Example #1
0
class CheckTldMatches(object):
    TLD_LIST = tld_list.TLDList()

    @classmethod
    def check(cls, names, prefix=None):
        # This check is different from others, because it's supposed to be used
        # by other checks (common_name and dnsnames). The code for this check
        # would be the same in common_name and dnsnames, but resulting
        # observations should have different descriptions. This check still can
        # live on it's own if list of addresses is passed instead of
        # certificate. If prefix is provided, it's attached to descriptions of
        # observations.
        observations = []
        for name in names:
            name = name.value
            try:
                tld_match, idna_match, unicode_fail = (
                    cls.TLD_LIST.match_certificate_name(name))
            except ValueError:
                observations += [NotAnAddress(details=name, prefix=prefix)]
                continue
            if unicode_fail:
                observations += [
                    NonUnicodeAddress(details=name, prefix=prefix)
                ]
            if tld_match and idna_match and tld_match != idna_match:
                observations += [
                    TldMatchesBothUnicodeAndIdna(details=(name, tld_match,
                                                          idna_match),
                                                 prefix=prefix)
                ]
            if not (tld_match or idna_match):
                observations += [NoTldMatch(details=(name), prefix=prefix)]
            # Check for generic wildcard
            if name.startswith('*.'):
                name_without_wildcard = name[2:]
                tld_match, idna_match, _ = cls.TLD_LIST.match_certificate_name(
                    name_without_wildcard)
                if (tld_match == name_without_wildcard
                        or idna_match == name_without_wildcard):
                    observations += [
                        GenericWildcard(
                            details=(name,
                                     tld_match if tld_match else idna_match),
                            prefix=prefix)
                    ]
        return observations
Example #2
0
 def get_tld_list(cls):
     if not cls.TLD_LIST_:
         cls.TLD_LIST_ = tld_list.TLDList()
     return cls.TLD_LIST_
Example #3
0
 def setUp(self):
     tld_check.CheckTldMatches.TLD_LIST_ = tld_list.TLDList(
         tld_dir="ct/cert_analysis/test_data/",
         tld_file_name="test_tld_list")
Example #4
0
from ct.cert_analysis import tld_check


def gen_dns_name(name):
    dns_name = mock.Mock()
    dns_name.value = name
    return dns_name


def cert_with_urls(*args):
    certificate = mock.MagicMock()
    certificate.subject_dns_names = mock.Mock(return_value=list(args))
    return certificate


tlds = tld_list.TLDList(tld_dir="ct/cert_analysis/test_data/",
                        tld_file_name="test_tld_list")

EXAMPLE = gen_dns_name("example.com")
EXAMPLE_WILDCARD = gen_dns_name("*.example.com")
UTF8_URL = gen_dns_name("ćęrtifićątętrąńśpąręńćy.com")
NON_UTF8_URL = gen_dns_name("\xff.com")
URL_INVALID_CHARACTERS_5 = gen_dns_name("[][]].com")
EMAIL_ADDRESS = gen_dns_name("*****@*****.**")
NOT_TLD = gen_dns_name("asdf.asdf")
WILDCARD_TLD = gen_dns_name("*.com")
NON_UNICODE_TLD = gen_dns_name("\xff\x00.com")


class DnsnamesTest(base_check_test.BaseCheckTest):
    def setUp(self):
        tld_check.CheckTldMatches.TLD_LIST_ = tld_list.TLDList(
Example #5
0
 def setUp(self):
     tld_check.CheckTldMatches.TLD_LIST_ = tld_list.TLDList(
         tld_dir=test_config.get_tld_directory(),
         tld_file_name="test_tld_list")
Example #6
0
 def default_list(self):
     return tld_list.TLDList(tld_dir=TLD_DIR,
                             tld_file_name=TLD_FILE)
Example #7
0
 def default_list(self):
     return tld_list.TLDList(tld_dir=test_config.get_tld_directory(),
                             tld_file_name=TLD_FILE)