| Age | Commit message (Collapse) | Author |
|---|
|
This merge-request contains almost entirely mechanical changes,
with a few exceptions:
* I changed `do_ipv4` and `do_ipv6` to `ipv4` and `ipv6` respectively.
* This fixed a warning about normal-casing.
* I changed a test-case to compare against both `Integer` and `Fixnum`
* Suspect this is a ruby-versionism.
The tests continue to pass, so I believe this is safe to merge,
but of course it is still not 100%:
lib/custodian/queue.rb:135:21: W: Assignment in condition - you probably meant to use ==.
added = true
^
lib/custodian/protocoltest/ssl.rb:218:5: W: Do not shadow rescued Exceptions
rescue OpenSSL::SSL::SSLError => err ...
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
lib/custodian/protocoltest/ssl.rb:286:5: W: Do not shadow rescued Exceptions
rescue OpenSSL::SSL::SSLError => err ...
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
lib/custodian/protocoltest/http.rb:307:7: C: Assignment Branch Condition size for run_test is too high. [84.53/72]
def run_test
^^^
lib/custodian/protocoltest/http.rb:307:7: C: Cyclomatic complexity for run_test is too high. [22/19]
def run_test
^^^
lib/custodian/protocoltest/http.rb:307:7: C: Method has too many lines. [97/87]
def run_test ...
^^^^^^^^^^^^
lib/custodian/protocoltest/http.rb:307:7: C: Perceived complexity for run_test is too high. [23/21]
def run_test
In short this takes care of _most_ of the warnings, but updates requiring
significant code-change have not been applied.
|
|
|
|
If ruby-based SSL negotiation fails then we fallback to invoking
(horridly!) openssl directly. Until now this didn't send the SNI
hostname to connect to, so it could only test the first/default SSL site
that was listening upon a given IP address.
This commit updates things such that we send the correct hostname,
from the URL under-test.
|
|
Since the ruby version available to wheezy doesn't support TLS 1.2
fetching the certificate from remote HTTPS servers will fail, if
that is all that is available.
If we hit that condition, and only that one, we'll fall back to
invoking `openssl` natively. This will allow us to monitor
expiration-time for remote SSL certificates, but the downside is
that we no longr receive the bundle that the remote server might
send - so we cannot validate the signature chain.
This closes #2.
|
|
|
|
This prevents an endless loop.
|
|
These warnings were largely whitespace-based.
|
|
|
|
This is a good thing to do, as Chrome will apaprently be
refusing to show sites with SHA-1 in use over SHA-256.
This closes #12358.
|
|
This allows better alerting.
|
|
This update consists of two changes:
* No longer return "true" or "false" instead return "TEST_FAILED", or "TEST_SUCCEEDED".
* Removed the testing of test-inversion from the class, now it lives in the base-class where it should have done all along.
|
|
|
|
|
|
|
|
|
|
These were all identified and suggested by rubocop.
|
|
|
|
So "foo" is less good than 'foo'.
|
|
Ruby is not Perl, much as I sometimes wish it were.
|
|
The last expression of a method is the return value. So:
def foo; false ; end
Is the same as:
def foo; return false; end
|
|
|
|
Instead prefer ".".
Flagged by rubocop
|
|
These are not required if the argument is string already, or has
a _to_s method which will be automatically invoked by magic.
|
|
|
|
|
|
|
|
This is a clone of the code that we're already using for
SSL checking of domains. The biggest excpetion is that I've
disabled the SSL v2/v3 checking because that is causing alerts
on https://google.com/
This closes #9563.
|
|
|
|
This is a stub for the moment, but it validates that we can have
multiple handlers for a given test-type.
This updates #9558.
|
