mirror of
https://github.com/Evolix/chexpire.git
synced 2024-06-17 23:07:18 +02:00
SSL: accept wildcard domains matching
This commit is contained in:
parent
5117ee1e89
commit
6f7a36a38e
|
@ -33,8 +33,14 @@ module SSL
|
||||||
raise
|
raise
|
||||||
end
|
end
|
||||||
|
|
||||||
def match_domain?(raw)
|
def match_domain?(raw, tested_domain = domain)
|
||||||
raw.match(/\b#{domain}\b/).present?
|
return true if raw.match(/\b#{tested_domain}\b/).present?
|
||||||
|
parts = tested_domain.split(".")
|
||||||
|
|
||||||
|
return false if parts.count <= 2
|
||||||
|
|
||||||
|
parts.shift
|
||||||
|
match_domain?(raw, parts.join("."))
|
||||||
end
|
end
|
||||||
|
|
||||||
def build_response(match)
|
def build_response(match)
|
||||||
|
|
1
test/fixtures/files/ssl/wildcard.domain.org.txt
vendored
Normal file
1
test/fixtures/files/ssl/wildcard.domain.org.txt
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
OK - Certificate 'domain.org' will expire on Sat 10 Jun 2028 09:14:18 AM GMT +0000.
|
|
@ -31,7 +31,23 @@ module SSL
|
||||||
assert_raises DomainNotMatchError do
|
assert_raises DomainNotMatchError do
|
||||||
parser.parse(output)
|
parser.parse(output)
|
||||||
end
|
end
|
||||||
|
test "should accept responses for wildcard certificates" do
|
||||||
|
parser = Parser.new("ssl1.domain.org")
|
||||||
|
output = file_fixture("ssl/wildcard.domain.org.txt").read
|
||||||
|
|
||||||
|
response = parser.parse(output)
|
||||||
|
|
||||||
|
assert_equal Time.new(2028, 6, 10, 9, 14, 18, 0), response.expire_at
|
||||||
|
assert response.expire_at.utc?
|
||||||
|
|
||||||
|
parser = Parser.new("deep.ssl1.domain.org")
|
||||||
|
output = file_fixture("ssl/wildcard.domain.org.txt").read
|
||||||
|
|
||||||
|
response = parser.parse(output)
|
||||||
|
|
||||||
|
assert_equal Time.new(2028, 6, 10, 9, 14, 18, 0), response.expire_at
|
||||||
end
|
end
|
||||||
|
|
||||||
test "should raises InvalidResponseError when check response is not matched" do
|
test "should raises InvalidResponseError when check response is not matched" do
|
||||||
parser = Parser.new("ssl100.invalid.org")
|
parser = Parser.new("ssl100.invalid.org")
|
||||||
output = file_fixture("ssl/ssl100.invalid.org.txt").read
|
output = file_fixture("ssl/ssl100.invalid.org.txt").read
|
||||||
|
|
Loading…
Reference in a new issue