New version

.ruby-version

@@ -0,0 +1 @@
+2.3.3-cryptcheck

Guardfile

@@ -1,4 +1,4 @@
-guard 'livereload' do
+guard :livereload do
 	watch(%r{app/views/.+\.(erb|haml|slim)$})
 	watch(%r{app/helpers/.+\.rb})
 	watch(%r{public/.+\.(css|js|html)})
@@ -6,3 +6,8 @@ guard 'livereload' do
 	# Rails Assets Pipeline
 	watch(%r{(app|vendor)(/assets/\w+/(.+\.(css|js|html|png|jpg|coffee|scss))).*}) { |m| "/assets/#{m[3]}" }
 end
+
+#guard :rails do
+#	watch('Gemfile.lock')
+#	watch(%r{^(config|lib)/.*})
+#end

app/assets/stylesheets/application.scss

@@ -1,6 +1,5 @@
 //= require_tree .
 //= require_self
-
 @import 'bootstrap-sprockets';
 @import 'bootstrap';
 @import 'bootstrap/variables';
@@ -21,7 +20,6 @@
 @import 'bootstrap/alerts';
 @import 'bootstrap/utilities';
 @import 'bootstrap/responsive-utilities';
-
 @import 'font-awesome-sprockets';
 @import 'font-awesome';
 
@@ -67,36 +65,55 @@ td.primary {
 	margin-top: 100px;
 }
 
+$color-critical: #d9534f;
+$color-error: #e4804e;
+$color-warning: #f0ad4e;
+$color-good: #beb052;
+$color-best: #8db457;
+$color-great: #5cb85c;
+
 .label-state-critical {
-  //background-color: #800000;
-  background-color: #ff0000;
+	background-color: $color-critical;
 }
-
 .label-state-error {
-  //background-color: #803300;
-  background-color: #ff6600;
+	background-color: $color-error;
 }
-
 .label-state-warning {
-  //background-color: #806600;
-  background-color: #ffcc00;
-  color: $text-color;
+	background-color: $color-warning;
+	color: $text-color;
 }
-
 .label-state-good {
-  //background-color: #668000;
-  background-color: #cbff00;
-  color: $text-color;
+	background-color: $color-good;
+	color: $text-color;
+}
+.label-state-best {
+	background-color: $color-best;
 }
-
 .label-state-great {
-  //background-color: #338000;
-  background-color: #65ff00;
+	background-color: $color-great;
 }
 
-.label-state-best {
-  //background-color: #008000;
-  background-color: #00ff00;
+.label-state-default {
+	//background-color: #008000;
+	background-color: $label-default-bg;
+}
+.label-state-success {
+	background-color: $label-success-bg;
 }
 
+.alert-critical, .alert-error {
+	background-color: $alert-danger-bg;
+	color: $alert-danger-text;
+	border-color: $alert-danger-border
+}
+.alert-warning {
+	background-color: $alert-warning-bg;
+	color: $alert-warning-text;
+	border-color: $alert-warning-border
+}
+.alert-good, .alert-great, .alert-best {
+	background-color: $alert-success-bg;
+	color: $alert-success-text;
+	border-color: $alert-success-border
+}
 

app/controllers/check_controller.rb

@@ -41,18 +41,22 @@ class CheckController < ApplicationController
 		@id = params[:id]
 
 		if @id.end_with? '.json'
-			@id = @id.sub /\.json$/, ''
+			@id            = @id.sub /\.json$/, ''
 			request.format = :json
 		end
 
 		@host, @port = @id.split ':'
-		@host = SimpleIDN.to_ascii @host.downcase
+		@host        = SimpleIDN.to_ascii @host.downcase
 		if /[^a-zA-Z0-9.-]/ =~ @host
 			flash[:danger] = "Hôte #{@host} invalide"
 			redirect_to action: :index
 			return false
 		end
-		@port = @port.to_i if @port
+		if @port
+			@port = @port.to_i
+		else
+			@port = self.default_port
+		end
 
