當前位置: 首頁>>代碼示例>>Python>>正文


Python ThreadPool.get_result方法代碼示例

本文整理匯總了Python中utils.ThreadPool.ThreadPool.get_result方法的典型用法代碼示例。如果您正苦於以下問題:Python ThreadPool.get_result方法的具體用法?Python ThreadPool.get_result怎麽用?Python ThreadPool.get_result使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在utils.ThreadPool.ThreadPool的用法示例。


在下文中一共展示了ThreadPool.get_result方法的8個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, args):

        MAX_THREADS = 30
        sslVersionDict = {'sslv2': SSLV2, 
                       'sslv3': SSLV3, 
                       'tlsv1': TLSV1, 
                       'tlsv1_1': TLSV1_1, 
                       'tlsv1_2': TLSV1_2}
        try:
            sslVersion = sslVersionDict[command]
        except KeyError:
            raise Exception("PluginOpenSSLCipherSuites: Unknown command.")

        # Get the list of available cipher suites for the given ssl version
        sslClient = SslClient(sslVersion=sslVersion)
        sslClient.set_cipher_list('ALL:COMPLEMENTOFALL')
        cipher_list = sslClient.get_cipher_list()

        # Create a thread pool
        NB_THREADS = min(len(cipher_list), MAX_THREADS) # One thread per cipher
        thread_pool = ThreadPool()

        # Scan for every available cipher suite
        for cipher in cipher_list:
            thread_pool.add_job((self._test_ciphersuite,
                                 (target, sslVersion, cipher)))

        # Scan for the preferred cipher suite
        thread_pool.add_job((self._pref_ciphersuite,
                             (target, sslVersion)))

        # Start processing the jobs
        thread_pool.start(NB_THREADS)

        result_dicts = {'preferredCipherSuite':{}, 'acceptedCipherSuites':{},
                        'rejectedCipherSuites':{}, 'errors':{}}
        
        # Store the results as they come
        for completed_job in thread_pool.get_result():
            (job, result) = completed_job
            if result is not None:
                (result_type, ssl_cipher, keysize, msg) = result
                (result_dicts[result_type])[ssl_cipher] = (msg, keysize)
                    
        # Store thread pool errors
        for failed_job in thread_pool.get_error():
            (job, exception) = failed_job
            ssl_cipher = str(job[1][2])
            error_msg = str(exception.__class__.__module__) + '.' \
                        + str(exception.__class__.__name__) + ' - ' + str(exception)
            result_dicts['errors'][ssl_cipher] = (error_msg, None)        
            
        thread_pool.join()
        
        # Generate results
        return PluginBase.PluginResult(self._generate_text_output(result_dicts, command),
                                       self._generate_xml_output(result_dicts, command))
開發者ID:jsha,項目名稱:sslyze,代碼行數:59,代碼來源:PluginOpenSSLCipherSuites.py

示例2: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, args):

        MAX_THREADS = 30
        
        if command in ['sslv2', 'sslv3', 'tlsv1', 'tlsv1_1', 'tlsv1_2']:
            ssl_version = command
        else:
            raise Exception("PluginOpenSSLCipherSuites: Unknown command.")

        # Get the list of available cipher suites for the given ssl version
        ctSSL_initialize(multithreading=True)
        ctx = SSL_CTX.SSL_CTX(ssl_version)
        ctx.set_cipher_list('ALL:NULL:@STRENGTH')
        ssl = SSL.SSL(ctx)
        cipher_list = ssl.get_cipher_list()

        # Create a thread pool
        NB_THREADS = min(len(cipher_list), MAX_THREADS) # One thread per cipher
        thread_pool = ThreadPool()

        # Scan for every available cipher suite
        for cipher in cipher_list:
            thread_pool.add_job((self._test_ciphersuite,
                                 (target, ssl_version, cipher)))

        # Scan for the preferred cipher suite
        thread_pool.add_job((self._pref_ciphersuite,
                             (target, ssl_version)))

        # Start processing the jobs
        thread_pool.start(NB_THREADS)

        result_dicts = {'preferredCipherSuite':{}, 'acceptedCipherSuites':{},
                        'rejectedCipherSuites':{}, 'errors':{}}
        
        # Store the results as they come
        for completed_job in thread_pool.get_result():
            (job, result) = completed_job
            if result is not None:
                (result_type, ssl_cipher, keysize, msg) = result
                (result_dicts[result_type])[ssl_cipher] = (msg, keysize)
                    
