jrd/tls-dashboard
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Add an error block for a hostname mismatch, and a final error block for all other errors, to prevent the script from dying when a connection fails. Fixes Issue #3.

Browse Source
This commit is contained in:
Craine Runton 2016-05-31 10:16:17 -06:00
parent 428e35c5db
commit b095739633
2 changed files with 63 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
node_app/get_cert_info.js
View File

@ -67,7 +67,7 @@ function get_cert_parameters(element, index, array) {
if (e.code ==='ECONNREFUSED') { if (e.code ==='ECONNREFUSED') {
// The connection was refused by the server (ex. 443 not open, not resonding, etc.) // The connection was refused by the server (ex. 443 not open, not resonding, etc.)
assert(false, 'Connection to '+element+' refused') assert(false, 'Connection to '+element+' refused');
var parsed = { var parsed = {
'server': element, 'server': element,
'subject': { 'subject': {
@ -88,7 +88,7 @@ function get_cert_parameters(element, index, array) {
} else if (e.code ==='ECONNRESET') { } else if (e.code ==='ECONNRESET') {
// The connection to the server timed out // The connection to the server timed out
assert(false, 'Connection to '+element+' timed out') assert(false, 'Connection to '+element+' timed out');
var parsed = { var parsed = {
'server': element, 'server': element,
'subject': { 'subject': {
@ -106,6 +106,48 @@ function get_cert_parameters(element, index, array) {
}; };
add_cert_details(parsed, iteration); add_cert_details(parsed, iteration);
check_iterations(); check_iterations();
} else if (e.reason.startsWith('Host: '+element+'. is not in the cert\'s altnames')) {
// There is a hostname mismatch between the cert and the server
assert(false, element+' had a hostname mismatch');
var parsed = {
'server': element,
'subject': {
'org': 'Unknown',
'common_name': 'Unknown',
'sans': 'Unknown'
},
'issuer': {
'org': 'Unknown',
'common_name': 'Hostname mismatch'
},
'info': {
'days_left': '??'
}
};
add_cert_details(parsed, iteration);
check_iterations();
} else {
var err = e;
// Catchall for all other errors to prevent the script bombing out
assert(false, 'Connection to '+element+' errored out');
var parsed = {
'server': element,
'subject': {
'org': 'Unknown',
'common_name': 'Unknown',
'sans': 'Unknown'
},
'issuer': {
'org': 'Unknown',
'common_name': ''
},
'info': {
'days_left': '??'
'common_name': 'Unspecified error'
}
};
add_cert_details(parsed, iteration);
check_iterations();
} }
}) })

56
web_service/js/tls-dashboard/certificates.js
View File

@ -51,39 +51,6 @@ var cert_info = {
} }
}, },
"4": { "4": {
"server": "barnacl.es",
"subject": {
"common_name": "www.barnacl.es",
"sans": "DNS:www.barnacl.es, DNS:barnacl.es"
},
"issuer": {
"org": "StartCom Ltd.",
"common_name": "StartCom Class 1 DV Server CA"
},
"info": {
"valid_from": "2016-04-13T20:08:11.000Z",
"valid_to": "2017-04-13T20:08:11.000Z",
"days_left": 324
}
},
"5": {
"server": "www.bitbucket.com",
"subject": {
"org": "Atlassian, Inc.",
"common_name": "*.bitbucket.com",
"sans": "DNS:*.bitbucket.com, DNS:bitbucket.com"
},
"issuer": {
"org": "DigiCert Inc",
"common_name": "DigiCert SHA2 High Assurance Server CA"
},
"info": {
"valid_from": "2015-04-10T00:00:00.000Z",
"valid_to": "2017-05-10T12:00:00.000Z",
"days_left": 351
}
},
"6": {
"server": "www.github.com", "server": "www.github.com",
"subject": { "subject": {
"org": "GitHub, Inc.", "org": "GitHub, Inc.",
@ -100,7 +67,7 @@ var cert_info = {
"days_left": 723 "days_left": 723
} }
}, },
"7": { "5": {
"server": "example.dev", "server": "example.dev",
"subject": { "subject": {
"org": "Unknown", "org": "Unknown",
@ -115,7 +82,7 @@ var cert_info = {
"days_left": "??" "days_left": "??"
} }
}, },
"8": { "6": {
"server": "example.dev", "server": "example.dev",
"subject": { "subject": {
"org": "Unknown", "org": "Unknown",
@ -130,7 +97,7 @@ var cert_info = {
"days_left": "??" "days_left": "??"
} }
}, },
"9": { "7": {
"server": "danger.example.com", "server": "danger.example.com",
"subject": { "subject": {
"common_name": "danger.example.com", "common_name": "danger.example.com",
@ -146,7 +113,7 @@ var cert_info = {
"days_left": 15 "days_left": 15
} }
}, },
"10": { "8": {
"server": "warning.example.com", "server": "warning.example.com",
"subject": { "subject": {
"common_name": "warning.example.com", "common_name": "warning.example.com",
@ -162,4 +129,19 @@ var cert_info = {
"days_left": 40 "days_left": 40
} }
}, },
"9": {
"server": "mismatch.example.com",
"subject": {
"org": "Unknown",
"common_name": "Unknown",
"sans": "Unknown"
},
"issuer": {
"org": "Unknown",
"common_name": "Hostname mismatch"
},
"info": {
"days_left": "??"
}
}
} }