 		@result = Analysis[self.type, @host, @port]
 		# file = File.join Rails.root, 'config/host.yml'

app/controllers/https_controller.rb

@@ -11,4 +11,8 @@ class HttpsController < CheckController
 	def tls_type
 		'HTTPS'
 	end
+
+	def default_port
+		443
+	end
 end

app/controllers/smtp_controller.rb

@@ -11,4 +11,8 @@ class SmtpController < CheckController
 	def tls_type
 		'STARTTLS'
 	end
+
+	def default_port
+		25
+	end
 end

app/controllers/ssh_controller.rb

@@ -11,4 +11,8 @@ class SshController < CheckController
 	def tls_type
 		'SSH'
 	end
+
+	def default_port
+		22
+	end
 end

app/helpers/check_helper.rb

@@ -1,16 +1,19 @@
 module CheckHelper
-	private def __label(value, color)
-		"<span class=\"label label-#{color} %>\">#{value}</span>"
+	private def __label(value, color, state=true)
+		color = :default unless color
+		color = "state-#{color}" if state
+		"<span class=\"label label-#{color}\">#{value}</span>"
 	end
-	def label(value, color)
-		__label(value, color).html_safe
+
+	def label(value, color, state=true)
+		__label(value, color, state).html_safe
 	end
 
-	def cell(value, color)
-		"<td class=\"#{color}\">#{value}</td>".html_safe
+	def cell(value, color, state=true)
+		"<td class=\"label-state-#{color}\">#{value}</td>".html_safe
 	end
 
-	def labels(level, states)
+	def labels(level, states, state=true)
 		states.each_pair.collect do |name, value|
 			color = if value.nil?
 						:default
@@ -19,32 +22,32 @@ module CheckHelper
 					else
 						value ? :success : :danger
 					end
-			__label name, color
+			__label name, color, state
 		end.join(' ').html_safe
 	end
 
 	def states(states)
 		::CryptCheck::State.collect do |level|
-			states[level].each_pair.select { |_, v| v == true }.collect do |name, _|
-				__label name, "state-#{level}"
-			end
+			states[level].each_pair
+					.select { |_, v| v == true }
+					.collect { |name, _| __label name, level }
 		end.flatten(1).join(' ').html_safe
 	end
 
 	def rank_color(rank)
 		case rank
-			when 'A+' then
-				:primary
-			when 'A' then
-				:success
-			when 'B' then
-				:default
-			when 'C', 'D' then
+			when :'A+' then
+				:great
+			when :A then
+				:best
+			when :B then
+				:good
+			when :C, :D then
 				:warning
-			when 'E', 'F' then
-				:danger
-			else
+			when :E, :F then
 				:error
+			else
+				:critical
 		end
 	end
 
@@ -79,15 +82,7 @@ module CheckHelper
 	end
 
 	def protocol_label(protocol)
-		color = case protocol.to_s
-					when 'TLSv1_2' then
-						:success
-					when 'SSLv3', 'SSLv2' then
-						:error
-					else
-						:default
-				end
-		label protocol, color
+		label protocol.to_sym, protocol.status
 	end
 
 	def protocol_labels(protocols)
@@ -140,21 +135,9 @@ module CheckHelper
 	end
 
 	def cipher_name_label(cipher)
-		state = cipher[:state]
-		color = case
-					when !state[:error].empty? then
-						:error
-					when !state[:danger].empty? then
-						:danger
-					when !state[:warning].empty? then
-						:warning
-					when !state[:success].empty? then
-						:success
-					else
-						:default
-				end
-		color = :primary if color == :success and cipher.size >= 256
-		label("&nbsp;", color) + "&nbsp;#{cipher.name}".html_safe
+		status = cipher.status
+		status = :success if status == :good
+		label("&nbsp;", status) + "&nbsp;#{cipher.name}".html_safe
 	end
 
 	def cipher_labels(cipher)
@@ -165,13 +148,13 @@ module CheckHelper
 	def cipher_kex_type_cell(kex)
 		color = case kex
 					when :ecdh then
-						:primary
+						nil
 					when :dh then
-						:success
-					when :rsa then
 						:warning
-					else
+					when :rsa then
 						:error
+					else
+						:critical
 				end
 		kex   ||= 'None'
 		cell kex.to_s.upcase, color
@@ -184,12 +167,10 @@ module CheckHelper
 
 	def cipher_auth_type_cell(auth)
 		color = case auth
-					when :ecdsa then
-						:primary
-					when :rsa then
-						:default
+					when :ecdsa, :rsa then
+						nil
 					else
-						:error
+						:critical
 				end
 		auth  ||= 'None'
 		cell auth.to_s.upcase, color
@@ -202,52 +183,55 @@ module CheckHelper
 
 	def cipher_enc_type_cell(enc)
 		color = case enc
-					when :chacha20 then
-						:primary
-					when :aes then
+					when :chacha20
 						:success
-					when :camellia, :seed then
-						:default
-					else
-						:error
+					when nil, :rc4
+						:critical
 				end
 		enc   ||= 'NONE'
 		cell enc.to_s.upcase, color
 	end
 
