commit
97c46bea93
76 changed files with 2098 additions and 0 deletions
@ -0,0 +1,12 @@ |
|||
/.bundle/ |
|||
/db/*.sqlite3 |
|||
/db/*.sqlite3-journal |
|||
/log/* |
|||
!/log/.keep |
|||
/tmp |
|||
/public/assets/ |
|||
*.iml |
|||
Gemfile.lock |
|||
.generators |
|||
.rakeTasks |
|||
|
@ -0,0 +1,41 @@ |
|||
source 'https://rubygems.org' |
|||
|
|||
gem 'rails', '4.2.1' |
|||
|
|||
gem 'sqlite3' |
|||
gem 'cryptcheck', '~> 1.0.0', path: File.expand_path(File.join File.dirname(__FILE__), '../cryptcheck') |
|||
gem 'sidekiq', '~> 3.4.2' |
|||
gem 'stretcher', '~> 1.21.1' |
|||
#gem 'mongo', '~> 2.0.6' |
|||
gem 'faraday', '~> 0.8.9' # For stretcher compatibility |
|||
gem 'simpleidn', '~> 0.0.5' |
|||
|
|||
group :assets do |
|||
gem 'therubyracer', platforms: :ruby |
|||
gem 'uglifier' |
|||
|
|||
gem 'sass-rails', '~> 5.0.3' |
|||
gem 'coffee-rails', '~> 4.1.0' |
|||
gem 'jquery-rails', '~> 4.0.4' |
|||
gem 'bootstrap-sass', '~> 3.3.5' |
|||
gem 'font-awesome-sass', '~> 4.4.0' |
|||
end |
|||
|
|||
group :development, :test do |
|||
gem 'puma' |
|||
gem 'byebug' |
|||
gem 'web-console' |
|||
gem 'spring' |
|||
|
|||
gem 'debase' |
|||
gem 'ruby-debug-ide' |
|||
gem 'pry-rails' |
|||
|
|||
gem 'better_errors' |
|||
gem 'binding_of_caller' |
|||
gem 'quiet_assets' |
|||
|
|||
gem 'guard-livereload', require: false |
|||
gem 'rack-livereload' |
|||
end |
|||
|
@ -0,0 +1,8 @@ |
|||
guard 'livereload' do |
|||
watch(%r{app/views/.+\.(erb|haml|slim)$}) |
|||
watch(%r{app/helpers/.+\.rb}) |
|||
watch(%r{public/.+\.(css|js|html)}) |
|||
watch(%r{config/locales/.+\.yml}) |
|||
# Rails Assets Pipeline |
|||
watch(%r{(app|vendor)(/assets/\w+/(.+\.(css|js|html|png|jpg|coffee|scss))).*}) { |m| "/assets/#{m[3]}" } |
|||
end |
@ -0,0 +1,661 @@ |
|||
GNU AFFERO GENERAL PUBLIC LICENSE |
|||
Version 3, 19 November 2007 |
|||
|
|||
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> |
|||
Everyone is permitted to copy and distribute verbatim copies |
|||
of this license document, but changing it is not allowed. |
|||
|
|||
Preamble |
|||
|
|||
The GNU Affero General Public License is a free, copyleft license for |
|||
software and other kinds of works, specifically designed to ensure |
|||
cooperation with the community in the case of network server software. |
|||
|
|||
The licenses for most software and other practical works are designed |
|||
to take away your freedom to share and change the works. By contrast, |
|||
our General Public Licenses are intended to guarantee your freedom to |
|||
share and change all versions of a program--to make sure it remains free |
|||
software for all its users. |
|||
|
|||
When we speak of free software, we are referring to freedom, not |
|||
price. Our General Public Licenses are designed to make sure that you |
|||
have the freedom to distribute copies of free software (and charge for |
|||
them if you wish), that you receive source code or can get it if you |
|||
want it, that you can change the software or use pieces of it in new |
|||
free programs, and that you know you can do these things. |
|||
|
|||
Developers that use our General Public Licenses protect your rights |
|||
with two steps: (1) assert copyright on the software, and (2) offer |
|||
you this License which gives you legal permission to copy, distribute |
|||
and/or modify the software. |
|||
|
|||
A secondary benefit of defending all users' freedom is that |
|||
improvements made in alternate versions of the program, if they |
|||
receive widespread use, become available for other developers to |
|||
incorporate. Many developers of free software are heartened and |
|||
encouraged by the resulting cooperation. However, in the case of |
|||
software used on network servers, this result may fail to come about. |
|||
The GNU General Public License permits making a modified version and |
|||
letting the public access it on a server without ever releasing its |
|||
source code to the public. |
|||
|
|||
The GNU Affero General Public License is designed specifically to |
|||
ensure that, in such cases, the modified source code becomes available |
|||
to the community. It requires the operator of a network server to |
|||
provide the source code of the modified version running there to the |
|||
users of that server. Therefore, public use of a modified version, on |
|||
a publicly accessible server, gives the public access to the source |
|||
code of the modified version. |
|||
|
|||
An older license, called the Affero General Public License and |
|||
published by Affero, was designed to accomplish similar goals. This is |
|||
a different license, not a version of the Affero GPL, but Affero has |
|||
released a new version of the Affero GPL which permits relicensing under |
|||
this license. |
|||
|
|||
The precise terms and conditions for copying, distribution and |
|||
modification follow. |
|||
|
|||
TERMS AND CONDITIONS |
|||
|
|||
0. Definitions. |
|||
|
|||
"This License" refers to version 3 of the GNU Affero General Public License. |
|||
|
|||
"Copyright" also means copyright-like laws that apply to other kinds of |
|||
works, such as semiconductor masks. |
|||
|
|||
"The Program" refers to any copyrightable work licensed under this |
|||
License. Each licensee is addressed as "you". "Licensees" and |
|||
"recipients" may be individuals or organizations. |
|||
|
|||
To "modify" a work means to copy from or adapt all or part of the work |
|||
in a fashion requiring copyright permission, other than the making of an |
|||
exact copy. The resulting work is called a "modified version" of the |
|||
earlier work or a work "based on" the earlier work. |
|||
|
|||
A "covered work" means either the unmodified Program or a work based |
|||
on the Program. |
|||
|
|||
To "propagate" a work means to do anything with it that, without |
|||
permission, would make you directly or secondarily liable for |
|||
infringement under applicable copyright law, except executing it on a |
|||
computer or modifying a private copy. Propagation includes copying, |
|||
distribution (with or without modification), making available to the |
|||
public, and in some countries other activities as well. |
|||
|
|||
To "convey" a work means any kind of propagation that enables other |
|||
parties to make or receive copies. Mere interaction with a user through |
|||
a computer network, with no transfer of a copy, is not conveying. |
|||
|
|||
An interactive user interface displays "Appropriate Legal Notices" |
|||
to the extent that it includes a convenient and prominently visible |
|||
feature that (1) displays an appropriate copyright notice, and (2) |
|||
tells the user that there is no warranty for the work (except to the |
|||
extent that warranties are provided), that licensees may convey the |
|||
work under this License, and how to view a copy of this License. If |
|||
the interface presents a list of user commands or options, such as a |
|||
menu, a prominent item in the list meets this criterion. |
|||
|
|||
1. Source Code. |
|||
|
|||
The "source code" for a work means the preferred form of the work |
|||
for making modifications to it. "Object code" means any non-source |
|||
form of a work. |
|||
|
|||
A "Standard Interface" means an interface that either is an official |
|||
standard defined by a recognized standards body, or, in the case of |
|||
interfaces specified for a particular programming language, one that |
|||
is widely used among developers working in that language. |
|||
|
|||
The "System Libraries" of an executable work include anything, other |
|||
than the work as a whole, that (a) is included in the normal form of |
|||
packaging a Major Component, but which is not part of that Major |
|||
Component, and (b) serves only to enable use of the work with that |
|||
Major Component, or to implement a Standard Interface for which an |
|||
implementation is available to the public in source code form. A |
|||
"Major Component", in this context, means a major essential component |
|||
(kernel, window system, and so on) of the specific operating system |
|||
(if any) on which the executable work runs, or a compiler used to |
|||
produce the work, or an object code interpreter used to run it. |
|||
|
|||
The "Corresponding Source" for a work in object code form means all |
|||
the source code needed to generate, install, and (for an executable |
|||
work) run the object code and to modify the work, including scripts to |
|||
control those activities. However, it does not include the work's |
|||
System Libraries, or general-purpose tools or generally available free |
|||
programs which are used unmodified in performing those activities but |