        # Store thread pool errors
        for failed_job in thread_pool.get_error():
            (job, exception) = failed_job
            ssl_cipher = str(job[1][2])
            error_msg = str(exception.__class__.__module__) + '.' \
                        + str(exception.__class__.__name__) + ' - ' + str(exception)
            result_dicts['errors'][ssl_cipher] = (error_msg, None)        
            
        thread_pool.join()
        ctSSL_cleanup()
        
        # Generate results
        return PluginBase.PluginResult(self._generate_txt_result(result_dicts, command),
                                       self._generate_xml_result(result_dicts, command))
開發者ID:SecurityInnovation,項目名稱:TRACE-SSL-check,代碼行數:58,代碼來源:PluginOpenSSLCipherSuites.py

示例3: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, arg):

        if arg == "basic":
            textFunction = self._get_basic_text
        elif arg == "full":
            textFunction = self._get_full_text
        else:
            raise Exception("PluginCertInfo: Unknown command.")

        (host, _, _, _) = target
        threadPool = ThreadPool()

        for (storePath, _) in AVAILABLE_TRUST_STORES.iteritems():
            # Try to connect with each trust store
            threadPool.add_job((self._get_cert, (target, storePath)))

        # Start processing the jobs
        threadPool.start(len(AVAILABLE_TRUST_STORES))

        # Store the results as they come
        (verifyDict, verifyDictErr, x509Cert, ocspResp) = ({}, {}, None, None)

        for (job, result) in threadPool.get_result():
            (_, (_, storePath)) = job
            (x509Cert, verifyStr, ocspResp) = result
            # Store the returned verify string for each trust store
            storeName = AVAILABLE_TRUST_STORES[storePath]
            verifyDict[storeName] = verifyStr

        if x509Cert is None:
            # This means none of the connections were successful. Get out
            for (job, exception) in threadPool.get_error():
                raise exception

        # Store thread pool errors
        for (job, exception) in threadPool.get_error():
            (_, (_, storePath)) = job
            errorMsg = str(exception.__class__.__name__) + " - " + str(exception)

            storeName = AVAILABLE_TRUST_STORES[storePath]
            verifyDictErr[storeName] = errorMsg

        threadPool.join()

        # Results formatting
        # Text output - certificate info
        outputTxt = [self.PLUGIN_TITLE_FORMAT("Certificate - Content")]
        outputTxt.extend(textFunction(x509Cert))

        # Text output - trust validation
        outputTxt.extend(["", self.PLUGIN_TITLE_FORMAT("Certificate - Trust")])

        # Hostname validation
        if self._shared_settings["sni"]:
            outputTxt.append(self.FIELD_FORMAT("SNI enabled with virtual domain:", self._shared_settings["sni"]))
        # TODO: Use SNI name for validation when --sni was used
        hostValDict = {
            X509_NAME_MATCHES_SAN: "OK - Subject Alternative Name matches",
            X509_NAME_MATCHES_CN: "OK - Common Name matches",
            X509_NAME_MISMATCH: "FAILED - Certificate does NOT match " + host,
        }
        outputTxt.append(self.FIELD_FORMAT("Hostname Validation:", hostValDict[x509Cert.matches_hostname(host)]))

        # Path validation that was successful
        for (storeName, verifyStr) in verifyDict.iteritems():
            verifyTxt = (
                "OK - Certificate is trusted"
                if (verifyStr in "ok")
                else "FAILED - Certificate is NOT Trusted: " + verifyStr
            )

            # EV certs - Only Mozilla supported for now
            if (verifyStr in "ok") and ("Mozilla" in storeName):
                if self._is_ev_certificate(x509Cert):
                    verifyTxt += ", Extended Validation"
            outputTxt.append(self.FIELD_FORMAT(self.TRUST_FORMAT(storeName), verifyTxt))

        # Path validation that ran into errors
        for (storeName, errorMsg) in verifyDictErr.iteritems():
            verifyTxt = "ERROR: " + errorMsg
            outputTxt.append(self.FIELD_FORMAT(self.TRUST_FORMAT(storeName), verifyTxt))

        # Text output - OCSP stapling
        outputTxt.extend(["", self.PLUGIN_TITLE_FORMAT("Certificate - OCSP Stapling")])
        outputTxt.extend(self._get_ocsp_text(ocspResp))