-	def cipher_enc_key_size_cell(enc)
-		enc   ||= 0
-		color = cipher_color enc
+	def cipher_enc_block_size_cell(enc)
+		color = case
+					when enc.nil?
+						nil
+					when enc <= 64
+						:critical
+					when enc < 128
+						:error
+				end
 		cell enc, color
 	end
 
-	def cipher_enc_block_size_cell(enc)
-		return cell '', :default unless enc
-		color = cipher_color enc
+	def cipher_enc_key_size_cell(enc)
+		color = case
+					when enc.nil?
+						nil
+					when enc < 128
+						:critical
+				end
 		cell enc, color
 	end
 
 	def cipher_enc_mode_cell(enc)
 		color = case enc
-					when :gcm, :ccm then
-						:primary
-					when :cbc then
-						:danger
+					when :gcm, :ccm, :aead
+						:success
 				end
-		enc   ||= ''
 		cell enc.to_s.upcase, color
 	end
 
 	def cipher_mac_type_cell(mac)
 		color = case mac
 					when :poly1305 then
-						:primary
-					when :sha384, :sha256 then
 						:success
+					when :sha384, :sha256 then
+						nil
 					when :sha1 then
 						:warning
-					when :md5 then
-						:error
+					else
+						:critical
 				end
 		cell mac.to_s.upcase, color
 	end
@@ -257,7 +241,7 @@ module CheckHelper
 	end
 
 	def cipher_pfs_cell(pfs)
-		return cell 'PFS', :success if pfs
-		cell 'No PFS', :warning
+		return cell 'PFS', nil if pfs
+		cell 'No PFS', :error
 	end
 end

app/views/check/show.html.erb

@@ -12,77 +12,158 @@
 		<% end %>
 	</div>
 
-	<% @result.hosts.each do |host| %>
+	<% @result.result.each do |host| %>
 		<div class="row">
 			<div class="col-sm-12">
 				<h2>
-					<%= rank_label host.grade %>
-					<%= host.ip %> : <%= host.port %>
-					<span class="small">(<%= host.hostname %>)</span></h2>
+					<%= rank_label host[:grade] %>
+					<%= host[:ip] %> : <%= host[:port] %>
+					<span class="small">(<%= host[:hostname] %>)</span></h2>
 			</div>
 		</div>
 
 		<div class="row">
 			<div class="col-sm-12">
+				<% ::CryptCheck::State.each do |level|
+					host[:states][level].each do |state, value|
+						next unless value
+				%>
+					<div class="alert alert-<%= level %>"><%= t "alert.#{level}.#{state}" %></div>
+				<% end
+				end %>
+				<!--
 				<h3><%= t 'Checks' %></h3>
 				<table class="table table-bordered table-condensed table-striped">
 					<thead>
 					<th><%= t 'Severity' %></th>
-					<td></td>
+					<td>
+						<%= t 'Checks' %>
+						(
+						<%= label 'OK', :success, false %>
+						<%= label 'KO', :danger, false %>
+						<%= label 'N/A', :default, false %>
+						)
+					</td>
 					</thead>
 					<tbody>
 					<% ::CryptCheck::State.each do |level| %>
 						<tr>
-							<th><%= label level, "state-#{level}" %></th>
-							<td><%= labels level, host.states[level] %></td>
+							<th><%= label level, "state-#{level}", false %></th>
+							<td><%= labels level, host[:states][level], false %></td>
 						</tr>
 					<% end %>
 					</tbody>
 				</table>
+				-->
 			</div>
 		</div>
 
-		<div class="row">
+		<!--div class="row">
 			<div class="col-sm-12">
 				<h3><%= t 'Certificates' %></h3>
 				<table class="table table-bordered table-condensed table-striped">
 					<thead>
-						<tr>
-							<th>
-								<%= t 'Subject' %>
-								<span class="small">[<%= t 'Serial' %>]</span>
-								<div class="small"><%= t 'Fingerprint' %></div>
-							</th>
-							<td><%= t 'Issuer' %></td>
-							<td><%= t 'Not before' %></td>
-							<td><%= t 'Not after' %></td>
-							<th></th>
-						</tr>
+					<tr>
+						<th>
+							<%= t 'Subject' %>
+							<span class="small">[<%= t 'Serial' %>]</span>
+							<div class="small"><%= t 'Fingerprint' %></div>
+						</th>
+						<td><%= t 'Issuer' %></td>
+						<td><%= t 'Not before' %></td>
+						<td><%= t 'Not after' %></td>
+						<th></th>
+					</tr>
 					</thead>
 					<tbody>
-						<% host.handshakes.certs.each do |cert| %>
+					<% host[:handshakes][:certs].each do |cert| %>
 						<tr>
 							<th>
-								<%= cert.subject %> [<%= cert.serial %>]
-								<div class="small"><%= cert.fingerprint %></div>
+								<%= cert[:subject] %> [<%= cert[:serial] %>]
+								<div class="small"><%= cert[:fingerprint] %></div>
 							</th>
-							<td><%= cert.issuer %></td>
-							<td><%= l cert.lifetime.not_before %></td>
-							<td><%= l cert.lifetime.not_after %></td>
-							<td><%= states cert.states %></td>
+							<td><%= cert[:issuer] %></td>
+							<td><%= l cert[:lifetime][:not_before] %></td>
+							<td><%= l cert[:lifetime][:not_after] %></td>
+							<td><%= states cert[:states] %></td>
 						</tr>
-							<% cert.chain.each do |cert| %>
-						<tr>
-							<th>
-								<%= cert.subject %> [<%= cert.serial %>]
-								<div class="small"><%= cert.fingerprint %></div>
-							</th>
-							<td><%= cert.issuer %></td>
-							<td><%= l cert.lifetime.not_before %></td>
-							<td><%= l cert.lifetime.not_after %></td>
-						</tr>
-							<% end %>
+						<% cert[:chain].each do |cert| %>
+							<tr>
+								<th>
+									<%= cert[:subject] %> [<%= cert[:serial] %>]
+									<div class="small"><%= cert[:fingerprint] %></div>
+								</th>
+								<td><%= cert[:issuer] %></td>
+								<td><%= l cert[:lifetime][:not_before] %></td>
+								<td><%= l cert[:lifetime][:not_after] %></td>
+							</tr>
 						<% end %>
+					<% end %>
+					</tbody>
+				</table>
+			</div>
+		</div-->
+
+		<div class="row">
+			<div class="col-sm-12">
+				<table class="table table-bordered table-condensed table-striped center">
+					<thead>
+					<tr>
+						<th rowspan="2"><%= t 'Name' %></th>
+						<th colspan="2"><%= t 'Key exchange' %></th>
+						<th colspan="2"><%= t 'Authentication' %></th>
+						<th colspan="4"><%= t 'Encryption' %></th>
+						<th colspan="2"><%= t 'MAC' %></th>
+						<th rowspan="2"><%= t 'PFS' %></th>
+					</tr>
+					<tr>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Key size' %></th>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Key size' %></th>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Key size' %></th>
+						<th><%= t 'Block size' %></th>
+						<th><%= t 'Mode' %></th>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Size' %></th>
+					</tr>
+					</thead>
+					<tbody>
+					<%
+						handshakes = host[:handshakes]
+						all_ciphers = handshakes[:ciphers].group_by { |c| c[:protocol] }
+						CryptCheck::Tls::Method.each do |protocol|
+							ciphers = all_ciphers.fetch(protocol, [])
+									.collect { |c| CryptCheck::Tls::Cipher.new protocol, c[:name] }.sort
+							unless ciphers.empty? %>
+							<tr>
+								<th colspan="12"><%= protocol_label protocol %></th>
+							</tr>
+							<% ciphers.each do |cipher|
+								kex    = cipher.kex
+								auth   = cipher.auth
+								enc    = cipher.encryption
+								mac    = cipher.hmac
+								pfs    = cipher.pfs?
+							%>
+								<tr>
+									<th><%= cipher_name_label cipher %></th>
+									<%= cipher_kex_type_cell kex %>
+									<th/>
+									<%#= cipher_kex_size_cell kex&.last %>
+									<%= cipher_auth_type_cell auth %>
+									<th/>
+									<%#= cipher_auth_size_cell auth&.last %>
+									<%= cipher_enc_type_cell enc[0] %>
+									<%= cipher_enc_key_size_cell enc[1] %>
+									<%= cipher_enc_block_size_cell enc[2] %>
+									<%= cipher_enc_mode_cell enc[3] %>
+									<%= cipher_mac_type_cell mac[0] %>
+									<%= cipher_mac_size_cell mac[1] %>
+									<%= cipher_pfs_cell pfs %>
+								</tr>
+							<% end end end %>
 					</tbody>
 				</table>
 			</div>