|||
which are not part of the work. For example, Corresponding Source |
|||
includes interface definition files associated with source files for |
|||
the work, and the source code for shared libraries and dynamically |
|||
linked subprograms that the work is specifically designed to require, |
|||
such as by intimate data communication or control flow between those |
|||
subprograms and other parts of the work. |
|||
|
|||
The Corresponding Source need not include anything that users |
|||
can regenerate automatically from other parts of the Corresponding |
|||
Source. |
|||
|
|||
The Corresponding Source for a work in source code form is that |
|||
same work. |
|||
|
|||
2. Basic Permissions. |
|||
|
|||
All rights granted under this License are granted for the term of |
|||
copyright on the Program, and are irrevocable provided the stated |
|||
conditions are met. This License explicitly affirms your unlimited |
|||
permission to run the unmodified Program. The output from running a |
|||
covered work is covered by this License only if the output, given its |
|||
content, constitutes a covered work. This License acknowledges your |
|||
rights of fair use or other equivalent, as provided by copyright law. |
|||
|
|||
You may make, run and propagate covered works that you do not |
|||
convey, without conditions so long as your license otherwise remains |
|||
in force. You may convey covered works to others for the sole purpose |
|||
of having them make modifications exclusively for you, or provide you |
|||
with facilities for running those works, provided that you comply with |
|||
the terms of this License in conveying all material for which you do |
|||
not control copyright. Those thus making or running the covered works |
|||
for you must do so exclusively on your behalf, under your direction |
|||
and control, on terms that prohibit them from making any copies of |
|||
your copyrighted material outside their relationship with you. |
|||
|
|||
Conveying under any other circumstances is permitted solely under |
|||
the conditions stated below. Sublicensing is not allowed; section 10 |
|||
makes it unnecessary. |
|||
|
|||
3. Protecting Users' Legal Rights From Anti-Circumvention Law. |
|||
|
|||
No covered work shall be deemed part of an effective technological |
|||
measure under any applicable law fulfilling obligations under article |
|||
11 of the WIPO copyright treaty adopted on 20 December 1996, or |
|||
similar laws prohibiting or restricting circumvention of such |
|||
measures. |
|||
|
|||
When you convey a covered work, you waive any legal power to forbid |
|||
circumvention of technological measures to the extent such circumvention |
|||
is effected by exercising rights under this License with respect to |
|||
the covered work, and you disclaim any intention to limit operation or |
|||
modification of the work as a means of enforcing, against the work's |
|||
users, your or third parties' legal rights to forbid circumvention of |
|||
technological measures. |
|||
|
|||
4. Conveying Verbatim Copies. |
|||
|
|||
You may convey verbatim copies of the Program's source code as you |
|||
receive it, in any medium, provided that you conspicuously and |
|||
appropriately publish on each copy an appropriate copyright notice; |
|||
keep intact all notices stating that this License and any |
|||
non-permissive terms added in accord with section 7 apply to the code; |
|||
keep intact all notices of the absence of any warranty; and give all |
|||
recipients a copy of this License along with the Program. |
|||
|
|||
You may charge any price or no price for each copy that you convey, |
|||
and you may offer support or warranty protection for a fee. |
|||
|
|||
5. Conveying Modified Source Versions. |
|||
|
|||
You may convey a work based on the Program, or the modifications to |
|||
produce it from the Program, in the form of source code under the |
|||
terms of section 4, provided that you also meet all of these conditions: |
|||
|
|||
a) The work must carry prominent notices stating that you modified |
|||
it, and giving a relevant date. |
|||
|
|||
b) The work must carry prominent notices stating that it is |
|||
released under this License and any conditions added under section |
|||
7. This requirement modifies the requirement in section 4 to |
|||
"keep intact all notices". |
|||
|
|||
c) You must license the entire work, as a whole, under this |
|||
License to anyone who comes into possession of a copy. This |
|||
License will therefore apply, along with any applicable section 7 |
|||
additional terms, to the whole of the work, and all its parts, |
|||
regardless of how they are packaged. This License gives no |
|||
permission to license the work in any other way, but it does not |
|||
invalidate such permission if you have separately received it. |
|||
|
|||
d) If the work has interactive user interfaces, each must display |
|||
Appropriate Legal Notices; however, if the Program has interactive |
|||
interfaces that do not display Appropriate Legal Notices, your |
|||
work need not make them do so. |
|||
|
|||
A compilation of a covered work with other separate and independent |
|||
works, which are not by their nature extensions of the covered work, |
|||
and which are not combined with it such as to form a larger program, |
|||
in or on a volume of a storage or distribution medium, is called an |
|||
"aggregate" if the compilation and its resulting copyright are not |
|||
used to limit the access or legal rights of the compilation's users |
|||
beyond what the individual works permit. Inclusion of a covered work |
|||
in an aggregate does not cause this License to apply to the other |
|||
parts of the aggregate. |
|||
|
|||
6. Conveying Non-Source Forms. |
|||
|
|||
You may convey a covered work in object code form under the terms |
|||
of sections 4 and 5, provided that you also convey the |
|||
machine-readable Corresponding Source under the terms of this License, |
|||
in one of these ways: |
|||
|
|||
a) Convey the object code in, or embodied in, a physical product |
|||
(including a physical distribution medium), accompanied by the |
|||
Corresponding Source fixed on a durable physical medium |
|||
customarily used for software interchange. |
|||
|
|||
b) Convey the object code in, or embodied in, a physical product |
|||
(including a physical distribution medium), accompanied by a |
|||
written offer, valid for at least three years and valid for as |
|||
long as you offer spare parts or customer support for that product |
|||
model, to give anyone who possesses the object code either (1) a |
|||
copy of the Corresponding Source for all the software in the |
|||
product that is covered by this License, on a durable physical |
|||
medium customarily used for software interchange, for a price no |
|||
more than your reasonable cost of physically performing this |
|||
conveying of source, or (2) access to copy the |
|||
Corresponding Source from a network server at no charge. |
|||
|
|||
c) Convey individual copies of the object code with a copy of the |
|||
written offer to provide the Corresponding Source. This |
|||
alternative is allowed only occasionally and noncommercially, and |
|||
only if you received the object code with such an offer, in accord |
|||
with subsection 6b. |
|||
|
|||
d) Convey the object code by offering access from a designated |
|||
place (gratis or for a charge), and offer equivalent access to the |
|||
Corresponding Source in the same way through the same place at no |
|||
further charge. You need not require recipients to copy the |
|||
Corresponding Source along with the object code. If the place to |
|||
copy the object code is a network server, the Corresponding Source |
|||
may be on a different server (operated by you or a third party) |
|||
that supports equivalent copying facilities, provided you maintain |
|||
clear directions next to the object code saying where to find the |
|||
Corresponding Source. Regardless of what server hosts the |
|||
Corresponding Source, you remain obligated to ensure that it is |
|||
available for as long as needed to satisfy these requirements. |
|||
|
|||
e) Convey the object code using peer-to-peer transmission, provided |
|||
you inform other peers where the object code and Corresponding |
|||
Source of the work are being offered to the general public at no |
|||
charge under subsection 6d. |
|||
|
|||
A separable portion of the object code, whose source code is excluded |
|||
from the Corresponding Source as a System Library, need not be |
|||
included in conveying the object code work. |
|||
|
|||
