mirror of https://github.com/jtesta/ssh-audit.git
Refactor algorithm pair/set reuse.
This commit is contained in:
parent
1fda7b2a3e
commit
29a0bb86fa
35
ssh-audit.py
35
ssh-audit.py
|
@ -1095,8 +1095,10 @@ def get_alg_timeframe(alg_desc, for_server=True, result={}):
|
||||||
def get_ssh_timeframe(alg_pairs, for_server=True):
|
def get_ssh_timeframe(alg_pairs, for_server=True):
|
||||||
timeframe = {}
|
timeframe = {}
|
||||||
for alg_pair in alg_pairs:
|
for alg_pair in alg_pairs:
|
||||||
alg_db, algs = alg_pair
|
sshv, alg_db = alg_pair[0]
|
||||||
for alg_type, alg_list in algs.items():
|
alg_sets = alg_pair[1:]
|
||||||
|
for alg_set in alg_sets:
|
||||||
|
alg_type, alg_list = alg_set
|
||||||
for alg_name in alg_list:
|
for alg_name in alg_list:
|
||||||
alg_desc = alg_db[alg_type].get(alg_name)
|
alg_desc = alg_db[alg_type].get(alg_name)
|
||||||
if alg_desc is None:
|
if alg_desc is None:
|
||||||
|
@ -1122,6 +1124,22 @@ def get_alg_since_text(alg_desc):
|
||||||
return 'available since ' + ', '.join(tv).rstrip(', ')
|
return 'available since ' + ', '.join(tv).rstrip(', ')
|
||||||
|
|
||||||
|
|
||||||
|
def get_alg_pairs(kex, pkm):
|
||||||
|
alg_pairs = []
|
||||||
|
if pkm is not None:
|
||||||
|
alg_pairs.append(((1, SSH1.KexDB.ALGORITHMS),
|
||||||
|
('key', ['ssh-rsa1']),
|
||||||
|
('enc', pkm.supported_ciphers),
|
||||||
|
('aut', pkm.supported_authentications)))
|
||||||
|
if kex is not None:
|
||||||
|
alg_pairs.append(((2, KexDB.ALGORITHMS),
|
||||||
|
('kex', kex.kex_algorithms),
|
||||||
|
('key', kex.key_algorithms),
|
||||||
|
('enc', kex.server.encryption),
|
||||||
|
('mac', kex.server.mac)))
|
||||||
|
return alg_pairs
|
||||||
|
|
||||||
|
|
||||||
def output_algorithms(title, alg_db, alg_type, algorithms, maxlen=0):
|
def output_algorithms(title, alg_db, alg_type, algorithms, maxlen=0):
|
||||||
with OutputBuffer() as obuf:
|
with OutputBuffer() as obuf:
|
||||||
for algorithm in algorithms:
|
for algorithm in algorithms:
|
||||||
|
@ -1171,18 +1189,7 @@ def output_algorithm(alg_db, alg_type, alg_name, alg_max_len=0):
|
||||||
|
|
||||||
|
|
||||||
def output_compatibility(kex, pkm, for_server=True):
|
def output_compatibility(kex, pkm, for_server=True):
|
||||||
alg_pairs = []
|
alg_pairs = get_alg_pairs(kex, pkm)
|
||||||
if pkm is not None:
|
|
||||||
alg_pairs.append((SSH1.KexDB.ALGORITHMS,
|
|
||||||
{'key': ['ssh-rsa1'],
|
|
||||||
'enc': pkm.supported_ciphers,
|
|
||||||
'aut': pkm.supported_authentications}))
|
|
||||||
if kex is not None:
|
|
||||||
alg_pairs.append((KexDB.ALGORITHMS,
|
|
||||||
{'kex': kex.kex_algorithms,
|
|
||||||
'key': kex.key_algorithms,
|
|
||||||
'enc': kex.server.encryption,
|
|
||||||
'mac': kex.server.mac}))
|
|
||||||
ssh_timeframe = get_ssh_timeframe(alg_pairs, for_server)
|
ssh_timeframe = get_ssh_timeframe(alg_pairs, for_server)
|
||||||
vp = 1 if for_server else 2
|
vp = 1 if for_server else 2
|
||||||
comp_text = []
|
comp_text = []
|
||||||
|
|
Loading…
Reference in New Issue