app/views/check/show.html.erb.bak

@@ -0,0 +1,156 @@
+<div class="container">
+	<div class="row">
+		<div class="col-sm-11">
+			<h1>
+				[<%= self.type.to_s.upcase %>] <%= @host %> <span class="small">(<%= l @result.date %>)</span>
+			</h1>
+		</div>
+		<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
+		<div class="col-sm-1">
+			<%= link_to t('Refresh'), {action: :refresh}, class: %i(btn btn-default) %>
+		</div>
+		<% end %>
+	</div>
+	<%
+		@result.hosts.each do |host|
+			if host.error
+				error, host = host.error, host.host
+	%>
+	<div class="row">
+		<div class="col-sm-12">
+			<h2><%= host.name %> - <%= host.ip %> : <%= host.port %></h2>
+			<%= t 'Error during analysis:' %>
+			<span class="label label-error"><%= error %></span>
+		</div>
+	</div>
+	<%
+			else
+				host, grade, handshake = host.host, host.grade, host.handshake
+	%>
+	<div class="row">
+		<div class="col-sm-12">
+			<h2><%= host.name %> - <%= host.ip %> : <%= host.port %></h2>
+		</div>
+	</div>
+	<div class="row">
+		<div class="col-sm-6">
+			<table class="table table-bordered table-condensed table-striped">
+				<thead>
+					<tr>
+						<th colspan="2">
+							Scores
+							<%= rank_label grade.rank %>
+						</th>
+					</tr>
+				</thead>
+				<tbody>
+					<%
+					   { 'Protocol' => 'protocol',
+						 'Key exchange' => 'key_exchange',
+						 'Cipher' => 'cipher_strengths',
+						 'Overall' => 'score'}.each do |name, v| %>
+					<tr>
+						<th class="col-sm-4"><%= t name %></th>
+						<td class="col-sm-8"><%= score_progress grade.details[v] %></td>
+					</tr>
+					<% end %>
+				</tbody>
+			</table>
+		</div>
+		<div class="col-sm-6">
+			<table class="table table-bordered table-condensed table-striped">
+				<tbody>
+					<tr>
+						<th class="col-sm-4"><%= t 'Protocols' %></th>
+						<td class="col-sm-8"><%= protocol_labels handshake.protocols %></td>
+					</tr>
+					<tr>
+						<th><%= t 'Keys' %></th>
+						<td>
+							<p><%= t 'Certificates:' %> <%= key_label handshake[:key] %></p>
+							<p>Diffie Hellman : <%= key_labels handshake.dh %></p>
+						</td>
+					</tr>
+					<% { 'Good practices' => :success,
+					 'Warning' => :warning,
+					 'Critical' => :danger,
+					 'Fatal' => :error }.each do |name, color|
+						names = grade[color]
+						next if names.nil? or names.empty?
+					%>
+					<tr>
+						<th><%= t name %></th>
+						<td>
+							<% names.each do |name| %>
+							<span class="label label-<%= color %>"><%= name.upcase %></span>
+							<% end %>
+						</td>
+					</tr>
+				<% end %>
+				</tbody>
+			</table>
+		</div>
+	</div>
+	<div class="row">
+		<div class="col-sm-12">
+			<table class="table table-bordered table-condensed table-striped center">
+				<thead>
+					<tr>
+						<th rowspan="2"><%= t 'Name' %></th>
+						<th colspan="2"><%= t 'Key exchange' %></th>
+						<th colspan="2"><%= t 'Authentication' %></th>
+						<th colspan="4"><%= t 'Encryption' %></th>
+						<th colspan="2"><%= t 'MAC' %></th>
+						<th rowspan="2"><%= t 'PFS' %></th>
+					</tr>
+					<tr>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Key size' %></th>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Key size' %></th>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Key size' %></th>
+						<th><%= t 'Block size' %></th>
+						<th><%= t 'Mode' %></th>
+						<th><%= t 'Type' %></th>
+						<th><%= t 'Size' %></th>
+					</tr>
+				</thead>
+				<tbody>
+					<% CryptCheck::Tls::Server::EXISTING_METHODS.each do |protocol|
+						ciphers = CryptCheck::Tls::Cipher.sort(handshake.ciphers.select { |c| c.protocol == protocol.to_s }
+								.collect { |c| CryptCheck::Tls::Cipher.new protocol, [c.name, nil, c[:size]], c.dh, handshake[:key] })
+						unless ciphers.empty? %>
+					<tr>
+						<th colspan="12"><%= protocol_label protocol %></th>
+					</tr>
+						<% ciphers.each do |cipher|
+							params = cipher.params
+							kex = params[:kex]
+							auth = params[:auth]
+							enc = params[:enc]
+							mac = params[:mac]
+							pfs = params[:pfs]
+						%>
+					<tr>
+						<th><%= cipher_name_label cipher %></th>
+						<%= cipher_kex_type_cell kex&.first %>
+						<%= cipher_kex_size_cell kex&.last %>
+						<%= cipher_auth_type_cell auth&.first %>
+						<%= cipher_auth_size_cell auth&.last %>
+						<%= cipher_enc_type_cell enc&.first %>
+						<%= cipher_enc_key_size_cell enc&.[] 1 %>
+						<%= cipher_enc_block_size_cell enc&.[] 2 %>
+						<%= cipher_enc_mode_cell enc&.last %>
+						<%= cipher_mac_type_cell mac&.first %>
+						<%= cipher_mac_size_cell mac&.last %>
+						<%= cipher_pfs_cell pfs %>
+					</tr>
+					<% 	end end end %>
+				</tbody>
+			</table>
+		</div>
+	</div>
+	<% end
+	   end %>
+</div>