A "User Product" is either (1) a "consumer product", which means any |
|||
tangible personal property which is normally used for personal, family, |
|||
or household purposes, or (2) anything designed or sold for incorporation |
|||
into a dwelling. In determining whether a product is a consumer product, |
|||
doubtful cases shall be resolved in favor of coverage. For a particular |
|||
product received by a particular user, "normally used" refers to a |
|||
typical or common use of that class of product, regardless of the status |
|||
of the particular user or of the way in which the particular user |
|||
actually uses, or expects or is expected to use, the product. A product |
|||
is a consumer product regardless of whether the product has substantial |
|||
commercial, industrial or non-consumer uses, unless such uses represent |
|||
the only significant mode of use of the product. |
|||
|
|||
"Installation Information" for a User Product means any methods, |
|||
procedures, authorization keys, or other information required to install |
|||
and execute modified versions of a covered work in that User Product from |
|||
a modified version of its Corresponding Source. The information must |
|||
suffice to ensure that the continued functioning of the modified object |
|||
code is in no case prevented or interfered with solely because |
|||
modification has been made. |
|||
|
|||
If you convey an object code work under this section in, or with, or |
|||
specifically for use in, a User Product, and the conveying occurs as |
|||
part of a transaction in which the right of possession and use of the |
|||
User Product is transferred to the recipient in perpetuity or for a |
|||
fixed term (regardless of how the transaction is characterized), the |
|||
Corresponding Source conveyed under this section must be accompanied |
|||
by the Installation Information. But this requirement does not apply |
|||
if neither you nor any third party retains the ability to install |
|||
modified object code on the User Product (for example, the work has |
|||
been installed in ROM). |
|||
|
|||
The requirement to provide Installation Information does not include a |
|||
requirement to continue to provide support service, warranty, or updates |
|||
for a work that has been modified or installed by the recipient, or for |
|||
the User Product in which it has been modified or installed. Access to a |
|||
network may be denied when the modification itself materially and |
|||
adversely affects the operation of the network or violates the rules and |
|||
protocols for communication across the network. |
|||
|
|||
Corresponding Source conveyed, and Installation Information provided, |
|||
in accord with this section must be in a format that is publicly |
|||
documented (and with an implementation available to the public in |
|||
source code form), and must require no special password or key for |
|||
unpacking, reading or copying. |
|||
|
|||
7. Additional Terms. |
|||
|
|||
"Additional permissions" are terms that supplement the terms of this |
|||
License by making exceptions from one or more of its conditions. |
|||
Additional permissions that are applicable to the entire Program shall |
|||
be treated as though they were included in this License, to the extent |
|||
that they are valid under applicable law. If additional permissions |
|||
apply only to part of the Program, that part may be used separately |
|||
under those permissions, but the entire Program remains governed by |
|||
this License without regard to the additional permissions. |
|||
|
|||
When you convey a copy of a covered work, you may at your option |
|||
remove any additional permissions from that copy, or from any part of |
|||
it. (Additional permissions may be written to require their own |
|||
removal in certain cases when you modify the work.) You may place |
|||
additional permissions on material, added by you to a covered work, |
|||
for which you have or can give appropriate copyright permission. |
|||
|
|||
Notwithstanding any other provision of this License, for material you |
|||
add to a covered work, you may (if authorized by the copyright holders of |
|||
that material) supplement the terms of this License with terms: |
|||
|
|||
a) Disclaiming warranty or limiting liability differently from the |
|||
terms of sections 15 and 16 of this License; or |
|||
|
|||
b) Requiring preservation of specified reasonable legal notices or |
|||
author attributions in that material or in the Appropriate Legal |
|||
Notices displayed by works containing it; or |
|||
|
|||
c) Prohibiting misrepresentation of the origin of that material, or |
|||
requiring that modified versions of such material be marked in |
|||
reasonable ways as different from the original version; or |
|||
|
|||
d) Limiting the use for publicity purposes of names of licensors or |
|||
authors of the material; or |
|||
|
|||
e) Declining to grant rights under trademark law for use of some |
|||
trade names, trademarks, or service marks; or |
|||
|
|||
f) Requiring indemnification of licensors and authors of that |
|||
material by anyone who conveys the material (or modified versions of |
|||
it) with contractual assumptions of liability to the recipient, for |
|||
any liability that these contractual assumptions directly impose on |
|||
those licensors and authors. |
|||
|
|||
All other non-permissive additional terms are considered "further |
|||
restrictions" within the meaning of section 10. If the Program as you |
|||
received it, or any part of it, contains a notice stating that it is |
|||
governed by this License along with a term that is a further |
|||
restriction, you may remove that term. If a license document contains |
|||
a further restriction but permits relicensing or conveying under this |
|||
License, you may add to a covered work material governed by the terms |
|||
of that license document, provided that the further restriction does |
|||
not survive such relicensing or conveying. |
|||
|
|||
If you add terms to a covered work in accord with this section, you |
|||
must place, in the relevant source files, a statement of the |
|||
additional terms that apply to those files, or a notice indicating |
|||
where to find the applicable terms. |
|||
|
|||
Additional terms, permissive or non-permissive, may be stated in the |
|||
form of a separately written license, or stated as exceptions; |
|||
the above requirements apply either way. |
|||
|
|||
8. Termination. |
|||
|
|||
You may not propagate or modify a covered work except as expressly |
|||
provided under this License. Any attempt otherwise to propagate or |
|||
modify it is void, and will automatically terminate your rights under |
|||
this License (including any patent licenses granted under the third |
|||
paragraph of section 11). |
|||
|
|||
However, if you cease all violation of this License, then your |
|||
license from a particular copyright holder is reinstated (a) |
|||
provisionally, unless and until the copyright holder explicitly and |
|||
finally terminates your license, and (b) permanently, if the copyright |
|||
holder fails to notify you of the violation by some reasonable means |
|||
prior to 60 days after the cessation. |
|||
|
|||
Moreover, your license from a particular copyright holder is |
|||
reinstated permanently if the copyright holder notifies you of the |
|||
violation by some reasonable means, this is the first time you have |
|||
received notice of violation of this License (for any work) from that |
|||
copyright holder, and you cure the violation prior to 30 days after |
|||
your receipt of the notice. |
|||
|
|||
Termination of your rights under this section does not terminate the |
|||
licenses of parties who have received copies or rights from you under |
|||
this License. If your rights have been terminated and not permanently |
|||
reinstated, you do not qualify to receive new licenses for the same |
|||
material under section 10. |
|||
|
|||
9. Acceptance Not Required for Having Copies. |
|||
|
|||
You are not required to accept this License in order to receive or |
|||
run a copy of the Program. Ancillary propagation of a covered work |
|||
occurring solely as a consequence of using peer-to-peer transmission |
|||
to receive a copy likewise does not require acceptance. However, |
|||
nothing other than this License grants you permission to propagate or |
|||
modify any covered work. These actions infringe copyright if you do |
|||
not accept this License. Therefore, by modifying or propagating a |
|||
covered work, you indicate your acceptance of this License to do so. |
|||
|
|||
10. Automatic Licensing of Downstream Recipients. |
