aeris
/
cryptcheck
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
112 Commits
3 Branches
875KB
Struktur: 13fa9541d6
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „13fa9541d6“
${ noResults }
cryptcheck/lib/cryptcheck.rb

184 Zeilen
4.4KB
Originalformat Blame Verlauf 

  1. require 'colorize'

  2. require 'ipaddr'

  3. require 'timeout'

  4. require 'yaml'

  5. require 'cryptcheck/tls/fixture'

  6. 

  7. module CryptCheck

  8. 	MAX_ANALYSIS_DURATION = 120

  9. 	PARALLEL_ANALYSIS     = 10

  10. 

  11. 	class AnalysisFailure

  12. 		attr_reader :error

  13. 

  14. 		def initialize(error)

  15. 			@error = error

  16. 		end

  17. 

  18. 		def to_s

  19. 			@error.to_s

  20. 		end

  21. 	end

  22. 

  23. 	class NoTLSAvailableServer

  24. 		attr_reader :server

  25. 		def initialize(server)

  26. 			@server = OpenStruct.new hostname: server

  27. 		end

  28. 

  29. 		def grade

  30. 			'X'

  31. 		end

  32. 	end

  33. 

  34. 	autoload :Status, 'cryptcheck/status'

  35. 	autoload :Statused, 'cryptcheck/statused'

  36. 	autoload :Logger, 'cryptcheck/logger'

  37. 	autoload :Tls, 'cryptcheck/tls'

  38. 	module Tls

  39. 		autoload :Method, 'cryptcheck/tls/method'

  40. 		autoload :Cipher, 'cryptcheck/tls/cipher'

  41. 		autoload :Curve, 'cryptcheck/tls/curve'

  42. 		autoload :Cert, 'cryptcheck/tls/cert'

  43. 		autoload :Server, 'cryptcheck/tls/server'

  44. 		autoload :TcpServer, 'cryptcheck/tls/server'

  45. 		autoload :UdpServer, 'cryptcheck/tls/server'

  46. 		autoload :Grade, 'cryptcheck/tls/grade'

  47. 

  48. 		autoload :Https, 'cryptcheck/tls/https'

  49. 		module Https

  50. 			autoload :Server, 'cryptcheck/tls/https/server'

  51. 			autoload :Grade, 'cryptcheck/tls/https/grade'

  52. 		end

  53. 

  54. 		autoload :Xmpp, 'cryptcheck/tls/xmpp'

  55. 		module Xmpp

  56. 			autoload :Server, 'cryptcheck/tls/xmpp/server'

  57. 			autoload :Grade, 'cryptcheck/tls/xmpp/grade'

  58. 		end

  59. 

  60. 		autoload :Smtp, 'cryptcheck/tls/smtp'

  61. 		module Smtp

  62. 			autoload :Server, 'cryptcheck/tls/smtp/server'

  63. 			autoload :Grade, 'cryptcheck/tls/smtp/grade'

  64. 		end

  65. 	end

  66. 

  67. 	autoload :Ssh, 'cryptcheck/ssh'

  68. 	module Ssh

  69. 		autoload :Packet, 'cryptcheck/ssh/packet'

  70. 		autoload :Server, 'cryptcheck/ssh/server'

  71. 		autoload :SshNotSupportedServer, 'cryptcheck/ssh/server'

  72. 		autoload :Grade, 'cryptcheck/ssh/grade'

  73. 	end

  74. 

  75. 	private

  76. 	def self.addresses(host)

  77. 		begin

  78. 			ip = IPAddr.new host

  79. 			return [[ip.family, ip.to_s, nil]]

  80. 		rescue IPAddr::InvalidAddressError

  81. 		end

  82. 		::Addrinfo.getaddrinfo(host, nil, nil, :STREAM)

  83. 				.collect { |a| [a.afamily, a.ip_address, host] }

  84. 	end

  85. 

  86. 	def self.analyze_addresses(host, addresses, port, server, grade, *args, **kargs)

  87. 		first = true

  88. 		addresses.collect do |family, ip|

  89. 			first ? (first = false) : Logger.info { '' }

  90. 			key = [host, ip, port]

  91. 			a   = [host, family, ip, port, *args]

  92. 			begin

  93. 				::Timeout::timeout MAX_ANALYSIS_DURATION do

  94. 					s = if kargs.empty?

  95. 							server.new *a

  96. 						else

  97. 							server.new *a, **kargs

  98. 						end

  99. 					exit

  100. 					if grade

  101. 						g = grade.new s

  102. 						Logger.info { '' }

  103. 						g.display

  104. 						[key, g]

  105. 					else

  106. 						[key, s]

  107. 					end

  108. 				end

  109. 			rescue => e

  110. 				e = Tls::Server::TLSException.new "Too long analysis (max #{MAX_ANALYSIS_DURATION.humanize})" \

  111.  						if e.message == 'execution expired'

  112. 				raise unless e.is_a? Tls::Server::TLSException

  113. 				Logger.error e

  114. 				[key, AnalysisFailure.new(e)]

  115. 			end

  116. 		end.to_h

  117. 	end

  118. 

  119. 	def self.analyze(host, port, server, grade, *args, **kargs)

  120. 		addresses = begin

  121. 			addresses host

  122. 		rescue ::SocketError => e

  123. 			Logger::error e

  124. 			key = [host, nil, port]

  125. 			error = AnalysisFailure.new "Unable to resolve #{host}"

  126. 			return { key => error }

  127. 		end

  128. 		analyze_addresses host, addresses, port, server, grade, *args, **kargs

  129. 	end

  130. 

  131. 	def self.analyze_hosts(hosts, template, output, groups: nil, &block)

  132. 		results   = {}

  133. 		semaphore = ::Mutex.new

  134. 		::Parallel.each hosts, progress: 'Analysing', in_threads: PARALLEL_ANALYSIS, finish: lambda { |item, _, _| puts item[1] } do |description, host|

  135. 			#hosts.each do |description, host|

  136. 			result = block.call host.strip

  137. 			result = result.values.first

  138. 			result = NoTLSAvailableServer.new(host) if result.is_a? AnalysisFailure

  139. 			semaphore.synchronize do

  140. 				if results.include? description

  141. 					results[description] << result

  142. 				else

  143. 					results[description] = [result]

  144. 				end

  145. 			end

  146. 		end

  147. 

  148. 		results = ::Hash[groups.collect { |g| [g, results[g]] }] if groups

  149. 

  150. 		results.each do |d, _|

  151. 			results[d].sort! do |a, b|

  152. 				cmp = score(a) <=> score(b)

  153. 				if cmp == 0

  154. 					cmp = a.server.hostname <=> b.server.hostname

  155. 				end

  156. 				cmp

  157. 			end

  158. 		end

  159. 

  160. 		::File.write output, ::ERB.new(::File.read template).result(binding)

  161. 	end

  162. 

  163. 	def self.analyze_file(input, template, output, &block)

  164. 		config = ::YAML.load_file input

  165. 		hosts  = []

  166. 		groups = []

  167. 

  168. 		config.each do |c|

  169. 			d, hs = c['description'], c['hostnames']

  170. 			groups << d

  171. 			hs.each { |host| hosts << [d, host] }

  172. 		end

  173. 

  174. 		self.analyze_hosts hosts, template, output, groups: groups, &block

  175. 	end

  176. 

  177. 	private

  178. 	SCORES = %w(A+ A B+ B C+ C D E F G M T X)

  179. 

  180. 	def self.score(a)

  181. 		SCORES.index a.grade

  182. 	end

  183. end