        # XML output
        outputXml = Element(command, argument=arg, title="Certificate Information")

        # XML output - certificate info:  always return the full certificate
        certAttrib = {"sha1Fingerprint": x509Cert.get_SHA1_fingerprint()}
        if self._shared_settings["sni"]:
            certAttrib["suppliedServerNameIndication"] = self._shared_settings["sni"]

        certXml = Element("certificate", attrib=certAttrib)

        # Add certificate in PEM format
        PEMcertXml = Element("asPEM")
        PEMcertXml.text = x509Cert.as_pem().strip()
        certXml.append(PEMcertXml)
#.........這裏部分代碼省略.........
開發者ID:RuneTM,項目名稱:sslyze,代碼行數:103,代碼來源:PluginCertInfo.py

示例4: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, arg):

        if arg == 'basic':
            textFunction  = self._get_basic_text
        elif arg == 'full':
            textFunction = self._get_full_text
        else:
            raise Exception("PluginCertInfo: Unknown command.")

        (host, _, _, _) = target
        threadPool = ThreadPool()

        for (storePath, _) in AVAILABLE_TRUST_STORES.iteritems():
            # Try to connect with each trust store
            threadPool.add_job((self._get_cert, (target, storePath)))

        # Start processing the jobs
        threadPool.start(len(AVAILABLE_TRUST_STORES))

        # Store the results as they come
        (verifyDict, verifyDictErr, x509Cert, ocspResp)  = ({}, {}, None, None)

        for (job, result) in threadPool.get_result():
            (_, (_, storePath)) = job
            (x509Chain, verifyStr, ocspResp) = result
            # Store the returned verify string for each trust store
            x509Cert = x509Chain[0] # First cert is always the leaf cert
            storeName = AVAILABLE_TRUST_STORES[storePath]
            verifyDict[storeName] = verifyStr

        if x509Cert is None:
            # This means none of the connections were successful. Get out
            for (job, exception) in threadPool.get_error():
                raise exception

        # Store thread pool errors
        for (job, exception) in threadPool.get_error():
            (_, (_, storePath)) = job
            errorMsg = str(exception.__class__.__name__) + ' - ' \
                        + str(exception)

            storeName = AVAILABLE_TRUST_STORES[storePath]
            verifyDictErr[storeName] = errorMsg

        threadPool.join()


        # Results formatting
        # Text output - certificate info
        outputTxt = [self.PLUGIN_TITLE_FORMAT('Certificate - Content')]
        outputTxt.extend(textFunction(x509Cert))

        # Text output - trust validation
        outputTxt.extend(['', self.PLUGIN_TITLE_FORMAT('Certificate - Trust')])

        # Hostname validation
        if self._shared_settings['sni']:
            outputTxt.append(self.FIELD_FORMAT("SNI enabled with virtual domain:",
                                               self._shared_settings['sni']))
        # TODO: Use SNI name for validation when --sni was used
        hostValDict = {
            X509_NAME_MATCHES_SAN : 'OK - Subject Alternative Name matches',
            X509_NAME_MATCHES_CN :  'OK - Common Name matches',
            X509_NAME_MISMATCH :    'FAILED - Certificate does NOT match ' + host
        }
        outputTxt.append(self.FIELD_FORMAT("Hostname Validation:",
                                            hostValDict[x509Cert.matches_hostname(host)]))

        # Path validation that was successful
        for (storeName, verifyStr) in verifyDict.iteritems():
            verifyTxt = 'OK - Certificate is trusted' if (verifyStr in 'ok') else 'FAILED - Certificate is NOT Trusted: ' + verifyStr

            # EV certs - Only Mozilla supported for now
            if (verifyStr in 'ok') and ('Mozilla' in storeName):
                if (self._is_ev_certificate(x509Cert)):
                    verifyTxt += ', Extended Validation'
            outputTxt.append(self.FIELD_FORMAT(self.TRUST_FORMAT(storeName), verifyTxt))


        # Path validation that ran into errors
        for (storeName, errorMsg) in verifyDictErr.iteritems():
            verifyTxt = 'ERROR: ' + errorMsg
            outputTxt.append(self.FIELD_FORMAT(self.TRUST_FORMAT(storeName), verifyTxt))

