Age | Commit message (Collapse) | Author |
|
If ruby-based SSL negotiation fails then we fallback to invoking
(horridly!) openssl directly. Until now this didn't send the SNI
hostname to connect to, so it could only test the first/default SSL site
that was listening upon a given IP address.
This commit updates things such that we send the correct hostname,
from the URL under-test.
|
|
Since the ruby version available to wheezy doesn't support TLS 1.2
fetching the certificate from remote HTTPS servers will fail, if
that is all that is available.
If we hit that condition, and only that one, we'll fall back to
invoking `openssl` natively. This will allow us to monitor
expiration-time for remote SSL certificates, but the downside is
that we no longr receive the bundle that the remote server might
send - so we cannot validate the signature chain.
This closes #2.
|
|
|
|
This prevents an endless loop.
|
|
These warnings were largely whitespace-based.
|
|
|
|
|
|
We cannot allow HTTP/HTTPS to be limited by protocol,
such as IPv4-only or IPv6-only. Raise an error in the
parser if this is attempted.
Added test-case to confirm, and this closes #12488.
|
|
It should match the next occurrence of the opening quote type, not the
last.
|
|
It now matches "can't match" and 'he said "ha!"'.
Added tests.
|
|
This changes the parser from only allowing this:
http://example.com/ must run http with content 'reserved'.
To allowing both of these:
http://example.com/ must run http with content "reservered".
http://example.com/ must run http with content 'reserved'.
|
|
|
|
This is a good thing to do, as Chrome will apaprently be
refusing to show sites with SHA-1 in use over SHA-256.
This closes #12358.
|
|
This prevents a slightly ugly backtrace instead of a genuinely
useful report.
|
|
This allows better alerting.
|
|
In the past we needed to write:
must run tcp on 3306.
Now we can add the "port" to match the rest of the tests:
must run tcp on port 3306.
|
|
This just does a TCP-connection to port 3389.
|
|
This update consists of two changes:
* No longer return "true" or "false" instead return "TEST_FAILED", or "TEST_SUCCEEDED".
* Removed the testing of test-inversion from the class, now it lives in the base-class where it should have done all along.
|
|
|
|
|
|
Due to some sloppy edits this module was not correct.
|
|
|
|
This was failing because '$ERROR_INFO' is only available if
you
require 'English'
|
|
|
|
|
|
|
|
|
|
These were all identified and suggested by rubocop.
|
|
|
|
So "foo" is less good than 'foo'.
|
|
|
|
Ruby is not Perl, much as I sometimes wish it were.
|
|
The last expression of a method is the return value. So:
def foo; false ; end
Is the same as:
def foo; return false; end
|
|
|
|
This is neater. Flagged by rubocop
|
|
Instead use {} + ().
|
|
|
|
|
|
Instead prefer ".".
Flagged by rubocop
|
|
These are not required if the argument is string already, or has
a _to_s method which will be automatically invoked by magic.
|
|
Instead rescue a 'StandardError' which is slightly more specific.
(Rescuing more specific exceptions is good.)
|
|
This:
def foo
line
end
Is the same as this:
def foo
return( line )
end
|
|
We prefer "File.exist?".
Flagged by rubocop.
|
|
Instead of "$0" use $PROGRAM_NAME, instead of $! use "$LOAD_PATH". This
is more explicit and less-magic.
Flagged by rubocop
|
|
|
|
|
|
|
|
Via "ipv6_only" and "IPv4_only"
|
|
If a target is a hostname we'll explicitly resolve it for
both IPv4 and IPv6.
|
|
THis tests that a server is listening on :53.
|