Better error handling

v1
Aeris 7 years ago
parent 6f0a193651
commit c34802c7ec
  1. 18
      lib/cryptcheck.rb
  2. 4
      lib/cryptcheck/ssh.rb
  3. 14
      lib/cryptcheck/ssh/grade.rb
  4. 6
      lib/cryptcheck/ssh/server.rb
  5. 4
      lib/cryptcheck/tls/fixture.rb
  6. 4
      lib/cryptcheck/tls/smtp.rb
  7. 13
      lib/cryptcheck/tls/xmpp.rb

@ -27,9 +27,7 @@ module CryptCheck
autoload :Server, 'cryptcheck/tls/server'
autoload :TcpServer, 'cryptcheck/tls/server'
autoload :UdpServer, 'cryptcheck/tls/server'
autoload :TlsNotSupportedServer, 'cryptcheck/tls/server'
autoload :Grade, 'cryptcheck/tls/grade'
autoload :TlsNotSupportedGrade, 'cryptcheck/tls/grade'
autoload :Https, 'cryptcheck/tls/https'
module Https
@ -82,10 +80,14 @@ module CryptCheck
else
server.new *a, **kargs
end
g = grade.new s
Logger.info { '' }
g.display
[key, g]
if grade
g = grade.new s
Logger.info { '' }
g.display
[key, g]
else
[key, s]
end
end
rescue => e
e = "Too long analysis (max #{MAX_ANALYSIS_DURATION.humanize})" if e.message == 'execution expired'
@ -100,7 +102,9 @@ module CryptCheck
addresses host
rescue ::SocketError => e
Logger::error e
return AnalysisFailure.new "Unable to resolve #{host}"
key = [host, nil, port]
error = AnalysisFailure.new "Unable to resolve #{host}"
return { key => error }
end
analyze_addresses host, addresses, port, server, grade, *args, **kargs
end

@ -1,9 +1,7 @@
module CryptCheck
module Ssh
def self.analyze(host, port=22)
::CryptCheck.analyze(host, port, Proc.new { SshNotSupportedServer.new host, port }) do |_, ip, host|
Server.new ip, port, hostname: host
end
::CryptCheck.analyze host, port, Server, Grade
end
end
end

@ -0,0 +1,14 @@
module CryptCheck
module Ssh
class Grade
attr_reader :server
def initialize(server)
@server = server
end
def display
end
end
end
end

@ -4,8 +4,6 @@ module CryptCheck
module Ssh
class Server
TCP_TIMEOUT = 10
class SshNotAvailableException < Exception
end
attr_reader :ip, :port, :hostname, :kex, :encryption, :hmac, :compression, :key
@ -81,7 +79,7 @@ module CryptCheck
'ssh-dss-cert-v00@openssh.com' => :red, # DSA
}
def initialize(ip, port=22, hostname:)
def initialize(hostname, _, ip, port=22)
@ip, @port, @hostname = ip, port, hostname
Logger.info { name.colorize :blue }
@ -105,7 +103,7 @@ module CryptCheck
@key.each { |k| Logger.info { "Key type : #{k.colorize KEY[k]}" } }
rescue => e
Logger.debug { "SSH not supported : #{e}" }
raise SshNotAvailableException, e
raise
end
private

@ -5,9 +5,9 @@ class Integer
secs = self
[[60, :second], [60, :minute], [24, :hour], [30, :day], [12, :month]].map { |count, name|
if secs > 0
secs, n = self.divmod count
secs, n = secs.divmod count
n = n.to_i
"#{n} #{name}#{n > 1 ? 's' : ''}"
n > 0 ? "#{n} #{name}#{n > 1 ? 's' : ''}" : nil
end
}.compact.reverse.join(' ')
end

@ -8,7 +8,9 @@ module CryptCheck
def self.analyze_domain(domain)
srv = Resolv::DNS.new.getresources(domain, Resolv::DNS::Resource::IN::MX).sort_by &:preference
hosts = srv.empty? ? [domain] : srv.collect { |s| s.exchange.to_s }
hosts.collect { |h| self.analyze h, domain: domain }.flatten(1)
results = {}
hosts.each { |h| results.merge! self.analyze(h, domain: domain) }
results
end
def self.analyze_file(input, output)

@ -16,14 +16,11 @@ module CryptCheck
when :c2s
['_xmpp-client', 5222]
end
srv = Resolv::DNS.new.getresources("#{service}._tcp.#{domain}", Resolv::DNS::Resource::IN::SRV)
.sort_by(&:priority).first
if srv
hostname, port = srv.target.to_s, srv.port
else # DNS is not correctly set, guess config…
hostname = domain
end
self.analyze hostname, port, domain: domain, type: type
srv = Resolv::DNS.new.getresources("#{service}._tcp.#{domain}", Resolv::DNS::Resource::IN::SRV).sort_by &:priority
hosts = srv.empty? ? [[domain, port]] : srv.collect { |s| [s.target.to_s, s.port] }
results = {}
hosts.each { |host, port| results.merge! self.analyze(host, port, domain: domain, type: type) }
results
end
def self.analyze_file(input, output)

Loading…
Cancel
Save