work with ssllabs-scan v1.5.0. fix bug in rdapConformance contents check

0241b724 · Gavin Brown · f1e4fcd0 · 0241b724
Unverified Commit 0241b724 authored May 10, 2019 by Gavin Brown
Hide whitespace changes
Inline Side-by-side

Showing with 32 additions and 30 deletions

rdap-conformance rdap-conformance +32 -30

No files found.
--- a/rdap-conformance
+++ b/rdap-conformance
@@ -108,7 +108,7 @@ sub check_gtld_conformance {
 	# use the command-line interface to the Qualys SSLLabs scanner, server must score at least A-
 	#
 	note('running TLS configuration check - this may take a while unless a cached result is available...');
-	my $pid = open3(undef, \*OUT, \*ERR, 'ssllabs-scan', '-quiet', '-grade', '-usecache', $host);
+	my $pid = open3(undef, \*OUT, \*ERR, 'ssllabs-scan', '-quiet', '-usecache', $host);

 	undef $/;
 	my $out = <OUT>;
@@ -122,38 +122,40 @@ sub check_gtld_conformance {
 		);

 	} else {
-		my $json = from_json('{'.$out.'}');
-
-		#
-		# str is a a test score, such as "A+", "C-", "F", etc
-		#
-		my $str = uc($json->{$host});
-		if (length($str) < 1) {
-			fail('no valid grade returned by sslabs-scan');
-
-		} else {
-			# generate an integer based on the first character (its ASCII value, minus 64, x 3)
-			my $grade = 3 * (ord(substr($str, 0, 1)) - 64);
+		my $json = from_json($out);

+		foreach my $endpoint (@{$json->[0]->{'endpoints'}}) {
 			#
-			# increment if it's a "minus" grade
+			# str is a a test score, such as "A+", "C-", "F", etc
 			#
-			$grade++ if ('-' eq substr($str, 1, 1));
+			my $str = uc($endpoint->{'grade'});
+			if (length($str) < 1) {
+				fail('no valid grade returned by sslabs-scan for %s', $endpoint->{'ipAddress'});

-			#
-			# decrement if it's a "plus" grade
-			#
-			$grade-- if ('+' eq substr($str, 1, 1));
+			} else {
+				# generate an integer based on the first character (its ASCII value, minus 64, x 3)
+				my $grade = 3 * (ord(substr($str, 0, 1)) - 64);

-			my $msg = sprintf('TLS configuration grade is "%s"', $str);
+				#
+				# increment if it's a "minus" grade
+				#
+				$grade++ if ('-' eq substr($str, 1, 1));

-			# 4 is "A-":
-			if ($grade > 4) {
-				fail($msg);
+				#
+				# decrement if it's a "plus" grade
+				#
+				$grade-- if ('+' eq substr($str, 1, 1));

-			} else {
-				pass($msg);
+				my $msg = sprintf('TLS configuration grade for %s is "%s"', $endpoint->{'ipAddress'}, $str);
+
+				# 4 is "A-":
+				if ($grade > 4) {
+					fail($msg);

+				} else {
+					pass($msg);
+
+				}
 			}
 		}
 	}
@@ -191,14 +193,14 @@ sub check_gtld_conformance {
 			}

 			pass("values in the 'rdapConformance' property are all strings");
+		}

-			if (defined($conformance{'rdap_level_0'})) {
-				pass("'rdap_level_0' is present in the 'rdapConformance' array");
+		if (defined($conformance{'rdap_level_0'})) {
+			pass("'rdap_level_0' is present in the 'rdapConformance' array");

-			} else {
-				fail("'rdap_level_0' is not present in the 'rdapConformance' array");
+		} else {
+			fail("'rdap_level_0' is not present in the 'rdapConformance' array");

-			}
 		}
 	}