work with ssllabs-scan v1.5.0. fix bug in rdapConformance contents check

parent f1e4fcd0
Pipeline #54 failed with stages
...@@ -108,7 +108,7 @@ sub check_gtld_conformance { ...@@ -108,7 +108,7 @@ sub check_gtld_conformance {
# use the command-line interface to the Qualys SSLLabs scanner, server must score at least A- # use the command-line interface to the Qualys SSLLabs scanner, server must score at least A-
# #
note('running TLS configuration check - this may take a while unless a cached result is available...'); note('running TLS configuration check - this may take a while unless a cached result is available...');
my $pid = open3(undef, \*OUT, \*ERR, 'ssllabs-scan', '-quiet', '-grade', '-usecache', $host); my $pid = open3(undef, \*OUT, \*ERR, 'ssllabs-scan', '-quiet', '-usecache', $host);
undef $/; undef $/;
my $out = <OUT>; my $out = <OUT>;
...@@ -122,38 +122,40 @@ sub check_gtld_conformance { ...@@ -122,38 +122,40 @@ sub check_gtld_conformance {
); );
} else { } else {
my $json = from_json('{'.$out.'}'); my $json = from_json($out);
#
# str is a a test score, such as "A+", "C-", "F", etc
#
my $str = uc($json->{$host});
if (length($str) < 1) {
fail('no valid grade returned by sslabs-scan');
} else {
# generate an integer based on the first character (its ASCII value, minus 64, x 3)
my $grade = 3 * (ord(substr($str, 0, 1)) - 64);
foreach my $endpoint (@{$json->[0]->{'endpoints'}}) {
# #
# increment if it's a "minus" grade # str is a a test score, such as "A+", "C-", "F", etc
# #
$grade++ if ('-' eq substr($str, 1, 1)); my $str = uc($endpoint->{'grade'});
if (length($str) < 1) {
fail('no valid grade returned by sslabs-scan for %s', $endpoint->{'ipAddress'});
# } else {
# decrement if it's a "plus" grade # generate an integer based on the first character (its ASCII value, minus 64, x 3)
# my $grade = 3 * (ord(substr($str, 0, 1)) - 64);
$grade-- if ('+' eq substr($str, 1, 1));
my $msg = sprintf('TLS configuration grade is "%s"', $str); #
# increment if it's a "minus" grade
#
$grade++ if ('-' eq substr($str, 1, 1));
# 4 is "A-": #
if ($grade > 4) { # decrement if it's a "plus" grade
fail($msg); #
$grade-- if ('+' eq substr($str, 1, 1));
} else { my $msg = sprintf('TLS configuration grade for %s is "%s"', $endpoint->{'ipAddress'}, $str);
pass($msg);
# 4 is "A-":
if ($grade > 4) {
fail($msg);
} else {
pass($msg);
}
} }
} }
} }
...@@ -191,14 +193,14 @@ sub check_gtld_conformance { ...@@ -191,14 +193,14 @@ sub check_gtld_conformance {
} }
pass("values in the 'rdapConformance' property are all strings"); pass("values in the 'rdapConformance' property are all strings");
}
if (defined($conformance{'rdap_level_0'})) { if (defined($conformance{'rdap_level_0'})) {
pass("'rdap_level_0' is present in the 'rdapConformance' array"); pass("'rdap_level_0' is present in the 'rdapConformance' array");
} else { } else {
fail("'rdap_level_0' is not present in the 'rdapConformance' array"); fail("'rdap_level_0' is not present in the 'rdapConformance' array");
}
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment