7 changed files with 38 additions and 25 deletions
+ 11
- 7
lib/cryptcheck.rb
View File
| @@ -27,9 +27,7 @@ module CryptCheck | |||
| autoload :Server, 'cryptcheck/tls/server' | |||
| autoload :TcpServer, 'cryptcheck/tls/server' | |||
| autoload :UdpServer, 'cryptcheck/tls/server' | |||
| autoload :TlsNotSupportedServer, 'cryptcheck/tls/server' | |||
| autoload :Grade, 'cryptcheck/tls/grade' | |||
| autoload :TlsNotSupportedGrade, 'cryptcheck/tls/grade' | |||
| autoload :Https, 'cryptcheck/tls/https' | |||
| module Https | |||
| @@ -82,10 +80,14 @@ module CryptCheck | |||
| else | |||
| server.new *a, **kargs | |||
| end | |||
| g = grade.new s | |||
| Logger.info { '' } | |||
| g.display | |||
| [key, g] | |||
| if grade | |||
| g = grade.new s | |||
| Logger.info { '' } | |||
| g.display | |||
| [key, g] | |||
| else | |||
| [key, s] | |||
| end | |||
| end | |||
| rescue => e | |||
| e = "Too long analysis (max #{MAX_ANALYSIS_DURATION.humanize})" if e.message == 'execution expired' | |||
| @@ -100,7 +102,9 @@ module CryptCheck | |||
| addresses host | |||
| rescue ::SocketError => e | |||
| Logger::error e | |||
| return AnalysisFailure.new "Unable to resolve #{host}" | |||
| key = [host, nil, port] | |||
| error = AnalysisFailure.new "Unable to resolve #{host}" | |||
| return { key => error } | |||
| end | |||
| analyze_addresses host, addresses, port, server, grade, *args, **kargs | |||
| end | |||
+ 1
- 3
lib/cryptcheck/ssh.rb
View File
| @@ -1,9 +1,7 @@ | |||
| module CryptCheck | |||
| module Ssh | |||
| def self.analyze(host, port=22) | |||
| ::CryptCheck.analyze(host, port, Proc.new { SshNotSupportedServer.new host, port }) do |_, ip, host| | |||
| Server.new ip, port, hostname: host | |||
| end | |||
| ::CryptCheck.analyze host, port, Server, Grade | |||
| end | |||
| end | |||
| end | |||
+ 14
- 0
lib/cryptcheck/ssh/grade.rb
View File
| @@ -0,0 +1,14 @@ | |||
| module CryptCheck | |||
| module Ssh | |||
| class Grade | |||
| attr_reader :server | |||
| def initialize(server) | |||
| @server = server | |||
| end | |||
| def display | |||
| end | |||
| end | |||
| end | |||
| end | |||
+ 2
- 4
lib/cryptcheck/ssh/server.rb
View File
| @@ -4,8 +4,6 @@ module CryptCheck | |||
| module Ssh | |||
| class Server | |||
| TCP_TIMEOUT = 10 | |||
| class SshNotAvailableException < Exception | |||
| end | |||
| attr_reader :ip, :port, :hostname, :kex, :encryption, :hmac, :compression, :key | |||
| @@ -81,7 +79,7 @@ module CryptCheck | |||
| 'ssh-dss-cert-v00@openssh.com' => :red, # DSA | |||
| } | |||
| def initialize(ip, port=22, hostname:) | |||
| def initialize(hostname, _, ip, port=22) | |||
| @ip, @port, @hostname = ip, port, hostname | |||
| Logger.info { name.colorize :blue } | |||
| @@ -105,7 +103,7 @@ module CryptCheck | |||
| @key.each { |k| Logger.info { "Key type : #{k.colorize KEY[k]}" } } | |||
| rescue => e | |||
| Logger.debug { "SSH not supported : #{e}" } | |||
| raise SshNotAvailableException, e | |||
| raise | |||
| end | |||
| private | |||
+ 2
- 2
lib/cryptcheck/tls/fixture.rb
View File
| @@ -5,9 +5,9 @@ class Integer | |||
| secs = self | |||
| [[60, :second], [60, :minute], [24, :hour], [30, :day], [12, :month]].map { |count, name| | |||
| if secs > 0 | |||
| secs, n = self.divmod count | |||
| secs, n = secs.divmod count | |||
| n = n.to_i | |||
| "#{n} #{name}#{n > 1 ? 's' : ''}" | |||
| n > 0 ? "#{n} #{name}#{n > 1 ? 's' : ''}" : nil | |||
| end | |||
| }.compact.reverse.join(' ') | |||
| end | |||
+ 3
- 1
lib/cryptcheck/tls/smtp.rb
View File
| @@ -8,7 +8,9 @@ module CryptCheck | |||
| def self.analyze_domain(domain) | |||
| srv = Resolv::DNS.new.getresources(domain, Resolv::DNS::Resource::IN::MX).sort_by &:preference | |||
| hosts = srv.empty? ? [domain] : srv.collect { |s| s.exchange.to_s } | |||
| hosts.collect { |h| self.analyze h, domain: domain }.flatten(1) | |||
| results = {} | |||
| hosts.each { |h| results.merge! self.analyze(h, domain: domain) } | |||
| results | |||
| end | |||
| def self.analyze_file(input, output) | |||
+ 5
- 8
lib/cryptcheck/tls/xmpp.rb
View File
| @@ -16,14 +16,11 @@ module CryptCheck | |||
| when :c2s | |||
| ['_xmpp-client', 5222] | |||
| end | |||
| srv = Resolv::DNS.new.getresources("#{service}._tcp.#{domain}", Resolv::DNS::Resource::IN::SRV) | |||
| .sort_by(&:priority).first | |||
| if srv | |||
| hostname, port = srv.target.to_s, srv.port | |||
| else # DNS is not correctly set, guess config… | |||
| hostname = domain | |||
| end | |||
| self.analyze hostname, port, domain: domain, type: type | |||
| srv = Resolv::DNS.new.getresources("#{service}._tcp.#{domain}", Resolv::DNS::Resource::IN::SRV).sort_by &:priority | |||
| hosts = srv.empty? ? [[domain, port]] : srv.collect { |s| [s.target.to_s, s.port] } | |||
| results = {} | |||
| hosts.each { |host, port| results.merge! self.analyze(host, port, domain: domain, type: type) } | |||
| results | |||
| end | |||
| def self.analyze_file(input, output) | |||
Loading…