Git/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-10-30 21:15:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor algorithm pair/set reuse.

Browse Source
This commit is contained in:
Andris Raugulis
2016-09-28 17:01:37 +03:00
parent 1fda7b2a3e
commit 29a0bb86fa
1 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
ssh-audit.py
View File

@@ -1095,8 +1095,10 @@ def get_alg_timeframe(alg_desc, for_server=True, result={}):
def get_ssh_timeframe(alg_pairs, for_server=True): def get_ssh_timeframe(alg_pairs, for_server=True):
timeframe = {} timeframe = {}
for alg_pair in alg_pairs: for alg_pair in alg_pairs:
alg_db, algs = alg_pair sshv, alg_db = alg_pair[0]
for alg_type, alg_list in algs.items(): alg_sets = alg_pair[1:]
for alg_set in alg_sets:
alg_type, alg_list = alg_set
for alg_name in alg_list: for alg_name in alg_list:
alg_desc = alg_db[alg_type].get(alg_name) alg_desc = alg_db[alg_type].get(alg_name)
if alg_desc is None: if alg_desc is None:
@@ -1122,6 +1124,22 @@ def get_alg_since_text(alg_desc):
return 'available since ' + ', '.join(tv).rstrip(', ') return 'available since ' + ', '.join(tv).rstrip(', ')
def get_alg_pairs(kex, pkm):
alg_pairs = []
if pkm is not None:
alg_pairs.append(((1, SSH1.KexDB.ALGORITHMS),
('key', ['ssh-rsa1']),
('enc', pkm.supported_ciphers),
('aut', pkm.supported_authentications)))
if kex is not None:
alg_pairs.append(((2, KexDB.ALGORITHMS),
('kex', kex.kex_algorithms),
('key', kex.key_algorithms),
('enc', kex.server.encryption),
('mac', kex.server.mac)))
return alg_pairs
def output_algorithms(title, alg_db, alg_type, algorithms, maxlen=0): def output_algorithms(title, alg_db, alg_type, algorithms, maxlen=0):
with OutputBuffer() as obuf: with OutputBuffer() as obuf:
for algorithm in algorithms: for algorithm in algorithms:
@@ -1171,18 +1189,7 @@ def output_algorithm(alg_db, alg_type, alg_name, alg_max_len=0):
def output_compatibility(kex, pkm, for_server=True): def output_compatibility(kex, pkm, for_server=True):
alg_pairs = [] alg_pairs = get_alg_pairs(kex, pkm)
if pkm is not None:
alg_pairs.append((SSH1.KexDB.ALGORITHMS,
{'key': ['ssh-rsa1'],
'enc': pkm.supported_ciphers,
'aut': pkm.supported_authentications}))
if kex is not None:
alg_pairs.append((KexDB.ALGORITHMS,
{'kex': kex.kex_algorithms,
'key': kex.key_algorithms,
'enc': kex.server.encryption,
'mac': kex.server.mac}))
ssh_timeframe = get_ssh_timeframe(alg_pairs, for_server) ssh_timeframe = get_ssh_timeframe(alg_pairs, for_server)
vp = 1 if for_server else 2 vp = 1 if for_server else 2
comp_text = [] comp_text = []