        # Print the Common Names within the certificate chain
        certChainCNs = []
        for cert in x509Chain:
            try: # Extract the CN if there's one
                certName = cert.as_dict()['subject']['commonName']
            except KeyError:
                # If no common name, display the organizational unit instead
                try:
                    certName = cert.as_dict()['subject']['organizationalUnitName']
                except KeyError:
                    # Give up
                    certName = 'No Common Name'

            certChainCNs.append(certName)

        outputTxt.append(self.FIELD_FORMAT('Certificate Chain:', str(certChainCNs)))
#.........這裏部分代碼省略.........
開發者ID:johncosta,項目名稱:sslyze,代碼行數:103,代碼來源:PluginCertInfo.py

示例5: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, arg):

        if arg == 'basic':
            txt_output_generator = self._get_basic_text
        elif arg == 'full':
            txt_output_generator = self._get_full_text
        else:
            raise Exception("PluginCertInfo: Unknown command.")

        (host, _, _, _) = target
        thread_pool = ThreadPool()

        if 'ca_file' in self._shared_settings and self._shared_settings['ca_file']:
            AVAILABLE_TRUST_STORES[self._shared_settings['ca_file']] = ('Custom --ca_file', 'N/A')

        for (store_path, _) in AVAILABLE_TRUST_STORES.iteritems():
            # Try to connect with each trust store
            thread_pool.add_job((self._get_cert, (target, store_path)))

        # Start processing the jobs
        thread_pool.start(len(AVAILABLE_TRUST_STORES))

        # Store the results as they come
        x509_cert_chain = []
        (verify_dict, verify_dict_error, x509_cert, ocsp_response) = ({}, {}, None, None)

        for (job, result) in thread_pool.get_result():
            (_, (_, store_path)) = job
            (x509_cert_chain, verify_str, ocsp_response) = result
            # Store the returned verify string for each trust store
            x509_cert = x509_cert_chain[0]  # First cert is always the leaf cert
            store_info = AVAILABLE_TRUST_STORES[store_path]
            verify_dict[store_info] = verify_str

        if x509_cert is None:
            # This means none of the connections were successful. Get out
            for (job, exception) in thread_pool.get_error():
                raise exception

        # Store thread pool errors
        for (job, exception) in thread_pool.get_error():
            (_, (_, store_path)) = job
            error_msg = str(exception.__class__.__name__) + ' - ' + str(exception)

            store_info = AVAILABLE_TRUST_STORES[store_path]
            verify_dict_error[store_info] = error_msg

        thread_pool.join()


        # Results formatting
        # Text output - certificate info
        text_output = [self.PLUGIN_TITLE_FORMAT('Certificate - Content')]
        text_output.extend(txt_output_generator(x509_cert))

        # Text output - trust validation
        text_output.extend(['', self.PLUGIN_TITLE_FORMAT('Certificate - Trust')])

        # Hostname validation
        if self._shared_settings['sni']:
            text_output.append(self.FIELD_FORMAT("SNI enabled with virtual domain:", self._shared_settings['sni']))
        # TODO: Use SNI name for validation when --sni was used
        host_val_dict = {
            X509_NAME_MATCHES_SAN: 'OK - Subject Alternative Name matches',
            X509_NAME_MATCHES_CN: 'OK - Common Name matches',
            X509_NAME_MISMATCH: 'FAILED - Certificate does NOT match ' + host
        }
        text_output.append(self.FIELD_FORMAT("Hostname Validation:", host_val_dict[x509_cert.matches_hostname(host)]))

        # Path validation that was successful
        for ((store_name, store_version), verify_str) in verify_dict.iteritems():
            verify_txt = 'OK - Certificate is trusted' if (verify_str in 'ok') \
                else 'FAILED - Certificate is NOT Trusted: ' + verify_str

            # EV certs - Only Mozilla supported for now
            if (verify_str in 'ok') and ('Mozilla' in store_info):
                if self._is_ev_certificate(x509_cert):
                    verify_txt += ', Extended Validation'

            text_output.append(self.FIELD_FORMAT(self.TRUST_FORMAT(store_name=store_name,
                                                                   store_version=store_version),
                                                 verify_txt))


        # Path validation that ran into errors
        for ((store_name, store_version), error_msg) in verify_dict_error.iteritems():
            verify_txt = 'ERROR: ' + error_msg
            text_output.append(self.FIELD_FORMAT(self.TRUST_FORMAT(store_name=store_name,
                                                                   store_version=store_version),
                                                 verify_txt))