|||
|
|||
Each time you convey a covered work, the recipient automatically |
|||
receives a license from the original licensors, to run, modify and |
|||
propagate that work, subject to this License. You are not responsible |
|||
for enforcing compliance by third parties with this License. |
|||
|
|||
An "entity transaction" is a transaction transferring control of an |
|||
organization, or substantially all assets of one, or subdividing an |
|||
organization, or merging organizations. If propagation of a covered |
|||
work results from an entity transaction, each party to that |
|||
transaction who receives a copy of the work also receives whatever |
|||
licenses to the work the party's predecessor in interest had or could |
|||
give under the previous paragraph, plus a right to possession of the |
|||
Corresponding Source of the work from the predecessor in interest, if |
|||
the predecessor has it or can get it with reasonable efforts. |
|||
|
|||
You may not impose any further restrictions on the exercise of the |
|||
rights granted or affirmed under this License. For example, you may |
|||
not impose a license fee, royalty, or other charge for exercise of |
|||
rights granted under this License, and you may not initiate litigation |
|||
(including a cross-claim or counterclaim in a lawsuit) alleging that |
|||
any patent claim is infringed by making, using, selling, offering for |
|||
sale, or importing the Program or any portion of it. |
|||
|
|||
11. Patents. |
|||
|
|||
A "contributor" is a copyright holder who authorizes use under this |
|||
License of the Program or a work on which the Program is based. The |
|||
work thus licensed is called the contributor's "contributor version". |
|||
|
|||
A contributor's "essential patent claims" are all patent claims |
|||
owned or controlled by the contributor, whether already acquired or |
|||
hereafter acquired, that would be infringed by some manner, permitted |
|||
by this License, of making, using, or selling its contributor version, |
|||
but do not include claims that would be infringed only as a |
|||
consequence of further modification of the contributor version. For |
|||
purposes of this definition, "control" includes the right to grant |
|||
patent sublicenses in a manner consistent with the requirements of |
|||
this License. |
|||
|
|||
Each contributor grants you a non-exclusive, worldwide, royalty-free |
|||
patent license under the contributor's essential patent claims, to |
|||
make, use, sell, offer for sale, import and otherwise run, modify and |
|||
propagate the contents of its contributor version. |
|||
|
|||
In the following three paragraphs, a "patent license" is any express |
|||
agreement or commitment, however denominated, not to enforce a patent |
|||
(such as an express permission to practice a patent or covenant not to |
|||
sue for patent infringement). To "grant" such a patent license to a |
|||
party means to make such an agreement or commitment not to enforce a |
|||
patent against the party. |
|||
|
|||
If you convey a covered work, knowingly relying on a patent license, |
|||
and the Corresponding Source of the work is not available for anyone |
|||
to copy, free of charge and under the terms of this License, through a |
|||
publicly available network server or other readily accessible means, |
|||
then you must either (1) cause the Corresponding Source to be so |
|||
available, or (2) arrange to deprive yourself of the benefit of the |
|||
patent license for this particular work, or (3) arrange, in a manner |
|||
consistent with the requirements of this License, to extend the patent |
|||
license to downstream recipients. "Knowingly relying" means you have |
|||
actual knowledge that, but for the patent license, your conveying the |
|||
covered work in a country, or your recipient's use of the covered work |
|||
in a country, would infringe one or more identifiable patents in that |
|||
country that you have reason to believe are valid. |
|||
|
|||
If, pursuant to or in connection with a single transaction or |
|||
arrangement, you convey, or propagate by procuring conveyance of, a |
|||
covered work, and grant a patent license to some of the parties |
|||
receiving the covered work authorizing them to use, propagate, modify |
|||
or convey a specific copy of the covered work, then the patent license |
|||
you grant is automatically extended to all recipients of the covered |
|||
work and works based on it. |
|||
|
|||
A patent license is "discriminatory" if it does not include within |
|||
the scope of its coverage, prohibits the exercise of, or is |
|||
conditioned on the non-exercise of one or more of the rights that are |
|||
specifically granted under this License. You may not convey a covered |
|||
work if you are a party to an arrangement with a third party that is |
|||
in the business of distributing software, under which you make payment |
|||
to the third party based on the extent of your activity of conveying |
|||
the work, and under which the third party grants, to any of the |
|||
parties who would receive the covered work from you, a discriminatory |
|||
patent license (a) in connection with copies of the covered work |
|||
conveyed by you (or copies made from those copies), or (b) primarily |
|||
for and in connection with specific products or compilations that |
|||
contain the covered work, unless you entered into that arrangement, |
|||
or that patent license was granted, prior to 28 March 2007. |
|||
|
|||
Nothing in this License shall be construed as excluding or limiting |
|||
any implied license or other defenses to infringement that may |
|||
otherwise be available to you under applicable patent law. |
|||
|
|||
12. No Surrender of Others' Freedom. |
|||
|
|||
If conditions are imposed on you (whether by court order, agreement or |
|||
otherwise) that contradict the conditions of this License, they do not |
|||
excuse you from the conditions of this License. If you cannot convey a |
|||
covered work so as to satisfy simultaneously your obligations under this |
|||
License and any other pertinent obligations, then as a consequence you may |
|||
not convey it at all. For example, if you agree to terms that obligate you |
|||
to collect a royalty for further conveying from those to whom you convey |
|||
the Program, the only way you could satisfy both those terms and this |
|||
License would be to refrain entirely from conveying the Program. |
|||
|
|||
13. Remote Network Interaction; Use with the GNU General Public License. |
|||
|
|||
Notwithstanding any other provision of this License, if you modify the |
|||
Program, your modified version must prominently offer all users |
|||
interacting with it remotely through a computer network (if your version |
|||
supports such interaction) an opportunity to receive the Corresponding |
|||
Source of your version by providing access to the Corresponding Source |
|||
from a network server at no charge, through some standard or customary |
|||
means of facilitating copying of software. This Corresponding Source |
|||
shall include the Corresponding Source for any work covered by version 3 |
|||
of the GNU General Public License that is incorporated pursuant to the |
|||
following paragraph. |
|||
|
|||
Notwithstanding any other provision of this License, you have |
|||
permission to link or combine any covered work with a work licensed |
|||
under version 3 of the GNU General Public License into a single |
|||
combined work, and to convey the resulting work. The terms of this |
|||
License will continue to apply to the part which is the covered work, |
|||
but the work with which it is combined will remain governed by version |
|||
3 of the GNU General Public License. |
|||
|
|||
14. Revised Versions of this License. |
|||
|
|||
The Free Software Foundation may publish revised and/or new versions of |
|||
the GNU Affero General Public License from time to time. Such new versions |
|||
will be similar in spirit to the present version, but may differ in detail to |
|||
address new problems or concerns. |
|||
|
|||
Each version is given a distinguishing version number. If the |
|||
Program specifies that a certain numbered version of the GNU Affero General |
|||
Public License "or any later version" applies to it, you have the |
|||
option of following the terms and conditions either of that numbered |
|||
version or of any later version published by the Free Software |
|||
Foundation. If the Program does not specify a version number of the |
|||
GNU Affero General Public License, you may choose any version ever published |
|||
