Browse Source

Check for must_staple cert extension

new-scoring
aeris 2 years ago
parent
commit
f209e17f5d
2 changed files with 6 additions and 0 deletions
  1. 2
    0
      lib/cryptcheck/tls/https/grade.rb
  2. 4
    0
      lib/cryptcheck/tls/server.rb

+ 2
- 0
lib/cryptcheck/tls/https/grade.rb View File

@@ -6,6 +6,8 @@ module CryptCheck
super + [
[:hsts, Proc.new { |s| s.hsts? }, :good],
[:hsts_long, Proc.new { |s| s.hsts_long? }, :perfect],

#[:must_staple, Proc.new { |s| s.must_staple? }, :best],
]
end
end

+ 4
- 0
lib/cryptcheck/tls/server.rb View File

@@ -178,6 +178,10 @@ module CryptCheck
@fallback_scsv
end

def must_staple?
@cert.extensions.any? { |e| e.oid == '1.3.6.1.5.5.7.1.24' }
end

private
def name
name = "#@ip:#@port"

Loading…
Cancel
Save