2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-22 14:23:41 +01:00

Merge pull request #62 from tomato42/python3

Python 3 compatibility
This commit is contained in:
Julien Vehent 2015-06-10 07:00:21 +02:00
commit 90ed0bbb3e
3 changed files with 26 additions and 19 deletions

View File

@ -5,6 +5,8 @@
# #
# Contributor: Julien Vehent jvehent@mozilla.com [:ulfr] # Contributor: Julien Vehent jvehent@mozilla.com [:ulfr]
from __future__ import print_function
import sys, os, json, subprocess, logging, argparse, platform import sys, os, json, subprocess, logging, argparse, platform
from collections import namedtuple from collections import namedtuple
from datetime import datetime from datetime import datetime
@ -51,7 +53,7 @@ def is_fubar(results):
has_ssl2 = True has_ssl2 = True
logging.debug('SSLv2 is in the list of fubar protocols') logging.debug('SSLv2 is in the list of fubar protocols')
fubar = True fubar = True
if conn['pubkey'] < 2048: if int(conn['pubkey'][0]) < 2048:
has_wrong_pubkey = True has_wrong_pubkey = True
logging.debug(conn['pubkey'] + ' is a fubar pubkey size') logging.debug(conn['pubkey'] + ' is a fubar pubkey size')
fubar = True fubar = True
@ -319,8 +321,8 @@ def process_results(data, level=None, do_json=False, do_nagios=False):
level='none' level='none'
try: try:
results = json.loads(data) results = json.loads(data)
except ValueError, e: except ValueError as e:
print("invalid json data") print("invalid json data: " + str(e))
try: try:
if results: if results:
if do_json: if do_json:
@ -342,12 +344,13 @@ def process_results(data, level=None, do_json=False, do_nagios=False):
print("and complies with the '" + level + "' level") print("and complies with the '" + level + "' level")
else: else:
print("and DOES NOT comply with the '" + level + "' level") print("and DOES NOT comply with the '" + level + "' level")
except TypeError, e: except TypeError as e:
print("Error processing data: " + str(e))
return False return False
if do_json: if do_json:
json_output['failures'] = deepcopy(failures) json_output['failures'] = deepcopy(failures)
print json.dumps(json_output) print(json.dumps(json_output))
return True return True
if len(failures['fubar']) > 0: if len(failures['fubar']) > 0:
@ -419,16 +422,20 @@ def build_ciphers_lists(opensslbin):
logging.debug('Loading all ciphers: ' + allC) logging.debug('Loading all ciphers: ' + allC)
all_ciphers = subprocess.Popen([opensslbin, 'ciphers', allC], all_ciphers = subprocess.Popen([opensslbin, 'ciphers', allC],
stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip().split(':') stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip()
all_ciphers = str(all_ciphers).split(":")
logging.debug('Loading old ciphers: ' + oldC) logging.debug('Loading old ciphers: ' + oldC)
old_ciphers = subprocess.Popen([opensslbin, 'ciphers', oldC], old_ciphers = subprocess.Popen([opensslbin, 'ciphers', oldC],
stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip().split(':') stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip()
old_ciphers = str(old_ciphers).split(':')
logging.debug('Loading intermediate ciphers: ' + intC) logging.debug('Loading intermediate ciphers: ' + intC)
intermediate_ciphers = subprocess.Popen([opensslbin, 'ciphers', intC], intermediate_ciphers = subprocess.Popen([opensslbin, 'ciphers', intC],
stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip().split(':') stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip()
intermediate_ciphers = str(intermediate_ciphers).split(':')
logging.debug('Loading modern ciphers: ' + modernC) logging.debug('Loading modern ciphers: ' + modernC)
modern_ciphers = subprocess.Popen([opensslbin, 'ciphers', modernC], modern_ciphers = subprocess.Popen([opensslbin, 'ciphers', modernC],
stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip().split(':') stderr=blackhole, stdout=subprocess.PIPE).communicate()[0].rstrip()
modern_ciphers = str(modern_ciphers).split(':')
blackhole.close() blackhole.close()
def main(): def main():
@ -481,7 +488,7 @@ def main():
data = subprocess.check_output([mypath + '/cipherscan', '-o', args.openssl, '-j', args.target]) data = subprocess.check_output([mypath + '/cipherscan', '-o', args.openssl, '-j', args.target])
else: else:
data = subprocess.check_output([mypath + '/cipherscan', '-j', args.target]) data = subprocess.check_output([mypath + '/cipherscan', '-j', args.target])
exit_status=process_results(data, args.level, args.json, args.nagios) exit_status=process_results(str(data), args.level, args.json, args.nagios)
else: else:
if os.fstat(args.infile.fileno()).st_size < 2: if os.fstat(args.infile.fileno()).st_size < 2:
logging.error("invalid input file") logging.error("invalid input file")

View File

@ -5,7 +5,7 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/. # file, You can obtain one at http://mozilla.org/MPL/2.0/.
# Author: Hubert Kario - 2014 # Author: Hubert Kario - 2014
from __future__ import division from __future__ import division, print_function
path = "./results/" path = "./results/"
ca_certs_path = "./ca_files" ca_certs_path = "./ca_files"
@ -61,7 +61,7 @@ def get_path_for_hash(cert_hash):
if not os.path.exists(f_name): if not os.path.exists(f_name):
f_name = ca_certs_path + '/' + cert_hash + '.pem' f_name = ca_certs_path + '/' + cert_hash + '.pem'
if not os.path.exists(f_name): if not os.path.exists(f_name):
#print "File with hash " + c_hash + " is missing!" #print("File with hash " + c_hash + " is missing!")
return None return None
return f_name return f_name
@ -201,7 +201,7 @@ with open("parsed") as res_file:
try: try:
res = json.loads(line) res = json.loads(line)
except ValueError as e: except ValueError as e:
print "can't process line: " + line print("can't process line: " + line)
continue continue
f=res f=res
@ -248,13 +248,13 @@ with open("parsed") as res_file:
if server_chain_trusted: if server_chain_trusted:
if server_chain_complete: if server_chain_complete:
chains["complete"] += 1 chains["complete"] += 1
print "complete: " + f['host'] print("complete: " + f['host'])
else: else:
chains["incomplete"] += 1 chains["incomplete"] += 1
print "incomplete: " + f['host'] print("incomplete: " + f['host'])
else: else:
chains["untrusted"] += 1 chains["untrusted"] += 1
print "untrusted: " + f['host'] print("untrusted: " + f['host'])
if valid: if valid:
hosts += 1 hosts += 1
@ -276,9 +276,9 @@ with open("parsed") as res_file:
continue continue
""" Display stats """ """ Display stats """
#print "openssl invocations: " + str(invocations["openssl"]) #print("openssl invocations: " + str(invocations["openssl"]))
print "Statistics from " + str(total) + " chains provided by " + str(hosts) + " hosts" print("Statistics from " + str(total) + " chains provided by " + str(hosts) + " hosts")
print("\nServer provided chains Count Percent") print("\nServer provided chains Count Percent")
print("-------------------------+---------+-------") print("-------------------------+---------+-------")

View File

@ -6,7 +6,7 @@
# Author: Julien Vehent [:ulfr] - 2013 # Author: Julien Vehent [:ulfr] - 2013
# Contributors: Hubert Kario - 2014 # Contributors: Hubert Kario - 2014
from __future__ import division from __future__ import division, print_function
path = "./results/" path = "./results/"