by the Free Software Foundation. |
|||
|
|||
If the Program specifies that a proxy can decide which future |
|||
versions of the GNU Affero General Public License can be used, that proxy's |
|||
public statement of acceptance of a version permanently authorizes you |
|||
to choose that version for the Program. |
|||
|
|||
Later license versions may give you additional or different |
|||
permissions. However, no additional obligations are imposed on any |
|||
author or copyright holder as a result of your choosing to follow a |
|||
later version. |
|||
|
|||
15. Disclaimer of Warranty. |
|||
|
|||
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY |
|||
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT |
|||
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY |
|||
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, |
|||
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM |
|||
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF |
|||
ALL NECESSARY SERVICING, REPAIR OR CORRECTION. |
|||
|
|||
16. Limitation of Liability. |
|||
|
|||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING |
|||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS |
|||
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY |
|||
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE |
|||
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF |
|||
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD |
|||
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), |
|||
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF |
|||
SUCH DAMAGES. |
|||
|
|||
17. Interpretation of Sections 15 and 16. |
|||
|
|||
If the disclaimer of warranty and limitation of liability provided |
|||
above cannot be given local legal effect according to their terms, |
|||
reviewing courts shall apply local law that most closely approximates |
|||
an absolute waiver of all civil liability in connection with the |
|||
Program, unless a warranty or assumption of liability accompanies a |
|||
copy of the Program in return for a fee. |
|||
|
|||
END OF TERMS AND CONDITIONS |
|||
|
|||
How to Apply These Terms to Your New Programs |
|||
|
|||
If you develop a new program, and you want it to be of the greatest |
|||
possible use to the public, the best way to achieve this is to make it |
|||
free software which everyone can redistribute and change under these terms. |
|||
|
|||
To do so, attach the following notices to the program. It is safest |
|||
to attach them to the start of each source file to most effectively |
|||
state the exclusion of warranty; and each file should have at least |
|||
the "copyright" line and a pointer to where the full notice is found. |
|||
|
|||
<one line to give the program's name and a brief idea of what it does.> |
|||
Copyright (C) <year> <name of author> |
|||
|
|||
This program is free software: you can redistribute it and/or modify |
|||
it under the terms of the GNU Affero General Public License as published by |
|||
the Free Software Foundation, either version 3 of the License, or |
|||
(at your option) any later version. |
|||
|
|||
This program is distributed in the hope that it will be useful, |
|||
but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
GNU Affero General Public License for more details. |
|||
|
|||
You should have received a copy of the GNU Affero General Public License |
|||
along with this program. If not, see <http://www.gnu.org/licenses/>. |
|||
|
|||
Also add information on how to contact you by electronic and paper mail. |
|||
|
|||
If your software can interact with users remotely through a computer |
|||
network, you should also make sure that it provides a way for users to |
|||
get its source. For example, if your program is a web application, its |
|||
interface could display a "Source" link that leads users to an archive |
|||
of the code. There are many ways you could offer source, and different |
|||
solutions will be better for different programs; see section 13 for the |
|||
specific requirements. |
|||
|
|||
You should also get your employer (if you work as a programmer) or school, |
|||
if any, to sign a "copyright disclaimer" for the program, if necessary. |
|||
For more information on this, and how to apply and follow the GNU AGPL, see |
|||
<http://www.gnu.org/licenses/>. |
@ -0,0 +1,28 @@ |
|||
== README |
|||
|
|||
This README would normally document whatever steps are necessary to get the |
|||
application up and running. |
|||
|
|||
Things you may want to cover: |
|||
|
|||
* Ruby version |
|||
|
|||
* System dependencies |
|||
|
|||
* Configuration |
|||
|
|||
* Database creation |
|||
|
|||
* Database initialization |
|||
|
|||
* How to run the test suite |
|||
|
|||
* Services (job queues, cache servers, search engines, etc.) |
|||
|
|||
* Deployment instructions |
|||
|
|||
* ... |
|||
|
|||
|
|||
Please feel free to use a different markup language if you do not plan to run |
|||
<tt>rake doc:app</tt>. |
@ -0,0 +1,6 @@ |
|||
# Add your own tasks in files placed in lib/tasks ending in .rake, |
|||
# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. |
|||
|
|||
require File.expand_path('../config/application', __FILE__) |
|||
|
|||
Rails.application.load_tasks |
@ -0,0 +1,4 @@ |
|||
##= require jquery2 |
|||
##= require jquery_ujs |
|||
##= require bootstrap/dropdown |
|||
##= require_tree . |
@ -0,0 +1,5 @@ |
|||
$ -> |
|||
$('#check_form').submit -> |
|||
host = $('#check_host').val() |
|||
window.location.href = "<%= path :result, %i(host) %>" |
|||
false |
@ -0,0 +1,46 @@ |
|||
//= require_tree . |
|||
//= require_self |
|||
|
|||
@import 'bootstrap-sprockets'; |
|||
@import 'bootstrap'; |
|||
@import 'bootstrap/variables'; |
|||
@import 'bootstrap/mixins'; |
|||
@import 'bootstrap/normalize'; |
|||
@import 'bootstrap/scaffolding'; |
|||
@import 'bootstrap/type'; |
|||
@import 'bootstrap/grid'; |
|||
@import 'bootstrap/tables'; |
|||
@import 'bootstrap/forms'; |
|||
@import 'bootstrap/buttons'; |
|||
@import 'bootstrap/dropdowns'; |
|||
@import 'bootstrap/navs'; |
|||
@import 'bootstrap/navbar'; |
|||
@import 'bootstrap/progress-bars'; |
|||
@import 'bootstrap/labels'; |
|||
@import 'bootstrap/badges'; |
|||
@import 'bootstrap/alerts'; |
|||
@import 'bootstrap/utilities'; |
|||
@import 'bootstrap/responsive-utilities'; |
|||
|
|||
@import 'font-awesome-sprockets'; |
|||
@import 'font-awesome'; |
|||
|
|||
* { |
|||
box-sizing: border-box; |
|||
} |
|||
|
|||
body { |
|||
padding-top: $navbar-height + 10px; |
|||
} |
|||
|
|||
.label-error, .progress-bar-error { |
|||
background-color: #000; |
|||
} |
|||
|
|||
.progress-bar-default { |
|||
background-color: $label-default-bg; |
|||
} |
|||
|
|||
.progress { |
|||
margin: 0; |
|||
} |
@ -0,0 +1,3 @@ |
|||
#check { |
|||
margin-top: 100px; |
|||
} |
@ -0,0 +1,5 @@ |
|||
class ApplicationController < ActionController::Base |
|||
# Prevent CSRF attacks by raising an exception. |
|||
# For APIs, you may want to use :null_session instead. |
|||
protect_from_forgery with: :exception |
|||
end |
@ -0,0 +1,42 @@ |
|||
class SiteController < ApplicationController |
|||
before_action :check_host, only: %i(result refresh) |
|||
|
|||
def check_host |
|||
@host = params[:id] |
|||
@idn = SimpleIDN.to_ascii @host |
|||
if /[^a-zA-Z0-9.-]/.match @idn |
|||
flash[:danger] = "Hรดte #{@host} invalide" |
|||
redirect_to :root |
|||
return false |
|||
end |
|||
@result = Datastore.host :https, @idn |
|||
end |
|||
|
|||
def index |
|||
end |
|||
|
|||
def result |
|||
enqueue_host unless @result |
|||
return render :processing if @result.pending |
|||
return render :no_tls if @result.no_tls |
|||
end |
|||
|
|||
def refresh |
|||
unless @result.pending |
|||
refresh_allowed = @result.date + Rails.configuration.refresh_delay |
|||
if Time.now < refresh_allowed |
|||
flash[:warning] = "Merci dโattendre au moins #{l refresh_allowed} pour rafraรฎchir" |
|||
return redirect_to result_path @host |
|||
end |
|||
enqueue_host |
|||
end |
|||
redirect_to :result |
|||
end |
|||
|
|||
private |
|||
def enqueue_host |
|||
Datastore.pending :https, @host |
|||
HTTPSWorker.perform_async @idn |
|||
@result = OpenStruct.new pending: true , date: Time.now |
|||
end |
|||
end |
@ -0,0 +1,2 @@ |
|||
module ApplicationHelper |
|||
end |
@ -0,0 +1,91 @@ |
|||
module SiteHelper |
|||
def rank_color(rank) |
|||
case rank |
|||
when 'A+' then :primary |
|||
when 'A' then :success |
|||
when 'B' then :default |
|||
when 'C', 'D' then :warning |
|||
when 'E', 'F' then :danger |
|||
else :error |
|||
end |
|||
end |
|||
|
|||
def rank_label(rank) |
|||
"<span class=\"label label-#{rank_color rank}\">#{rank}</span>".html_safe |
|||
end |
|||
|
|||
