25'ten fazla konu seçemezsiniz Konular bir harf veya rakamla başlamalı, kısa çizgiler ('-') içerebilir ve en fazla 35 karakter uzunluğunda olabilir.

55 satır
1.1KB

  1. require 'socket'
  2. require 'openssl'
  3. require 'httparty'
  4. module CryptCheck
  5. module Tls
  6. module Https
  7. class Server < Tls::Server
  8. attr_reader :hsts
  9. def initialize(hostname, port=443)
  10. super
  11. fetch_hsts
  12. end
  13. def fetch_hsts
  14. port = @port == 443 ? '' : ":#{@port}"
  15. response = nil
  16. @methods.each do |method|
  17. begin
  18. next unless SUPPORTED_METHODS.include? method
  19. @log.debug { "Check HSTS with #{method}" }
  20. response = ::HTTParty.head "https://#{@hostname}#{port}/", { follow_redirects: false, verify: false, ssl_version: method, timeout: SSL_TIMEOUT }
  21. break
  22. rescue Exception => e
  23. @log.debug { "#{method} not supported : #{e}" }
  24. end
  25. end
  26. if response and header = response.headers['strict-transport-security']
  27. name, value = header.split '='
  28. if name == 'max-age'
  29. @hsts = value.to_i
  30. @log.info { "HSTS : #{@hsts}" }
  31. return
  32. end
  33. end
  34. @log.info { 'No HSTS' }
  35. @hsts = nil
  36. end
  37. def hsts?
  38. !@hsts.nil?
  39. end
  40. def hsts_long?
  41. hsts? and @hsts >= 6*30*24*60*60
  42. end
  43. end
  44. end
  45. end
  46. end