app/views/site/ciphers.html.erb

@@ -4,37 +4,36 @@
 			<thead>
 				<tr>
 					<th rowspan="2"><%= t 'Name' %></th>
-					<th rowspan="2"><%= t 'Key exchange' %></th>
 					<th rowspan="2"><%= t 'Authentication' %></th>
+					<th rowspan="2"><%= t 'Key exchange' %></th>
 					<th colspan="4"><%= t 'Encryption' %></th>
 					<th colspan="2"><%= t 'MAC' %></th>
 					<th rowspan="2"><%= t 'PFS' %></th>
 				</tr>
 				<tr>
 					<th><%= t 'Type' %></th>
-					<th><%= t 'Key size' %></th>
 					<th><%= t 'Block size' %></th>
+					<th><%= t 'Key size' %></th>
 					<th><%= t 'Mode' %></th>
 					<th><%= t 'Type' %></th>
 					<th><%= t 'Size' %></th>
 				</tr>
 			</thead>
 			<tbody>
-				<% CryptCheck::Tls::Cipher.list.each do |cipher|
-					params = cipher.params
-					kex = params[:kex]
-					auth = params[:auth]
-					enc = params[:enc]
-					mac = params[:mac]
-					pfs = params[:pfs]
+				<% CryptCheck::Tls::Cipher[:TLSv1_2].each do |cipher|
+					kex    = cipher.kex
+					auth   = cipher.auth
+					enc    = cipher.encryption
+					mac    = cipher.hmac
+					pfs    = cipher.pfs?
 				%>
 				<tr>
 					<th><%= cipher_name_label cipher %></th>
-					<%= cipher_kex_type_cell kex&.first %>
-					<%= cipher_auth_type_cell auth&.first %>
+					<%= cipher_auth_type_cell auth %>
+					<%= cipher_kex_type_cell kex %>
 					<%= cipher_enc_type_cell enc&.first %>
-					<%= cipher_enc_key_size_cell enc&.[] 1 %>
-					<%= cipher_enc_block_size_cell enc&.[] 2 %>
+					<%= cipher_enc_block_size_cell enc&.[] 1 %>
+					<%= cipher_enc_key_size_cell enc&.[] 2 %>
 					<%= cipher_enc_mode_cell enc&.last %>
 					<%= cipher_mac_type_cell mac&.first %>
 					<%= cipher_mac_size_cell mac&.last %>

