yawast 0.6.0.beta5 → 0.6.0.beta6

data/test/test_cmd_util.rb

@@ -16,6 +16,12 @@ class TestCommandUtils < Minitest::Test
     assert_equal uri.to_s, 'http://www.apple.com/'
   end
 
+  def test_partial_path_url
+    args = ['www.apple.com/ipad']
+    uri = Yawast::Commands::Utils.extract_uri args
+    assert_equal uri.to_s, 'http://www.apple.com/ipad/'
+  end
+
   def test_invalid_url
     args = ['xxx:\invalid']
 

data/test/test_shared_http.rb

@@ -8,6 +8,29 @@ class TestSharedHttp < Minitest::Test
     @uri = URI::Parser.new.parse 'https://www.apple.com/library/test/success.html'
   end
 
+  def test_setup
+    override_stdout
+
+    Yawast::Shared::Http.setup '127.0.0.1:8080', '1=2'
+
+    assert stdout_value.include?('Using Proxy: 127.0.0.1:8080'), "Proxy notice not found: #{stdout_value}"
+    assert stdout_value.include?('Using Cookie: 1=2'), "Cookie notice not found: #{stdout_value}"
+
+    # run setup again to make sure things are reset
+    Yawast::Shared::Http.setup nil, nil
+
+    restore_stdout
+  end
+
+  def test_get_headers
+    Yawast::Shared::Http.setup nil, '1=2'
+    header = { 'Test' => 1 }
+
+    ret = Yawast::Shared::Http.get_headers header
+
+    assert ret != nil, 'Headers are nil'
+  end
+
   def test_get_apple_success
     Yawast::Shared::Http.setup nil, nil
     body = Yawast::Shared::Http.get @uri

data/test/test_ssl.rb

@@ -40,4 +40,35 @@ class TestSSLLabsAnalyze < Minitest::Test
 
     restore_stdout
   end
+
+  def test_check_ssl_redir
+    uri = URI::Parser.new.parse 'http://adamcaudill.com/'
+    ret = Yawast::Scanner::Plugins::SSL::SSL.check_for_ssl_redirect uri
+
+    assert ret.to_s == 'https://adamcaudill.com/', "Redirect incorrect: #{ret}"
+  end
+
+  def test_check_no_ssl_redir
+    uri = URI::Parser.new.parse 'http://example.com/'
+    ret = Yawast::Scanner::Plugins::SSL::SSL.check_for_ssl_redirect uri
+
+    assert ret == nil, "Redirect incorrect: #{ret}"
+  end
+
+  def test_set_ossl_opts
+    # this is *awful* - all it does is run the code without checking anything
+    Yawast::Scanner::Plugins::SSL::SSL.set_openssl_options
+  end
+
+  def test_ossl_info
+    uri = URI::Parser.new.parse 'https://adamcaudill.com/'
+
+    override_stdout
+
+    Yawast::Scanner::Plugins::SSL::SSL.ssl_connection_info uri
+
+    assert stdout_value.include?('SSL-Session'), "SSL-Session not found in #{stdout_value}"
+
+    restore_stdout
+  end
 end

data/test/test_ssl_labs_analyze.rb

@@ -74,4 +74,34 @@ class TestSSLLabsAnalyze < Minitest::Test
 
     restore_stdout
   end
+
+  def test_process_data_act_is
+    override_stdout
+
+    uri = URI.parse 'https://activationservice1.installshield.com/'
+    body = JSON.parse(File.read(File.dirname(__FILE__) + '/data/ssl_labs_analyze_data_activationservice1_installshield_com.json'))
+
+    Yawast::Scanner::SslLabs.process_results uri, body, false
+
+    assert stdout_value.include?('installshield.com'), "domain name not found in #{stdout_value}"
+    assert stdout_value.include?('Root Stores: Mozilla (trusted)'), "root store name not found in #{stdout_value}"
+    assert !stdout_value.include?('[E]'), "Error message found in #{stdout_value}"
+
+    restore_stdout
+  end
+
+  def test_process_data_forest_gov
+    override_stdout
+
+    uri = URI.parse 'https://www.forest.gov.tw/'
+    body = JSON.parse(File.read(File.dirname(__FILE__) + '/data/ssl_labs_analyze_data_forest_gov_tw.json'))
+
+    Yawast::Scanner::SslLabs.process_results uri, body, false
+
+    assert stdout_value.include?('www.forest.gov.tw'), "domain name not found in #{stdout_value}"
+    assert stdout_value.include?('Root Stores: Apple (trusted) Windows (trusted)'), "root store name not found in #{stdout_value}"
+    assert !stdout_value.include?('[E]'), "Error message found in #{stdout_value}"
+
+    restore_stdout
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yawast
 version: !ruby/object:Gem::Version
-  version: 0.6.0.beta5
+  version: 0.6.0.beta6
 platform: ruby
 authors:
 - Adam Caudill
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-10-23 00:00:00.000000000 Z
+date: 2018-01-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: commander
@@ -200,7 +200,9 @@ files:
 - test/data/hsts_server_header.txt
 - test/data/iis_server_header.txt
 - test/data/ssl_labs_analyze_data.json
+- test/data/ssl_labs_analyze_data_activationservice1_installshield_com.json
 - test/data/ssl_labs_analyze_data_file_zetlab_com.json
+- test/data/ssl_labs_analyze_data_forest_gov_tw.json
 - test/data/ssl_labs_analyze_data_parivahan_gov_in.json
 - test/data/ssl_labs_analyze_start.json
 - test/data/ssl_labs_info.json
@@ -248,7 +250,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.1
 requirements: []
 rubyforge_project: yawast
-rubygems_version: 2.4.8
+rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
 summary: The YAWAST Antecedent Web Application Security Toolkit
@@ -262,7 +264,9 @@ test_files:
 - test/data/hsts_server_header.txt
 - test/data/iis_server_header.txt
 - test/data/ssl_labs_analyze_data.json
+- test/data/ssl_labs_analyze_data_activationservice1_installshield_com.json
 - test/data/ssl_labs_analyze_data_file_zetlab_com.json
+- test/data/ssl_labs_analyze_data_forest_gov_tw.json
 - test/data/ssl_labs_analyze_data_parivahan_gov_in.json
 - test/data/ssl_labs_analyze_start.json
 - test/data/ssl_labs_info.json