def progress_color(percentage) |
|||
case percentage |
|||
when 0...20 then :error |
|||
when 20...40 then :danger |
|||
when 40...60 then :warning |
|||
when 60...80 then :default |
|||
when 80...90 then :success |
|||
else :primary |
|||
end |
|||
end |
|||
|
|||
def score_progress(score) |
|||
%Q(<div class="progress"> |
|||
<div class="progress-bar progress-bar-striped progress-bar-#{progress_color score}" |
|||
style="width: #{score}%"> |
|||
#{score} / 100 |
|||
</div> |
|||
</div>).html_safe |
|||
end |
|||
|
|||
def protocol_label(protocol) |
|||
color = case protocol |
|||
when 'TLSv1_2' then :success |
|||
when 'SSLv3', 'SSLv2' then :danger |
|||
else :default |
|||
end |
|||
"<span class=\"label label-#{color}\">#{protocol}</span>".html_safe |
|||
end |
|||
|
|||
def protocol_labels(protocols) |
|||
protocols.collect { |p| protocol_label p }.join("\n").html_safe |
|||
end |
|||
|
|||
def key_label(key) |
|||
return '<span class="label label-error">Aucune</span>'.html_safe unless key |
|||
"<span class=\"label label-#{color_key key}\">#{key.type.upcase} #{key[:size]} bits</span>".html_safe |
|||
end |
|||
|
|||
def key_labels(keys) |
|||
return '<span class="label label-error">Aucune</span>'.html_safe if keys.empty? |
|||
keys.sort { |a, b| -1 * (a.rsa_size <=> b.rsa_size)} .collect { |k| key_label k }.join("\n").html_safe |
|||
end |
|||
|
|||
def cipher_label(cipher) |
|||
"<span class=\"label label-#{cipher_color cipher['size']} %>\">#{cipher['size']} bits</span>".html_safe |
|||
end |
|||
|
|||
def color_key(key) |
|||
case key.rsa_size |
|||
when 0...1024 then :error |
|||
when 1024...2048 then :danger |
|||
when 2048...4096 then :warning |
|||
else :success |
|||
end |
|||
end |
|||
|
|||
def cipher_color(key) |
|||
case key |
|||
when 0...112 then :error |
|||
when 112...128 then :warning |
|||
when 128...256 then :success |
|||
else :primary |
|||
end |
|||
end |
|||
|
|||
def cipher_labels(cipher) |
|||
{ success: %i(pfs), |
|||
warning: %i(des3 sha1), |
|||
danger: %i(md5 psk srp anonymous null export des rc2 rc4) |
|||
}.collect do |color, types| |
|||
types.select { |t| CryptCheck::Tls::Cipher.send "#{t}?", cipher.name } |
|||
.collect { |t| "<span class=\"label label-#{color}\">#{t.upcase}</span>" } |
|||
end.flatten(1).join("\n").html_safe |
|||
end |
|||
end |
@ -0,0 +1,18 @@ |
|||
<div id="flash" class="container"> |
|||
<% [:danger, :warning, :success, :info].each do |level| |
|||
message = flash[level] |
|||
unless message.nil? %> |
|||
<%= content_tag :div, class: %(alert alert-#{level}) do %> |
|||
<% if message.is_a? Enumerable %> |
|||
<ul> |
|||
<% message.each do |m| %> |
|||
<li><%= m %></li> |
|||
<% end %> |
|||
</ul> |
|||
<% else %> |
|||
<%= message %> |
|||
<% end %> |
|||
<% end |
|||
end |
|||
end %> |
|||
</div> |
@ -0,0 +1,28 @@ |
|||
<header> |
|||
<nav class="navbar navbar-inverse navbar-fixed-top"> |
|||
<div class="container"> |
|||
<div class="navbar-header"> |
|||
<%= link_to 'CryptCheck', root_path, class: %i(navbar-brand) %> |
|||
</div> |
|||
<!-- |
|||
<ul class="nav navbar-nav navbar-right"> |
|||
<li class="dropdown"> |
|||
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"> |
|||
Hall of f/shยทame |
|||
<span class="caret"></span> |
|||
</a> |
|||
<ul class="dropdown-menu"> |
|||
<li><a href="#">Misc</a></li> |
|||
<li><a href="#">Syndicats</a></li> |
|||
<li><a href="#">SecureDrop</a></li> |
|||
<li><a href="#">Presse</a></li> |
|||
<li><a href="#">Top 500 Alexa</a></li> |
|||
<li><a href="#">Porn</a></li> |
|||
<li><a href="#">US gov</a></li> |
|||
</ul> |
|||
</li> |
|||
</ul> |
|||
--> |
|||
</div> |
|||
</nav> |
|||
</header> |
@ -0,0 +1,15 @@ |
|||
<!DOCTYPE html> |
|||
<html> |
|||
<head> |
|||
<title>CryptcheckRails</title> |
|||
<%= stylesheet_link_tag 'application', media: 'all' %> |
|||
<%= javascript_include_tag 'application' %> |
|||
<%= csrf_meta_tags %> |
|||
<%= yield :head %> |
|||
</head> |
|||
<body> |
|||
<%= render partial: 'headers' %> |
|||
<%= render partial: 'flash' %> |
|||
<%= yield %> |
|||
</body> |
|||
</html> |
@ -0,0 +1,17 @@ |
|||
<div id="check" class="container"> |
|||
<div class="row"> |
|||
<div class="col-sm-8 col-sm-offset-2"> |
|||
<h1>Vรฉrifier votre domaine</h1> |
|||
<form id="check_form" class="form form-horizontal"> |
|||
<div class="form-group"> |
|||
<div class="col-sm-9"> |
|||
<%= text_field_tag :check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %> |
|||
</div> |
|||
<div class="col-sm-3"> |
|||
<%= submit_tag 'Test-moiย !', class: %i(form-control btn btn-primary input-lg pull-right) %> |
|||
</div> |
|||
</div> |
|||
</form> |
|||
</div> |
|||
</div> |
|||
</div> |
@ -0,0 +1,9 @@ |
|||
<div id="check" class="container"> |
|||
<div class="row"> |
|||
<div class="col-sm-8 col-sm-offset-2"> |
|||
<h1> |
|||
<%= @host %> ne supporte pas HTTPS |
|||
</h1> |
|||
</div> |
|||
</div> |
|||
</div> |
@ -0,0 +1,20 @@ |
|||
<% content_for :head do %> |
|||
<meta http-equiv="refresh" content="60"> |
|||
<% end %> |
|||
<div id="check" class="container"> |
|||
<div class="row"> |
|||
<div class="col-sm-8 col-sm-offset-2"> |
|||
<h1> |
|||
<i class="fa fa-spinner fa-pulse"></i> |
|||
Analyse en cours de <%= @host %> |
|||
</h1> |
|||
<p class="small"> |
|||
Dรฉbut de lโanalyseย : <%= l @result.date %> |
|||
</p> |
|||
<p class="pull-right"> |
|||
Merci de patienterโฆ |
|||
<span class="small">(Cette page se rafraรฎchit automatiquement toutes les minutes)</span> |
|||
</p> |
|||
</div> |
|||
</div> |
|||
</div> |
@ -0,0 +1,104 @@ |
|||
<div class="container"> |
|||
<div class="row"> |
|||
<div class="col-sm-11"> |
|||
<h1> |
|||
Rรฉsultats pour <%= @host %> <span class="small">(<%= l @result.date %>)</span> |
|||
<%= rank_label @result.score.rank %> |
|||
</h1> |
|||
</div> |
|||
<% if Time.now - @result.date >= Rails.configuration.refresh_delay %> |
|||
<div class="col-sm-1"> |
|||
<%= link_to 'Rafraรฎchir', refresh_path, class: %i(btn btn-default) %> |
|||
</div> |
|||
<% end %> |
|||
</div> |
|||
<br/> |
|||
<div class="row"> |
|||
<div class="col-sm-6"> |
|||
<% scores = @result.score.details %> |
|||
<table class="table table-bordered table-condensed table-striped"> |
|||
<thead> |
|||
<tr> |
|||
<th colspan="2"> |
|||
Scores |
|||
<%= rank_label @result.score.rank %> |
|||
</th> |
|||
</tr> |
|||
</thead> |
|||
<tbody> |
|||
<% |
|||
{ 'Protocole' => 'protocol', |
|||
'รchange de clef' => 'key_exchange', |
|||
'Chiffrement' => 'cipher_strengths', |
|||
'Total' => 'score'}.each do |name, v| %> |
|||
<tr> |
|||
<th class="col-sm-4"><%= name %></th> |
|||
<td class="col-sm-8"><%= score_progress scores[v] %></td> |
|||
</tr> |
|||
<% end %> |
|||
</tbody> |
|||
</table> |
|||
</div> |
|||
<div class="col-sm-6"> |
|||
<table class="table table-bordered table-condensed table-striped"> |
|||
<tbody> |
|||
<tr> |
|||
<th class="col-sm-4">Protocoles</th> |
|||
<td class="col-sm-8"><%= protocol_labels @result.protocols %></td> |
|||
</tr> |
|||
<tr> |
|||
<th>Clefs</th> |
|||
<td> |
|||
<p>Certificatย : <%= key_label @result[:key] %></p> |
|||
<p>Diffie Hellmanย : <%= key_labels @result.dh %></p> |
|||
</td> |
|||
</tr> |
|||
<% { 'Bonnes pratiques' => ['success', 'success'], |
|||
'Alertes' => ['warning', 'warning'], |
|||
'Erreurs' => ['error', 'danger'] }.each do |name, v| %> |
|||
<tr> |
|||
<th><%= name %></th> |
|||
<td> |
|||
<% item, color = v |
|||
(@result.score[item] || []).each do |item| %> |
|||
<span class="label label-<%= color %>"><%= item.upcase %></span> |
|||
<% end %> |
|||
</td> |
|||
</tr> |
|||
<% end %> |
|||
</tbody> |
|||
</table> |
|||
</div> |
|||
</div> |
|||
<div class="row"> |
|||
<div class="col-sm-12"> |
|||
<table class="table table-bordered table-condensed table-striped"> |
|||
<thead> |
|||
<tr> |
|||
<th class="col-sm-3">Algorithme</th> |
|||
<th class="col-sm-1">Clef</th> |
|||
<th class="col-sm-1">DH</th> |
|||
<th></th> |
|||
</tr> |
|||
</thead> |
|||
<tbody> |
|||
<% %w(TLSv1_2 TLSv1_1 TLSv1 SSLv3 SSLv2).each do |protocol| |
|||
ciphers = @result.ciphers.select { |c| c.protocol == protocol } |
|||
.sort { |a, b| -1 * (a['size'] <=> b['size']) } |
|||
unless ciphers.empty? %> |
|||
<tr> |
|||
<th colspan="3"><%= protocol_label protocol %></th> |
|||
</tr> |
|||
<% ciphers.each do |cipher| %> |
|||
<tr> |
|||
<td><%= cipher.name %></td> |
|||
<td><%= cipher_label cipher %></td> |
|||
<td><%= key_label cipher.dh if cipher.dh %></td> |
|||
<td><%= cipher_labels cipher %></td> |
|||
</tr> |
|||
<% end end end %> |
|||
</tbody> |
|||
</table> |
|||
</div> |
|||
</div> |
|||
</div> |
@ -0,0 +1,42 @@ |
|||
require 'simpleidn' |
|||
require 'cryptcheck' |
|||
|
|||
class HTTPSWorker |
