Binaries for new version

5 years ago · d60d325e04
parent cdf9f62534
commit d60d325e04
7 changed files with 73 additions and 14 deletions
--- a/bin/bundle
+++ b/bin/bundle
@ -0,0 +1,4 @@
+#!/bin/bash
+: ${RBENV_ROOT:=$HOME/.rbenv}
+DIR="$(readlink -m "$(dirname "$0")")"
+LD_LIBRARY_PATH="${DIR}/../lib" "${RBENV_ROOT}/shims/bundle" $*
--- a/bin/check_https.rb
+++ b/bin/check_https.rb
@ -3,4 +3,7 @@ $:.unshift File.expand_path File.join File.dirname(__FILE__), '../lib'
 require 'rubygems'
 require 'bundler/setup'
 require 'cryptcheck'
-::CryptCheck::Tls::Https::Host.new ARGV[0], ARGV.fetch(1, 443)
+
+args, port = ARGV
+args = [args, port] if port
+hosts = ::CryptCheck::Tls::Https.analyze *args
--- a/bin/check_smtp.rb
+++ b/bin/check_smtp.rb
@ -3,4 +3,8 @@ $:.unshift File.expand_path File.join File.dirname(__FILE__), '../lib'
 require 'rubygems'
 require 'bundler/setup'
 require 'cryptcheck'
-::CryptCheck::Tls::Smtp.analyze_domain ARGV[0]
+
+args, port = ARGV
+args = [args, port] if port
+hosts = ::CryptCheck::Tls::Smtp.analyze *args
+ap hosts
--- a/bin/check_xmpp.rb
+++ b/bin/check_xmpp.rb
@ -3,4 +3,7 @@ $:.unshift File.expand_path File.join File.dirname(__FILE__), '../lib'
 require 'rubygems'
 require 'bundler/setup'
 require 'cryptcheck'
-::CryptCheck::Tls::Xmpp.analyze_domain ARGV[0], type: ARGV.fetch(1, :s2s).to_sym
+
+args, type = ARGV
+args = [args, type] if type
+::CryptCheck::Tls::Xmpp.analyze *args
--- a/bin/test
+++ b/bin/test
@ -0,0 +1 @@
+runner
--- a/bin/test.rb
+++ b/bin/test.rb
@ -0,0 +1,38 @@
+#!/usr/bin/env ruby
+$:.unshift File.expand_path File.join File.dirname(__FILE__), '../lib'
+require 'rubygems'
+require 'bundler/setup'
+Bundler.require :default, :development
+require 'cryptcheck'
+
+class CryptCheck::Tls::Cert
+	def valid?(*_)
+		true
+	end
+
+	def trusted?
+		:trusted
+	end
+end
+
+# obj = Class.new do
+# 	include ::CryptCheck::State
+#
+# 	def available_checks
+# 		[[:foo, %i(critical warning good best), -> (_) { :best }]]
+# 	end
+# end.new
+# ap obj.states
+# ap obj.status
+
+# cipher = ::CryptCheck::Tls::Cipher[::CryptCheck::Tls::Method[:TLSv1_2]].first
+# ap cipher.states
+# ap cipher.status
+# ap cipher.name
+# puts cipher.to_s
+
+# key = OpenSSL::PKey.read File.read 'spec/resources/rsa-1024.pem'
+# ap key.states
+# ap key.status
+
+host = CryptCheck::Tls::Https::Host.new 'localhost', 443
--- a/bin/tls_server.rb
+++ b/bin/tls_server.rb
@ -68,7 +68,7 @@ def certificate(key)
 end

 key = OpenSSL::PKey::RSA.new File.read 'config/rsa-2048.pem'
-#key = OpenSSL::PKey::EC.new('secp521r1').generate_key
+# key = OpenSSL::PKey::EC.new('prime256v1').generate_key
 cert = certificate key

 CryptCheck::Logger.info 'Starting server'
@ -78,13 +78,13 @@ context = OpenSSL::SSL::SSLContext.new
 #context         = OpenSSL::SSL::SSLContext.new :TLSv1_1
 context.cert    = cert
 context.key     = key
-context.ciphers = ARGV[0] || 'ECDHE+AESGCM'
+context.ciphers = ARGV[0] || 'EECDH+AESGCM'

-dh                      = OpenSSL::PKey::DH.new File.read 'config/dh-4096.pem'
-context.tmp_dh_callback = proc { dh }
+#dh                      = OpenSSL::PKey::DH.new File.read 'config/dh-4096.pem'
+#context.tmp_dh_callback = proc { dh }
 #context.ecdh_curves = CryptCheck::Tls::Server::SUPPORTED_CURVES.join ':'
 #context.ecdh_curves = 'secp384r1:secp521r1:sect571r1'
-context.ecdh_curves     = 'secp384r1'
+#context.ecdh_curves     = 'prime256v1'
 #ecdh = OpenSSL::PKey::EC.new('secp384r1').generate_key
 #context.tmp_ecdh_callback = proc { ecdh }

@ -92,6 +92,9 @@ host, port = '::', 5000
 tcp_server              = TCPServer.new host, port
 tls_server              = OpenSSL::SSL::SSLServer.new tcp_server, context
 ::CryptCheck::Logger.info "Server started on #{host}:#{port}"
+# ::CryptCheck::Logger.info "Supported ciphers:"
+# context.ciphers.each { |c| ::CryptCheck::Logger.info c.first }
+

 loop do
 	begin
@ -101,15 +104,18 @@ loop do

 		dh = connection.tmp_key
 		cipher = connection.cipher
-		cipher = CryptCheck::Tls::Cipher.new method, cipher, dh
+		cipher = CryptCheck::Tls::Cipher.new method, cipher.first
 		states = cipher.states
-		text   = %i(critical error warning good perfect best).collect do |s|
-			states[s].collect { |t| t.to_s.colorize s }.join ' '
-		end.reject &:empty?
-		text   = text.join ' '
+		# p states
+		# text   = %i(critical error warning good perfect best).collect do |s|
+		# 	states[s].collect { |t| t.to_s.colorize s }.join ' '
+		# end.reject &:empty?
+		# text = []
+		# text   = text.join ' '
+		# text = ''

 		dh     = dh ? " (#{'PFS'.colorize :good} : #{CryptCheck::Tls.key_to_s dh})" : ''
-		CryptCheck::Logger.info { "#{CryptCheck::Tls.colorize method} / #{cipher.colorize}#{dh} [#{text}]" }
+		CryptCheck::Logger.info { "#{cipher}#{dh}" }

 		data       = connection.gets
 		if data