You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

96 lines
2.4 KiB

#!./bin/rails runner
# Profit from open class to add stats methods only on this script
class Analysis
def grade
return if self.pending
grades = self.result.collect { _1['grade'] }.compact
CryptCheck::Grade.worst grades
end
def tls
return if self.pending
return unless (result = self.result)
protocols = result.collect { |r| r.dig('handshakes', 'protocols')
&.collect { |p| p['protocol'].to_sym } }
.compact.flatten.uniq
return :ssl if %i[SSLv2 SSLv3].any? { protocols.include? _1 }
return :tls unless protocols.include? :TLSv1_2
return :tls1_2 unless protocols == %i[TLSv1_2]
:tls1_2_only
end
def ciphers
return if self.pending
return unless (result = self.result)
status = result.collect do |r|
r.dig('handshakes', 'ciphers')&.collect do |c|
s = CryptCheck::Tls::Cipher
.new(nil, c.fetch('name')).status
CryptCheck::State.good_or_bad s
end
end.compact.flatten.uniq
return :bad unless status.include? :bad
:good
end
def pfs
return if self.pending
return unless (result = self.result)
ciphers = result.collect do |r|
r.dig('handshakes', 'ciphers')&.collect do |c|
CryptCheck::Tls::Cipher
.new(nil, c.fetch('name'))
.pfs?
end
end.compact.flatten.uniq
return :no_pfs unless ciphers.include? true
return :pfs unless ciphers == [true]
:pfs_only
end
end
services = Analysis.group(:service).count
Stat.create! :request_per_service, services
%i[https smtp tls xmpp].each do |service|
services = Analysis.where service: service, pending: false
grades = Hash.new 0
tls = %i[tls1_2_only tls1_2 tls ssl].to_h { [_1, 0] }
ciphers = %i[good bad].to_h { [_1, 0] }
pfs = %i[pfs_only pfs no_pfs].to_h { [_1, 0] }
services.each do |service|
if (g = service.grade)
grades[g] += 1
end
if (t = service.tls)
tls[t] += 1
end
if (c = service.ciphers)
ciphers[c] += 1
end
if (p = service.pfs)
pfs[p] += 1
end
end
ap "grades_for_#{service}" => grades
Stat.create! "grades_for_#{service}", grades
ap "tls_for_#{service}" => tls
Stat.create! "tls_for_#{service}", tls
ap "ciphers_for_#{service}" => ciphers
Stat.create! "ciphers_for_#{service}", ciphers
ap "pfs_for_#{service}" => pfs
Stat.create! "pfs_for_#{service}", pfs
end