        # Print the Common Names within the certificate chain
        cns_in_cert_chain = []
        for cert in x509_cert_chain:
            cert_identity = self._extract_subject_cn_or_oun(cert)
            cns_in_cert_chain.append(cert_identity)

        text_output.append(self.FIELD_FORMAT('Certificate Chain Received:', str(cns_in_cert_chain)))


#.........這裏部分代碼省略.........
開發者ID:ZenSecurity,項目名稱:sslyze,代碼行數:103,代碼來源:PluginCertInfo.py

示例6: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, arg):

        if arg == "basic":
            txt_output_generator = self._get_basic_text
        elif arg == "full":
            txt_output_generator = self._get_full_text
        else:
            raise Exception("PluginCertInfo: Unknown command.")

        (host, _, _, _) = target
        thread_pool = ThreadPool()

        if "ca_file" in self._shared_settings and self._shared_settings["ca_file"]:
            AVAILABLE_TRUST_STORES[self._shared_settings["ca_file"]] = ("Custom --ca_file", "N/A")

        for (store_path, _) in AVAILABLE_TRUST_STORES.iteritems():
            # Try to connect with each trust store
            thread_pool.add_job((self._get_cert, (target, store_path)))

        # Start processing the jobs
        thread_pool.start(len(AVAILABLE_TRUST_STORES))

        # Store the results as they come
        x509_cert_chain = []
        (verify_dict, verify_dict_error, x509_cert, ocsp_response) = ({}, {}, None, None)

        for (job, result) in thread_pool.get_result():
            (_, (_, store_path)) = job
            (x509_cert_chain, verify_str, ocsp_response) = result
            # Store the returned verify string for each trust store
            x509_cert = x509_cert_chain[0]  # First cert is always the leaf cert
            store_info = AVAILABLE_TRUST_STORES[store_path]
            verify_dict[store_info] = verify_str

        if x509_cert is None:
            # This means none of the connections were successful. Get out
            for (job, exception) in thread_pool.get_error():
                raise exception

        # Store thread pool errors
        for (job, exception) in thread_pool.get_error():
            (_, (_, store_path)) = job
            error_msg = str(exception.__class__.__name__) + " - " + str(exception)

            store_info = AVAILABLE_TRUST_STORES[store_path]
            verify_dict_error[store_info] = error_msg

        thread_pool.join()

        # Results formatting
        # Text output - certificate info
        text_output = [self.PLUGIN_TITLE_FORMAT("Certificate - Content")]
        text_output.extend(txt_output_generator(x509_cert))

        # Text output - trust validation
        text_output.extend(["", self.PLUGIN_TITLE_FORMAT("Certificate - Trust")])

        # Hostname validation
        if self._shared_settings["sni"]:
            text_output.append(self.FIELD_FORMAT("SNI enabled with virtual domain:", self._shared_settings["sni"]))
        # TODO: Use SNI name for validation when --sni was used
        host_val_dict = {
            X509_NAME_MATCHES_SAN: "OK - Subject Alternative Name matches",
            X509_NAME_MATCHES_CN: "OK - Common Name matches",
            X509_NAME_MISMATCH: "FAILED - Certificate does NOT match " + host,
        }
        text_output.append(self.FIELD_FORMAT("Hostname Validation:", host_val_dict[x509_cert.matches_hostname(host)]))

        # Path validation that was successful
        for ((store_name, store_version), verify_str) in verify_dict.iteritems():
            verify_txt = (
                "OK - Certificate is trusted"
                if (verify_str in "ok")
                else "FAILED - Certificate is NOT Trusted: " + verify_str
            )

            # EV certs - Only Mozilla supported for now
            if (verify_str in "ok") and ("Mozilla" in store_info):
                if self._is_ev_certificate(x509_cert):
                    verify_txt += ", Extended Validation"

            text_output.append(
                self.FIELD_FORMAT(self.TRUST_FORMAT(store_name=store_name, store_version=store_version), verify_txt)
            )

        # Path validation that ran into errors
        for ((store_name, store_version), error_msg) in verify_dict_error.iteritems():
            verify_txt = "ERROR: " + error_msg
            text_output.append(
                self.FIELD_FORMAT(self.TRUST_FORMAT(store_name=store_name, store_version=store_version), verify_txt)
            )

