa4309db55f71a9e59a8b1b0b47904e7a0aeeccf29c86
-  data.tar.gz: ab63e727076b9464c58b5747201a0ea747a3628e7523bdc9320244058756be6375a0089d44bd4d8145928dbe1a94ef249b2a0c571a2b7f8e0e33bb9bef18d5d1
+  metadata.gz: 5e9e9015b20136f0b7e0ceba16ea67415af17fc8efbfe4282ee97da238039081567a99126c5b71cffa24e13e8d1088d58193d5efda7a15dc7be1b137a1aa8764
+  data.tar.gz: 39ae43f8abeeb2e8258a82657eeee08f38bb0fc75af554da7d66e7cd5421ef97419c5421cbabda86737b65fb8e83bfdb2bca959e5b5d46e16e97d2e77ad4bea1

data/CHANGELOG.md CHANGED

@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [1.2.0]
+- Skip completely TLSA check if a connexion certificate cannot be fetched;
+- Do not generate an event when a connexion to a remote service is not
+  possible.
 ## [1.1.1]
 - Handle Errno::EHOSTUNREACH exceptions gracefully when attempting to fetch a
@@ -17,6 +23,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Make it possible to test services using an IP address;
 - Report validity of certificates when a TLSA record is found in the DNS.
-[Unreleased]: https://github.com/smortex/tls-checker/compare/v1.1.1...HEAD
+[Unreleased]: https://github.com/smortex/tls-checker/compare/v1.2.0...HEAD
+[1.2.0]: https://github.com/smortex/tls-checker/compare/v1.1.1...v1.2.0
 [1.1.1]: https://github.com/smortex/tls-checker/compare/v1.1.0...v1.1.1
 [1.1.0]: https://github.com/smortex/tls-checker/compare/v1.0.0...v1.1.0

data/exe/tls-checker CHANGED

@@ -5,8 +5,6 @@ require 'json'
 require 'optparse'
 require 'tls-checker'
-factory = TLSChecker::CertificateCheckerFactory.new
 options = {
   output: $stdout,
 }
@@ -19,8 +17,10 @@ OptionParser.new do |opts|
   end
 end.parse!
-ARGV.each do |arg|
-  factory.certificate_checkers_for(arg).each do |checker|
+factory = TLSChecker::CertificateCheckerFactory.new
+ARGV.each do |specification|
+  factory.certificate_checkers_for(specification).each do |checker|
     options[:output].puts checker.to_e.to_json
   end
 end

@@ -34,6 +34,10 @@ module TLSChecker
       )
     end
+    def check
+      !!certificate
+    end
     def to_s
       description
     end

@@ -25,6 +25,7 @@ module TLSChecker
         ]
       rescue IPAddr::InvalidAddressError
         certificate_checkers = @resolver.getaddresses(hostname).map { |ip| CertificateChecker.new(hostname, ip, port, starttls) }
+        certificate_checkers.select!(&:check)
         factory = TLSACheckerFactory.new

@@ -8,6 +8,7 @@ module TLSChecker
     def tlsa_checkers_for(certificate_checker)
       res = []
+      return res unless certificate_checker.certificate
       each_tlsa_end_entity_record(certificate_checker) do |record|
         checker = TLSAChecker.new(record, certificate_checker)

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module TlsChecker
-  VERSION = '1.1.1'
+  VERSION = '1.2.0'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tls-checker
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.2.0
 platform: ruby
 authors:
 - Romain Tartière
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-01 00:00:00.000000000 Z
+date: 2019-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: internet_security_event