RubyGems - tls-checker - Versions diffs - 1.1.1 → 1.2.0 - Mend

tls-checker 1.1.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +8 -1
data/exe/tls-checker +4 -4
data/lib/tls-checker/certificate_checker.rb +4 -0
data/lib/tls-checker/certificate_checker_factory.rb +1 -0
data/lib/tls-checker/tlsa_checker_factory.rb +1 -0
data/lib/tls-checker/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ce545144ea29f3fd2dbdabfa80e2390fc1fa5856e2c15a569844fa48123801f
-  data.tar.gz: 96475b0c4a3a51c93e665df117de9763cbb8a7ef5b314e6ff95d8eea3a7a8eef
+  metadata.gz: 436c913ebd77a63c430df1dc3a365d4458c58cdd4e6070d3db7aed7ead5ddb95
+  data.tar.gz: 5e23c16c3717c32fb6d558f0d5fc5f48d61bbcf50e36e76ca0418752e913a0e0
 SHA512:
-  metadata.gz: 85f17f395246854272299b83f1b95e9a13364b1ac0402f9bda6a0f0ebf2a5668535ffc1df4c5fc53855fa4309db55f71a9e59a8b1b0b47904e7a0aeeccf29c86
-  data.tar.gz: ab63e727076b9464c58b5747201a0ea747a3628e7523bdc9320244058756be6375a0089d44bd4d8145928dbe1a94ef249b2a0c571a2b7f8e0e33bb9bef18d5d1
+  metadata.gz: 5e9e9015b20136f0b7e0ceba16ea67415af17fc8efbfe4282ee97da238039081567a99126c5b71cffa24e13e8d1088d58193d5efda7a15dc7be1b137a1aa8764
+  data.tar.gz: 39ae43f8abeeb2e8258a82657eeee08f38bb0fc75af554da7d66e7cd5421ef97419c5421cbabda86737b65fb8e83bfdb2bca959e5b5d46e16e97d2e77ad4bea1

data/CHANGELOG.md CHANGED

@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [1.2.0]
+- Skip completely TLSA check if a connexion certificate cannot be fetched;
+- Do not generate an event when a connexion to a remote service is not
+  possible.
 ## [1.1.1]
 - Handle Errno::EHOSTUNREACH exceptions gracefully when attempting to fetch a
@@ -17,6 +23,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Make it possible to test services using an IP address;
 - Report validity of certificates when a TLSA record is found in the DNS.
-[Unreleased]: https://github.com/smortex/tls-checker/compare/v1.1.1...HEAD
+[Unreleased]: https://github.com/smortex/tls-checker/compare/v1.2.0...HEAD
+[1.2.0]: https://github.com/smortex/tls-checker/compare/v1.1.1...v1.2.0
 [1.1.1]: https://github.com/smortex/tls-checker/compare/v1.1.0...v1.1.1
 [1.1.0]: https://github.com/smortex/tls-checker/compare/v1.0.0...v1.1.0

data/exe/tls-checker CHANGED

@@ -5,8 +5,6 @@ require 'json'
 require 'optparse'
 require 'tls-checker'
-factory = TLSChecker::CertificateCheckerFactory.new
 options = {
   output: $stdout,
 }
@@ -19,8 +17,10 @@ OptionParser.new do |opts|
   end
 end.parse!
-ARGV.each do |arg|
-  factory.certificate_checkers_for(arg).each do |checker|
+factory = TLSChecker::CertificateCheckerFactory.new
+ARGV.each do |specification|
+  factory.certificate_checkers_for(specification).each do |checker|
     options[:output].puts checker.to_e.to_json
   end
 end

data/lib/tls-checker/certificate_checker.rb CHANGED

@@ -34,6 +34,10 @@ module TLSChecker
       )
     end
+    def check
+      !!certificate
+    end
     def to_s
       description
     end

data/lib/tls-checker/certificate_checker_factory.rb CHANGED

@@ -25,6 +25,7 @@ module TLSChecker
         ]
       rescue IPAddr::InvalidAddressError
         certificate_checkers = @resolver.getaddresses(hostname).map { |ip| CertificateChecker.new(hostname, ip, port, starttls) }
+        certificate_checkers.select!(&:check)
         factory = TLSACheckerFactory.new

data/lib/tls-checker/tlsa_checker_factory.rb CHANGED

@@ -8,6 +8,7 @@ module TLSChecker
     def tlsa_checkers_for(certificate_checker)
       res = []
+      return res unless certificate_checker.certificate
       each_tlsa_end_entity_record(certificate_checker) do |record|
         checker = TLSAChecker.new(record, certificate_checker)

data/lib/tls-checker/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module TlsChecker
-  VERSION = '1.1.1'
+  VERSION = '1.2.0'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tls-checker
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.2.0
 platform: ruby
 authors:
 - Romain Tartière
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-01 00:00:00.000000000 Z
+date: 2019-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: internet_security_event