Browse Source

Sync with prod

new-scoring
aeris 3 years ago
parent
commit
0e114bad9b
  1. 1
      .gitignore
  2. 1
      lib/cryptcheck.rb
  3. 15
      lib/cryptcheck/tls/caa.rb
  4. 5
      lib/cryptcheck/tls/cert.rb
  5. 14
      lib/cryptcheck/tls/curve.rb
  6. 3
      lib/cryptcheck/tls/engine.rb
  7. 1
      lib/cryptcheck/tls/fixture.rb
  8. 5
      lib/cryptcheck/tls/host.rb
  9. 13
      lib/cryptcheck/tls/https.rb.bak

1
.gitignore

@ -11,4 +11,5 @@
/lib/*.so.*
/.ruby-version
/rakefile
.bundle/
Gemfile.lock

1
lib/cryptcheck.rb

@ -13,6 +13,7 @@ module CryptCheck
autoload :Cipher, 'cryptcheck/tls/cipher'
autoload :Curve, 'cryptcheck/tls/curve'
autoload :Cert, 'cryptcheck/tls/cert'
autoload :CAA, 'cryptcheck/tls/caa'
autoload :Engine, 'cryptcheck/tls/engine'
autoload :Server, 'cryptcheck/tls/server'
autoload :TcpServer, 'cryptcheck/tls/server'

15
lib/cryptcheck/tls/caa.rb

@ -0,0 +1,15 @@
require 'resolve'
class Resolv::DNS::Resource::IN::CAA < Resolv::DNS::Resource::IN::TXT
TypeValue = 257
end
module CryptCheck
module Tls
module CAA
def check_caa
end
end
end
end

5
lib/cryptcheck/tls/cert.rb

@ -1,8 +1,9 @@
module CryptCheck
module Tls
class Cert
DEFAULT_CA_DIRECTORIES = [
'/usr/share/ca-certificates/mozilla'
DEFAULT_CA_DIRECTORIES = %w[
/usr/share/ca-certificates/mozilla
/etc/ca-certificates/extracted/cadir
]
SIGNATURE_ALGORITHMS = %i(md2 mdc2 md4 md5 ripemd160 sha sha1 sha2 rsa dss ecc ghost).freeze

14
lib/cryptcheck/tls/curve.rb

@ -4,7 +4,7 @@ module CryptCheck
attr_reader :name
def initialize(name)
name = name.to_sym if name.is_a? String
name = name.to_sym if name.is_a? String
@name = name
end
@ -36,12 +36,12 @@ module CryptCheck
def ==(other)
case other
when String
@name == other.to_sym
when Symbol
@name == other
else
@name == other.name
when String
@name == other.to_sym
when Symbol
@name == other
else
@name == other.name
end
end

3
lib/cryptcheck/tls/engine.rb

@ -282,7 +282,8 @@ module CryptCheck
begin
ssl_client method, fallback: true
rescue InappropriateFallback,
CipherNotAvailable # Seems some servers reply with "sslv3 alert handshake failure"...
CipherNotAvailable, # Seems some servers reply with "sslv3 alert handshake failure"…
MethodNotAvailable, # Seems some servers reply with "wrong version number"…
@fallback_scsv = true
end
else

1
lib/cryptcheck/tls/fixture.rb

@ -170,6 +170,7 @@ class ::OpenSSL::X509::Store
when ::OpenSSL::X509::Certificate
self.add_cert chain
else
next unless File.exists? chain
if File.directory?(chain)
Dir.entries(chain)
.collect { |e| File.join chain, e }

5
lib/cryptcheck/tls/host.rb

@ -46,17 +46,20 @@ module CryptCheck
# Logger.error { e.backtrace }
Logger.error { e }
AnalysisFailure.new e
raise
rescue ::Timeout::Error
# Logger.error { e.backtrace }
Logger.error { e }
TooLongAnalysis.new
raise
end
[[@hostname, ip, @port], result]
end.to_h
rescue => e
# Logger.error { e.backtrace }
Logger.error { e.backtrace }
Logger.error { e }
@error = e
raise
end
def key

13
lib/cryptcheck/tls/https.rb.bak

@ -0,0 +1,13 @@
module CryptCheck
module Tls
module Https
def self.analyze(host, port=443)
::CryptCheck.analyze host, port, Server
end
def self.analyze_file(input, output)
::CryptCheck.analyze_file(input, 'output/https.erb', output) { |host| self.analyze host }
end
end
end
end
Loading…
Cancel
Save