|||
include Sidekiq::Worker |
|||
sidekiq_options retry: false |
|||
|
|||
def key_to_json(key) |
|||
key.nil? ? nil : { type: key.type, size: key.size, rsa_size: key.rsa_equivalent_size } |
|||
end |
|||
|
|||
def perform(host) |
|||
idn = SimpleIDN.to_ascii host |
|||
result = begin |
|||
server = CryptCheck::Tls::Https::Server.new idn |
|||
grade = CryptCheck::Tls::Https::Grade.new server |
|||
|
|||
{ |
|||
key: key_to_json(server.key), |
|||
dh: server.dh.collect { |k| key_to_json k }, |
|||
protocols: server.supported_protocols, |
|||
ciphers: server.supported_ciphers.collect { |c| { protocol: c.protocol, name: c.name, size: c.size, dh: key_to_json(c.dh) } }, |
|||
hsts: server.hsts, |
|||
score: { |
|||
rank: grade.grade, |
|||
details: { |
|||
score: grade.score, |
|||
protocol: grade.protocol_score, |
|||
key_exchange: grade.key_exchange_score, |
|||
cipher_strengths: grade.cipher_strengths_score |
|||
}, |
|||
error: grade.error, |
|||
warning: grade.warning, |
|||
success: grade.success |
|||
} |
|||
} |
|||
rescue CryptCheck::Tls::Server::TLSNotAvailableException |
|||
{ no_tls: true } |
|||
end |
|||
Datastore.post :https, host, result |
|||
end |
|||
end |
@ -0,0 +1,3 @@ |
|||
#!/usr/bin/env ruby |
|||
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) |
|||
load Gem.bin_path('bundler', 'bundle') |
@ -0,0 +1,9 @@ |
|||
#!/usr/bin/env ruby |
|||
require 'sidekiq' |
|||
options = { |
|||
url: ENV['REDIS_URL'], |
|||
namespace: :cryptcheck |
|||
} |
|||
client = Sidekiq::Client.new Sidekiq::RedisConnection.create options |
|||
clazz, *args = ARGV |
|||
client.push({ 'class' => clazz, 'args' => args }) |
@ -0,0 +1,8 @@ |
|||
#!/usr/bin/env ruby |
|||
begin |
|||
load File.expand_path("../spring", __FILE__) |
|||
rescue LoadError |
|||
end |
|||
APP_PATH = File.expand_path('../../config/application', __FILE__) |
|||
require_relative '../config/boot' |
|||
require 'rails/commands' |
@ -0,0 +1,8 @@ |
|||
#!/usr/bin/env ruby |
|||
begin |
|||
load File.expand_path("../spring", __FILE__) |
|||
rescue LoadError |
|||
end |
|||
require_relative '../config/boot' |
|||
require 'rake' |
|||
Rake.application.run |
@ -0,0 +1,29 @@ |
|||
#!/usr/bin/env ruby |
|||
require 'pathname' |
|||
|
|||
# path to your application root. |
|||
APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) |
|||
|
|||
Dir.chdir APP_ROOT do |
|||
# This script is a starting point to setup your application. |
|||
# Add necessary setup steps to this file: |
|||
|
|||
puts "== Installing dependencies ==" |
|||
system "gem install bundler --conservative" |
|||
system "bundle check || bundle install" |
|||
|
|||
# puts "\n== Copying sample files ==" |
|||
# unless File.exist?("config/database.yml") |
|||
# system "cp config/database.yml.sample config/database.yml" |
|||
# end |
|||
|
|||
puts "\n== Preparing database ==" |
|||
system "bin/rake db:setup" |
|||
|
|||
puts "\n== Removing old logs and tempfiles ==" |
|||
system "rm -f log/*" |
|||
system "rm -rf tmp/cache" |
|||
|
|||
puts "\n== Restarting application server ==" |
|||
system "touch tmp/restart.txt" |
|||
end |
@ -0,0 +1,20 @@ |
|||
#!/usr/bin/env ruby |
|||
$:.unshift File.expand_path File.join File.dirname(__FILE__), '../../cryptcheck/lib' |
|||
require 'rubygems' |
|||
require 'bundler/setup' |
|||
|
|||
$TESTING = false |
|||
$CELLULOID_DEBUG = false |
|||
|
|||
require 'sidekiq/cli' |
|||
|
|||
begin |
|||
cli = Sidekiq::CLI.instance |
|||
cli.parse |
|||
cli.run |
|||
rescue => e |
|||
raise e if $DEBUG |
|||
STDERR.puts e.message |
|||
STDERR.puts e.backtrace.join("\n") |
|||
exit 1 |
|||
end |
@ -0,0 +1,4 @@ |
|||
# This file is used by Rack-based servers to start the application. |
|||
|
|||
require ::File.expand_path('../config/environment', __FILE__) |
|||
run Rails.application |
@ -0,0 +1,34 @@ |
|||
require File.expand_path('../boot', __FILE__) |
|||
|
|||
require 'rails/all' |
|||
|
|||
# Require the gems listed in Gemfile, including any gems |
|||
# you've limited to :test, :development, or :production. |
|||
groups = Rails.groups |
|||
unless Rails.env == 'production' |
|||
groups << :assets |
|||
Rails.env = 'production' if Rails.env == 'staging' |
|||
end |
|||
Bundler.require(*groups) |
|||
|
|||
module CryptcheckRails |
|||
class Application < Rails::Application |
|||
# Settings in config/environments/* take precedence over those specified here. |
|||
# Application configuration should go into files in config/initializers |
|||
# -- all .rb files in that directory are automatically loaded. |
|||
config.autoload_paths += %W(#{config.root}/lib) |
|||
|
|||
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone. |
|||
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC. |
|||
# config.time_zone = 'Central Time (US & Canada)' |
|||
|
|||
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded. |
|||
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s] |
|||
config.i18n.default_locale = :fr |
|||
|
|||
# Do not swallow errors in after_commit/after_rollback callbacks. |
|||
config.active_record.raise_in_transactional_callbacks = true |
|||
|
|||
config.refresh_delay = 1.hour |
|||
end |
|||
end |
@ -0,0 +1,3 @@ |
|||
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) |
|||
|
|||
require 'bundler/setup' # Set up gems listed in the Gemfile. |
@ -0,0 +1,25 @@ |
|||
# SQLite version 3.x |
|||
# gem install sqlite3 |
|||
# |
|||
# Ensure the SQLite 3 gem is defined in your Gemfile |
|||
# gem 'sqlite3' |
|||
# |
|||
default: &default |
|||
adapter: sqlite3 |
|||
pool: 5 |
|||
timeout: 5000 |
|||
|
|||
development: |
|||
<<: *default |
|||
database: db/development.sqlite3 |
|||
|
|||
# Warning: The database defined as "test" will be erased and |
|||
# re-generated from your development database when you run "rake". |
|||
# Do not set this db to the same as development or production. |
|||
test: |
|||
<<: *default |
|||
database: db/test.sqlite3 |
|||
|
|||
production: |
|||
<<: *default |
|||
database: db/production.sqlite3 |
@ -0,0 +1,5 @@ |
|||
# Load the Rails application. |
|||
require File.expand_path('../application', __FILE__) |
|||
|
|||
# Initialize the Rails application. |
|||
Rails.application.initialize! |
@ -0,0 +1,43 @@ |
|||
Rails.application.configure do |
|||
# Settings specified here will take precedence over those in config/application.rb. |
|||
|
|||
# In the development environment your application's code is reloaded on |
|||
# every request. This slows down response time but is perfect for development |
|||
# since you don't have to restart the web server when you make code changes. |
|||
config.cache_classes = false |
|||
|
|||
# Do not eager load code on boot. |
|||
config.eager_load = false |
|||
|
|||
# Show full error reports and disable caching. |
|||
config.consider_all_requests_local = true |
|||
config.action_controller.perform_caching = false |
|||
|
|||
# Don't care if the mailer can't send. |
|||
config.action_mailer.raise_delivery_errors = false |
|||
|
|||
# Print deprecation notices to the Rails logger. |
|||
config.active_support.deprecation = :log |
|||
|
|||
# Raise an error on page load if there are pending migrations. |
|||
config.active_record.migration_error = :page_load |
|||
|
|||
# Debug mode disables concatenation and preprocessing of assets. |
|||
# This option may cause significant delays in view rendering with a large |
|||
# number of complex assets. |
|||
config.assets.debug = true |
|||
|
|||
# Asset digests allow you to set far-future HTTP expiration dates on all assets, |
|||
# yet still be able to expire them through the digest params. |
|||
config.assets.digest = true |
|||
|
|||
# Adds additional error checking when serving assets at runtime. |
|||
# Checks for improperly declared sprockets dependencies. |
|||
# Raises helpful error messages. |
|||
config.assets.raise_runtime_errors = true |
|||
|
|||
# Raises error for missing translations |
|||
# config.action_view.raise_on_missing_translations = true |
|||
|
|||
config.middleware.insert_after ActionDispatch::Static, Rack::LiveReload |
|||
end |
@ -0,0 +1,79 @@ |
|||
Rails.application.configure do |
|||
# Settings specified here will take precedence over those in config/application.rb. |
|||
|
|||
# Code is not reloaded between requests. |
|||
config.cache_classes = true |
|||
|
|||
# Eager load code on boot. This eager loads most of Rails and |
|||
# your application in memory, allowing both threaded web servers |
|||
# and those relying on copy on write to perform better. |
|||
# Rake tasks automatically ignore this option for performance. |
|||
config.eager_load = true |
|||
|
|||
# Full error reports are disabled and caching is turned on. |
|||
