Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.

tls.rb 2.6KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
  1. require 'erb'
  2. require 'parallel'
  3. module CryptCheck
  4. module Tls
  5. MAX_ANALYSIS_DURATION = 600
  6. PARALLEL_ANALYSIS = 10
  7. def self.grade(hostname, port, server_class:, grade_class:)
  8. timeout MAX_ANALYSIS_DURATION do
  9. grade_class.new server_class.new hostname, port
  10. end
  11. rescue ::Exception => e
  12. Logger.error { "Error during #{hostname}:#{port} analysis : #{e}" }
  13. TlsNotSupportedGrade.new TlsNotSupportedServer.new hostname, port
  14. end
  15. def self.analyze(hosts, template, output, groups = nil, port:, server_class:, grade_class:)
  16. results = {}
  17. semaphore = ::Mutex.new
  18. ::Parallel.each hosts, progress: 'Analysing', in_threads: PARALLEL_ANALYSIS, finish: lambda { |item, _, _| puts item[1] } do |description, host|
  19. result = grade host.strip, port, server_class: server_class, grade_class: grade_class
  20. semaphore.synchronize do
  21. if results.include? description
  22. results[description] << result
  23. else
  24. results[description] = [result]
  25. end
  26. end
  27. end
  28. results = ::Hash[groups.collect { |g| [g, results[g]] }] if groups
  29. results.each do |d, _|
  30. results[d].sort! do |a, b|
  31. cmp = score(a) <=> score(b)
  32. if cmp == 0
  33. cmp = b.score <=> a.score
  34. if cmp == 0
  35. cmp = a.server.hostname <=> b.server.hostname
  36. end
  37. end
  38. cmp
  39. end
  40. end
  41. ::File.write output, ::ERB.new(::File.read(template)).result(binding)
  42. end
  43. def self.analyze_from_file(file, template, output, port:, server_class:, grade_class:)
  44. config = ::YAML.load_file file
  45. hosts = []
  46. groups = []
  47. config.each do |c|
  48. d, hs = c['description'], c['hostnames']
  49. groups << d
  50. hs.each { |host| hosts << [d, host] }
  51. end
  52. self.analyze hosts, template, output, groups, port: port, server_class: server_class, grade_class: grade_class
  53. end
  54. def self.colorize(cipher)
  55. colors = case
  56. when /^SSL/ =~ cipher then { color: :white, background: :red }
  57. when :TLSv1_2 == cipher then { color: :green }
  58. end
  59. cipher.to_s.colorize colors
  60. end
  61. def self.key_to_s(key)
  62. size = key.rsa_equivalent_size
  63. type_color = case key.type
  64. when :ecc then { color: :green }
  65. when :dsa then { color: :yellow }
  66. end
  67. size_color = case size
  68. when 0...1024 then { color: :white, background: :red }
  69. when 1024...2048 then { color: :yellow }
  70. when 4096...::Float::INFINITY then { color: :green }
  71. end
  72. "#{key.type.to_s.upcase.colorize type_color} #{key.size.to_s.colorize size_color} bits"
  73. end
  74. private
  75. SCORES = %w(A+ A A- B C D E F T M X)
  76. def self.score(a)
  77. SCORES.index a.grade
  78. end
  79. end
  80. end