app/workers/https_worker.rb

@@ -3,7 +3,7 @@ class HTTPSWorker < CheckWorker
 
 	protected
 	def analyze(host, port=443)
-		CryptCheck::Tls::Https::Host.new host, port
+		CryptCheck::Tls::Https.analyze host, port
 	end
 
 	def type

bin/enqueue.rb

@@ -11,12 +11,10 @@ if ENV['RAILS_ENV'] == 'development'
 end
 
 require 'sidekiq'
-options      = {
-		url:       ENV['REDIS_URL'],
-		namespace: :cryptcheck
-}
-client       = Sidekiq::Client.new Sidekiq::RedisConnection.create options
+redis = ENV['REDIS_URL']
+Sidekiq.configure_server { |c| c.redis = { url: redis } }
+Sidekiq.configure_client { |c| c.redis = { url: redis } }
 
 clazz, *args = ARGV
 clazz        += 'Worker'
-client.push({ 'class' => clazz, 'args' => args })
+Sidekiq::Client.push({ 'class' => clazz, 'args' => args, 'retry' => false })

bin/runner

@@ -1,3 +1,4 @@
 #!/bin/bash
-DIR="$(readlink -m "$(dirname "$0")")"
-LD_LIBRARY_PATH="${DIR}/../../cryptcheck/lib" "${0}.rb" $*
+DIR="$(readlink -e "$(dirname "${0}")")"
+export LD_LIBRARY_PATH="$(readlink -e "${DIR}/../../cryptcheck/lib")"
+"${0}.rb" $*

config/application.rb

@@ -35,8 +35,9 @@ module CryptcheckRails
 
 		# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
 		# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
-		config.i18n.default_locale = :fr
-		config.i18n.available_locales = %w(en fr de)
+		config.i18n.default_locale = :en
+		config.i18n.available_locales = %i[en fr de]
+		config.i18n.fallbacks = true
 		config.action_controller.include_all_helpers = false
 
 		config.refresh_delay = 1.hour

config/locales/en.yml

@@ -4,9 +4,9 @@ en:
   Cipher suite: Cipher suite
   "Cipher suite:": "Cipher suite:"
 
-  Check your domain: Check your domain
-  Check your SSH server: Check your SSH server
-  Check your SMTP server: Check your SMTP server
+  Check This domain: Check This domain
+  Check This SSH server: Check This SSH server
+  Check This SMTP server: Check This SMTP server
   Test me!: Test me!
 
   Currently analysing %{host}: Currently analysing %{host}
@@ -43,6 +43,36 @@ en:
   Block size: Block size
   Size: Size
 
+  Status: Status
   Not supported: Not supported
 
   "Serial: %{serial}": "Serial: %{serial}"
+
+  alert:
+    critical:
+      sslv2: This server supports SSLv2
+      sslv3: This server supports SSLv3
+      dh: This server supports very weak DH parameters
+      anonymous: This server supports anonymous ciphers
+      "null": This server supports NULL ciphers
+      export: This server supports EXPORT ciphers
+      des: This server supports DES ciphers
+      md5: This server supports MD5 ciphers
+      rc4: This server supports RC4 ciphers
+      sweet32: This server is vulnerable to Sweet32 attack
+    error:
+      dh: This server supports weak DH parameters
+      tlsv1_0: This server supports TLSv1.0
+      pfs: This server supports no-PFS ciphers
+    warning:
+      tlsv1_1: This server supports TLSv1.1
+      dhe: This server supports DHE ciphers
+      hsts: This server doesn't support HSTS
+    good:
+      hsts: This server supports HSTS
+      fallback_scsv: This server supports SCSV fallback
+      aead: This server supports AEAD ciphers
+    best:
+    great:
+      hsts: This server supports HSTS with long duration
+

config/locales/fr.yml

@@ -48,6 +48,7 @@ fr:
   Checks: Vérifications
   Severity: Sévèrité
 
+
   Certificates: Certificats
   Subject: Sujet
   Serial: Numéro de série