config.consider_all_requests_local = false |
|||
config.action_controller.perform_caching = true |
|||
|
|||
# Enable Rack::Cache to put a simple HTTP cache in front of your application |
|||
# Add `rack-cache` to your Gemfile before enabling this. |
|||
# For large-scale production use, consider using a caching reverse proxy like |
|||
# NGINX, varnish or squid. |
|||
# config.action_dispatch.rack_cache = true |
|||
|
|||
# Disable serving static files from the `/public` folder by default since |
|||
# Apache or NGINX already handles this. |
|||
config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present? |
|||
|
|||
# Compress JavaScripts and CSS. |
|||
config.assets.js_compressor = :uglifier |
|||
# config.assets.css_compressor = :sass |
|||
|
|||
# Do not fallback to assets pipeline if a precompiled asset is missed. |
|||
config.assets.compile = false |
|||
|
|||
# Asset digests allow you to set far-future HTTP expiration dates on all assets, |
|||
# yet still be able to expire them through the digest params. |
|||
config.assets.digest = true |
|||
|
|||
# `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb |
|||
|
|||
# Specifies the header that your server uses for sending files. |
|||
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache |
|||
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX |
|||
|
|||
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. |
|||
# config.force_ssl = true |
|||
|
|||
# Use the lowest log level to ensure availability of diagnostic information |
|||
# when problems arise. |
|||
config.log_level = :debug |
|||
|
|||
# Prepend all log lines with the following tags. |
|||
# config.log_tags = [ :subdomain, :uuid ] |
|||
|
|||
# Use a different logger for distributed setups. |
|||
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) |
|||
|
|||
# Use a different cache store in production. |
|||
# config.cache_store = :mem_cache_store |
|||
|
|||
# Enable serving of images, stylesheets, and JavaScripts from an asset server. |
|||
# config.action_controller.asset_host = 'http://assets.example.com' |
|||
|
|||
# Ignore bad email addresses and do not raise email delivery errors. |
|||
# Set this to true and configure the email server for immediate delivery to raise delivery errors. |
|||
# config.action_mailer.raise_delivery_errors = false |
|||
|
|||
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to |
|||
# the I18n.default_locale when a translation cannot be found). |
|||
config.i18n.fallbacks = true |
|||
|
|||
# Send deprecation notices to registered listeners. |
|||
config.active_support.deprecation = :notify |
|||
|
|||
# Use default logging formatter so that PID and timestamp are not suppressed. |
|||
config.log_formatter = ::Logger::Formatter.new |
|||
|
|||
# Do not dump schema after migrations. |
|||
config.active_record.dump_schema_after_migration = false |
|||
end |
@ -0,0 +1,42 @@ |
|||
Rails.application.configure do |
|||
# Settings specified here will take precedence over those in config/application.rb. |
|||
|
|||
# The test environment is used exclusively to run your application's |
|||
# test suite. You never need to work with it otherwise. Remember that |
|||
# your test database is "scratch space" for the test suite and is wiped |
|||
# and recreated between test runs. Don't rely on the data there! |
|||
config.cache_classes = true |
|||
|
|||
# Do not eager load code on boot. This avoids loading your whole application |
|||
# just for the purpose of running a single test. If you are using a tool that |
|||
# preloads Rails for running tests, you may have to set it to true. |
|||
config.eager_load = false |
|||
|
|||
# Configure static file server for tests with Cache-Control for performance. |
|||
config.serve_static_files = true |
|||
config.static_cache_control = 'public, max-age=3600' |
|||
|
|||
# Show full error reports and disable caching. |
|||
config.consider_all_requests_local = true |
|||
config.action_controller.perform_caching = false |
|||
|
|||
# Raise exceptions instead of rendering exception templates. |
|||
config.action_dispatch.show_exceptions = false |
|||
|
|||
# Disable request forgery protection in test environment. |
|||
config.action_controller.allow_forgery_protection = false |
|||
|
|||
# Tell Action Mailer not to deliver emails to the real world. |
|||
# The :test delivery method accumulates sent emails in the |
|||
# ActionMailer::Base.deliveries array. |
|||
config.action_mailer.delivery_method = :test |
|||
|
|||
# Randomize the order test cases are executed. |
|||
config.active_support.test_order = :random |
|||
|
|||
# Print deprecation notices to the stderr. |
|||
config.active_support.deprecation = :stderr |
|||
|
|||
# Raises error for missing translations |
|||
# config.action_view.raise_on_missing_translations = true |
|||
end |
@ -0,0 +1,11 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
# Version of your assets, change this if you want to expire all your assets. |
|||
Rails.application.config.assets.version = '1.0' |
|||
|
|||
# Add additional assets to the asset load path |
|||
# Rails.application.config.assets.paths << Emoji.images_path |
|||
|
|||
# Precompile additional assets. |
|||
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added. |
|||
# Rails.application.config.assets.precompile += %w( search.js ) |
@ -0,0 +1,7 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces. |
|||
# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ } |
|||
|
|||
# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code. |
|||
# Rails.backtrace_cleaner.remove_silencers! |
@ -0,0 +1,3 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
Rails.application.config.action_dispatch.cookies_serializer = :json |
@ -0,0 +1,4 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
# Configure sensitive parameters which will be filtered from the log file. |
|||
Rails.application.config.filter_parameters += [:password] |
@ -0,0 +1,16 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
# Add new inflection rules using the following format. Inflections |
|||
# are locale specific, and you may define rules for as many different |
|||
# locales as you wish. All of these examples are active by default: |
|||
# ActiveSupport::Inflector.inflections(:en) do |inflect| |
|||
# inflect.plural /^(ox)$/i, '\1en' |
|||
# inflect.singular /^(ox)en/i, '\1' |
|||
# inflect.irregular 'person', 'people' |
|||
# inflect.uncountable %w( fish sheep ) |
|||
# end |
|||
|
|||
# These inflection rules are supported but not enabled by default: |
|||
# ActiveSupport::Inflector.inflections(:en) do |inflect| |
|||
# inflect.acronym 'RESTful' |
|||
# end |
@ -0,0 +1,4 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
# Add new mime types for use in respond_to blocks: |
|||
# Mime::Type.register "text/richtext", :rtf |
@ -0,0 +1,3 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
Rails.application.config.session_store :cookie_store, key: '_cryptcheck-rails_session' |
@ -0,0 +1,7 @@ |
|||
Sidekiq.configure_server do |config| |
|||
config.redis = { namespace: :cryptcheck } |
|||
end |
|||
|
|||
Sidekiq.configure_client do |config| |
|||
config.redis = { namespace: :cryptcheck } |
|||
end |
@ -0,0 +1,25 @@ |
|||
Rails.application.assets.context_class.class_eval do |
|||
def path(name, params=[], **options) |
|||
helper = "#{name}_path" |
|||
names = [] |
|||
replace = [] |
|||
params.each_with_index do |n, p| |
|||
arg = "__p#{p}__" |
|||
names << arg |
|||
replace << [arg, "\#{#{n}}"] |
|||
end |
|||
query_params = options.delete :params |
|||
unless query_params.nil? |
|||
query_params.each_with_index do |n, p| |
|||
arg = "__q#{p}__" |
|||
names << arg |
|||
replace << [arg, "\#{#{n}}"] |
|||
options[n] = arg |
|||
end |
|||
end |
|||
|
|||
path = Rails.application.routes.url_helpers.send helper, *names, **options |
|||
replace.each { |p, n| path.sub! p, n } |
|||
"#{config.relative_url_root}#{path}" |
|||
end |
|||
end |
@ -0,0 +1,14 @@ |
|||
# Be sure to restart your server when you modify this file. |
|||
|
|||
# This file contains settings for ActionController::ParamsWrapper which |
|||
# is enabled by default. |
|||
|
|||
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array. |
|||
ActiveSupport.on_load(:action_controller) do |
|||
wrap_parameters format: [:json] if respond_to?(:wrap_parameters) |
|||
end |
|||
|
|||
# To enable root element in JSON for ActiveRecord objects. |
|||
# ActiveSupport.on_load(:active_record) do |
|||
# self.include_root_in_json = true |
|||
# end |
@ -0,0 +1 @@ |
|||
en: |
@ -0,0 +1,205 @@ |
|||
fr: |
|||
date: |
|||
abbr_day_names: |
|||
- dim |
|||
- lun |
|||
- mar |
|||