        # Print the Common Names within the certificate chain
        cns_in_cert_chain = []
        for cert in x509_cert_chain:
            cert_identity = self._extract_subject_cn_or_oun(cert)
            cns_in_cert_chain.append(cert_identity)

        text_output.append(self.FIELD_FORMAT("Certificate Chain Received:", str(cns_in_cert_chain)))

#.........這裏部分代碼省略.........
開發者ID:yutianhot,項目名稱:sslyze,代碼行數:103,代碼來源:PluginCertInfo.py

示例7: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, args):

        MAX_THREADS = 15
        sslVersionDict = {"sslv2": SSLV2, "sslv3": SSLV3, "tlsv1": TLSV1, "tlsv1_1": TLSV1_1, "tlsv1_2": TLSV1_2}
        try:
            sslVersion = sslVersionDict[command]
        except KeyError:
            raise Exception("PluginOpenSSLCipherSuites: Unknown command.")

        # Get the list of available cipher suites for the given ssl version
        sslClient = SslClient(sslVersion=sslVersion)
        sslClient.set_cipher_list("ALL:COMPLEMENTOFALL")
        cipher_list = sslClient.get_cipher_list()

        # Create a thread pool
        NB_THREADS = min(len(cipher_list), MAX_THREADS)  # One thread per cipher
        thread_pool = ThreadPool()

        cipher_whitelist = [
            "ECDHE-RSA-AES128-GCM-SHA256",
            "ECDHE-ECDSA-AES128-GCM-SHA256",
            "ECDHE-RSA-AES256-GCM-SHA384",
            "ECDHE-ECDSA-AES256-GCM-SHA384",
            "DHE-RSA-AES128-GCM-SHA256",
            "DHE-DSS-AES128-GCM-SHA256",
            "kEDH+AESGCM",
            "ECDHE-RSA-AES128-SHA256",
            "ECDHE-ECDSA-AES128-SHA256",
            "ECDHE-RSA-AES128-SHA",
            "ECDHE-ECDSA-AES128-SHA",
            "ECDHE-RSA-AES256-SHA384",
            "ECDHE-ECDSA-AES256-SHA384",
            "ECDHE-RSA-AES256-SHA",
            "ECDHE-ECDSA-AES256-SHA",
            "DHE-RSA-AES128-SHA256",
            "DHE-RSA-AES128-SHA",
            "DHE-DSS-AES128-SHA256",
            "DHE-RSA-AES256-SHA256",
            "DHE-DSS-AES256-SHA",
            "DHE-RSA-AES256-SHA",
        ]

        cipher_blacklist = ["RC4", "EXPORT", "DES", "aNULL", "eNULL", "MD5"]
        version_whitelist = ["TLSV1_1", "TLSV1_2"]
        version_blacklist = ["SSLV2", "SSLV3"]
        cdict = {"whitelist": cipher_whitelist, "blacklist": cipher_blacklist}
        verdict = {"whitelist": version_whitelist, "blacklist": version_blacklist}

        # Scan for every available cipher suite
        for cipher in cipher_list:
            thread_pool.add_job((self._test_ciphersuite, (target, sslVersion, cipher, cdict)))

        # Scan for the preferred cipher suite
        thread_pool.add_job((self._pref_ciphersuite, (target, sslVersion, cdict)))

        # Start processing the jobs
        thread_pool.start(NB_THREADS)

        result_dicts = {
            "preferredCipherSuite": {},
            "acceptedCipherSuites": {},
            "rejectedCipherSuites": {},
            "errors": {},
        }

        # Store the results as they come
        for completed_job in thread_pool.get_result():
            (job, result) = completed_job
            if result is not None:
                (result_type, ssl_cipher, keysize, dh_infos, msg) = result
                (result_dicts[result_type])[ssl_cipher] = (msg, keysize, dh_infos)

        # Store thread pool errors
        for failed_job in thread_pool.get_error():
            (job, exception) = failed_job
            ssl_cipher = str(job[1][2])
            error_msg = str(exception.__class__.__name__) + " - " + str(exception)
            result_dicts["errors"][ssl_cipher] = (error_msg, None, None)

        thread_pool.join()

        # Generate results
        return PluginBase.PluginResult(
            self._generate_text_output(result_dicts, command, verdict),
            self._generate_xml_output(result_dicts, command, verdict),
        )
開發者ID:aur3lius-dev,項目名稱:sslyze,代碼行數:88,代碼來源:PluginOpenSSLCipherSuites.py

示例8: process_task

# 需要導入模塊: from utils.ThreadPool import ThreadPool [as 別名]
# 或者: from utils.ThreadPool.ThreadPool import get_result [as 別名]
    def process_task(self, target, command, arg):

        if arg == 'basic':
            textFunction  = self._get_basic_text
        elif arg == 'full':
            textFunction = self._get_full_text
        else:
            raise Exception("PluginCertInfo: Unknown command.")

