aeris
/
cryptcheck
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Better error handling

v1
Aeris 3 years ago
parent
6f0a193651
commit
c34802c7ec
7 changed files with 38 additions and 25 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +11
    -7
      lib/cryptcheck.rb
  2. +1
    -3
      lib/cryptcheck/ssh.rb
  3. +14
    -0
      lib/cryptcheck/ssh/grade.rb
  4. +2
    -4
      lib/cryptcheck/ssh/server.rb
  5. +2
    -2
      lib/cryptcheck/tls/fixture.rb
  6. +3
    -1
      lib/cryptcheck/tls/smtp.rb
  7. +5
    -8
      lib/cryptcheck/tls/xmpp.rb

+ 11
- 7
lib/cryptcheck.rb View File

@@ -27,9 +27,7 @@ module CryptCheck
autoload :Server, 'cryptcheck/tls/server'
autoload :TcpServer, 'cryptcheck/tls/server'
autoload :UdpServer, 'cryptcheck/tls/server'
autoload :TlsNotSupportedServer, 'cryptcheck/tls/server'
autoload :Grade, 'cryptcheck/tls/grade'
autoload :TlsNotSupportedGrade, 'cryptcheck/tls/grade'

autoload :Https, 'cryptcheck/tls/https'
module Https
@@ -82,10 +80,14 @@ module CryptCheck
else
server.new *a, **kargs
end
g = grade.new s
Logger.info { '' }
g.display
[key, g]
if grade
g = grade.new s
Logger.info { '' }
g.display
[key, g]
else
[key, s]
end
end
rescue => e
e = "Too long analysis (max #{MAX_ANALYSIS_DURATION.humanize})" if e.message == 'execution expired'
@@ -100,7 +102,9 @@ module CryptCheck
addresses host
rescue ::SocketError => e
Logger::error e
return AnalysisFailure.new "Unable to resolve #{host}"
key = [host, nil, port]
error = AnalysisFailure.new "Unable to resolve #{host}"
return { key => error }
end
analyze_addresses host, addresses, port, server, grade, *args, **kargs
end


+ 1
- 3
lib/cryptcheck/ssh.rb View File

@@ -1,9 +1,7 @@
module CryptCheck
module Ssh
def self.analyze(host, port=22)
::CryptCheck.analyze(host, port, Proc.new { SshNotSupportedServer.new host, port }) do |_, ip, host|
Server.new ip, port, hostname: host
end
::CryptCheck.analyze host, port, Server, Grade
end
end
end

+ 14
- 0
lib/cryptcheck/ssh/grade.rb View File

@@ -0,0 +1,14 @@
module CryptCheck
module Ssh
class Grade
attr_reader :server

def initialize(server)
@server = server
end

def display
end
end
end
end

+ 2
- 4
lib/cryptcheck/ssh/server.rb View File

@@ -4,8 +4,6 @@ module CryptCheck
module Ssh
class Server
TCP_TIMEOUT = 10
class SshNotAvailableException < Exception
end

attr_reader :ip, :port, :hostname, :kex, :encryption, :hmac, :compression, :key

@@ -81,7 +79,7 @@ module CryptCheck
'ssh-dss-cert-v00@openssh.com' => :red, # DSA
}

def initialize(ip, port=22, hostname:)
def initialize(hostname, _, ip, port=22)
@ip, @port, @hostname = ip, port, hostname

Logger.info { name.colorize :blue }
@@ -105,7 +103,7 @@ module CryptCheck
@key.each { |k| Logger.info { "Key type : #{k.colorize KEY[k]}" } }
rescue => e
Logger.debug { "SSH not supported : #{e}" }
raise SshNotAvailableException, e
raise
end

private


+ 2
- 2
lib/cryptcheck/tls/fixture.rb View File

@@ -5,9 +5,9 @@ class Integer
secs = self
[[60, :second], [60, :minute], [24, :hour], [30, :day], [12, :month]].map { |count, name|
if secs > 0
secs, n = self.divmod count
secs, n = secs.divmod count
n = n.to_i
"#{n} #{name}#{n > 1 ? 's' : ''}"
n > 0 ? "#{n} #{name}#{n > 1 ? 's' : ''}" : nil
end
}.compact.reverse.join(' ')
end


+ 3
- 1
lib/cryptcheck/tls/smtp.rb View File

@@ -8,7 +8,9 @@ module CryptCheck
def self.analyze_domain(domain)
srv = Resolv::DNS.new.getresources(domain, Resolv::DNS::Resource::IN::MX).sort_by &:preference
hosts = srv.empty? ? [domain] : srv.collect { |s| s.exchange.to_s }
hosts.collect { |h| self.analyze h, domain: domain }.flatten(1)
results = {}
hosts.each { |h| results.merge! self.analyze(h, domain: domain) }
results
end

def self.analyze_file(input, output)


+ 5
- 8
lib/cryptcheck/tls/xmpp.rb View File

@@ -16,14 +16,11 @@ module CryptCheck
when :c2s
['_xmpp-client', 5222]
end
srv = Resolv::DNS.new.getresources("#{service}._tcp.#{domain}", Resolv::DNS::Resource::IN::SRV)
.sort_by(&:priority).first
if srv
hostname, port = srv.target.to_s, srv.port
else # DNS is not correctly set, guess config…
hostname = domain
end
self.analyze hostname, port, domain: domain, type: type
srv = Resolv::DNS.new.getresources("#{service}._tcp.#{domain}", Resolv::DNS::Resource::IN::SRV).sort_by &:priority
hosts = srv.empty? ? [[domain, port]] : srv.collect { |s| [s.target.to_s, s.port] }
results = {}
hosts.each { |host, port| results.merge! self.analyze(host, port, domain: domain, type: type) }
results
end

def self.analyze_file(input, output)


Write Preview
Loading…
Cancel
Save