From 5e4701dd6eed074614bee19889cf18c9a3b6fd7b Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Fri, 2 Sep 2016 00:26:55 -0400 Subject: [PATCH] Provide compliance results with partial success --- lib/ssh_scan/policy_manager.rb | 2 ++ lib/ssh_scan/scan_engine.rb | 22 +++++++++++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/lib/ssh_scan/policy_manager.rb b/lib/ssh_scan/policy_manager.rb index 074491e6..0f6b811f 100644 --- a/lib/ssh_scan/policy_manager.rb +++ b/lib/ssh_scan/policy_manager.rb @@ -89,6 +89,8 @@ def missing_policy_compression end def out_of_policy_auth_methods + return [] if @result["auth_methods"].nil? + target_auth_methods = @result["auth_methods"] outliers = [] diff --git a/lib/ssh_scan/scan_engine.rb b/lib/ssh_scan/scan_engine.rb index d27c520c..635d3df4 100644 --- a/lib/ssh_scan/scan_engine.rb +++ b/lib/ssh_scan/scan_engine.rb @@ -76,13 +76,25 @@ def scan_target(socket, opts) "sha1" => fingerprint_sha1, "sha256" => fingerprint_sha256, } - # Do this only when no errors were reported - unless policy.nil? - policy_mgr = SSHScan::PolicyManager.new(result, policy) - result['compliance'] = policy_mgr.compliance_results - end end end + + # Do this only when no errors were reported + if !policy.nil? && + !result[:key_algorithms].nil? && + !result[:server_host_key_algorithms].nil? && + !result[:encryption_algorithms_client_to_server].nil? && + !result[:encryption_algorithms_server_to_client].nil? && + !result[:mac_algorithms_client_to_server].nil? && + !result[:mac_algorithms_server_to_client].nil? && + !result[:compression_algorithms_client_to_server].nil? && + !result[:compression_algorithms_server_to_client].nil? && + !result[:languages_client_to_server].nil? && + !result[:languages_server_to_client].nil? + policy_mgr = SSHScan::PolicyManager.new(result, policy) + result['compliance'] = policy_mgr.compliance_results + end + return result end