        (host, _, _, _) = target
        threadPool = ThreadPool()

        for (storePath, _) in AVAILABLE_TRUST_STORES.iteritems():
            # Try to connect with each trust store
            threadPool.add_job((self._get_cert, (target, storePath)))

        # Start processing the jobs
        threadPool.start(len(AVAILABLE_TRUST_STORES))

        # Store the results as they come
        (verifyDict, x509Cert, ocspResp)  = ({}, None, None)

        for (job, result) in threadPool.get_result():
            (_, (_, storePath)) = job
            (x509Cert, verifyStr, ocspResp) = result
            # Store the returned verify string for each trust store
            storeName = AVAILABLE_TRUST_STORES[storePath]
            verifyDict[storeName] = verifyStr

        if x509Cert == None:
            # This means none of the connections were successful. Get out
            for (job, exception) in threadPool.get_error():
                raise exception

        # Store thread pool errors
        for (job, exception) in threadPool.get_error():
            (_, (_, storePath)) = job
            errorMsg = str(exception.__class__.__module__) + '.' \
                        + str(exception.__class__.__name__) + ' - ' \
                        + str(exception)
            verifyDict[storePath] = errorMsg

        threadPool.join()


        # Results formatting
        # Text output - certificate info
        outputTxt = [self.PLUGIN_TITLE_FORMAT('Certificate - Content')]
        outputTxt.extend(textFunction(x509Cert))


        # Text output - trust validation
        outputTxt.extend(['', self.PLUGIN_TITLE_FORMAT('Certificate - Trust')])

        # Hostname validation
        if self._shared_settings['sni']:
            outputTxt.append(self.FIELD_FORMAT("SNI enabled with virtual domain:",
                                               self._shared_settings['sni']))
        # TODO: Use SNI name for validation when --sni was used
        hostValDict = {
            X509_NAME_MATCHES_SAN : 'OK - Subject Alternative Name matches',
            X509_NAME_MATCHES_CN :  'OK - Common Name matches',
            X509_NAME_MISMATCH :    'FAILED - Certificate does not match ' + host
        }
        outputTxt.append(self.FIELD_FORMAT("Hostname Validation:",
                                            hostValDict[x509Cert.matches_hostname(host)]))

        # Path validation
        for (storeName, verifyStr) in verifyDict.iteritems():
            verifyTxt = 'OK - Trusted' if (verifyStr in 'ok') else 'FAILED - ' + verifyStr

            # EV certs - Only Mozilla supported for now
            if (verifyStr in 'ok') and ('Mozilla' in storeName):
                if (self._is_ev_certificate(x509Cert)):
                    verifyTxt += ', Extended Validation'
            outputTxt.append(self.FIELD_FORMAT(self.TRUST_FORMAT(storeName), verifyTxt))


        # Text output - OCSP stapling
        outputTxt.extend(['', self.PLUGIN_TITLE_FORMAT('Certificate - OCSP Stapling')])
        outputTxt.extend(self._get_ocsp_text(ocspResp))


        # XML output
        outputXml = Element(command, argument = arg, title = 'Certificate Information')

        # XML output - certificate info:  always return the full certificate
        certAttrib = { 'sha1Fingerprint' : x509Cert.get_SHA1_fingerprint() }
        if self._shared_settings['sni']:
            certAttrib['suppliedServerNameIndication'] = self._shared_settings['sni']

        certXml = Element('certificate', attrib = certAttrib)

        # Add certificate in PEM format
        PEMcertXml = Element('asPEM')
        PEMcertXml.text = x509Cert.as_pem().strip()
        certXml.append(PEMcertXml)

        for (key, value) in x509Cert.as_dict().items():
            certXml.append(_keyvalue_pair_to_xml(key, value))
#.........這裏部分代碼省略.........
開發者ID:travisspencer,項目名稱:sslyze,代碼行數:103,代碼來源:PluginCertInfo.py


注:本文中的utils.ThreadPool.ThreadPool.get_result方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。