From 1608aa58ec0077d5ed4f402367b15cee5f8b830d Mon Sep 17 00:00:00 2001 From: "Dr. Adedayo Adetoye" Date: Wed, 17 Jul 2019 00:04:33 +0100 Subject: [PATCH] Fix: bumped tls-definitions and cidr in particular to fix an issue with interpretation of hostnames with . --- go.mod | 4 ++-- go.sum | 4 ++++ pkg/model/models_test.go | 30 ++++++++++++++++-------------- 3 files changed, 22 insertions(+), 16 deletions(-) diff --git a/go.mod b/go.mod index 9c78d78..bbe39cf 100644 --- a/go.mod +++ b/go.mod @@ -4,9 +4,9 @@ go 1.12 require ( github.com/AndreasBriese/bbloom v0.0.0-20190306092124-e2d15f34fcf9 // indirect - github.com/adedayo/cidr v0.1.4 + github.com/adedayo/cidr v0.1.5 github.com/adedayo/tcpscan v0.5.6 - github.com/adedayo/tls-definitions v0.0.1 + github.com/adedayo/tls-definitions v0.0.2 github.com/adedayo/tls-stats v0.0.1 // indirect github.com/carlescere/scheduler v0.0.0-20170109141437-ee74d2f83d82 github.com/dgraph-io/badger v1.5.5-0.20181004181505-439fd464b155 diff --git a/go.sum b/go.sum index 2b12338..ef54ee2 100644 --- a/go.sum +++ b/go.sum @@ -5,11 +5,15 @@ github.com/adedayo/cidr v0.1.3 h1:SrjHm2g80gq+ajZR/npN3p0C+hJs1iulnpuSPCy2PlQ= github.com/adedayo/cidr v0.1.3/go.mod h1:By6g82fmUcv8/Z/6JcDs1D4wO4gc/Ookb842bVCV6Io= github.com/adedayo/cidr v0.1.4 h1:bb+AUoxPpbHiamifIZnMYDAkz1JQzesOYilLpcLAQxg= github.com/adedayo/cidr v0.1.4/go.mod h1:By6g82fmUcv8/Z/6JcDs1D4wO4gc/Ookb842bVCV6Io= +github.com/adedayo/cidr v0.1.5 h1:O6N8M2CPOT7LAy2upOHnQ4YIKHD+VXAQc8/OalCsmnU= +github.com/adedayo/cidr v0.1.5/go.mod h1:By6g82fmUcv8/Z/6JcDs1D4wO4gc/Ookb842bVCV6Io= github.com/adedayo/tcpscan v0.3.4/go.mod h1:V4BbfuzhchhRXT/uyJiNxysE4nadq2t6kfXdFJkXQ2k= github.com/adedayo/tcpscan v0.5.6 h1:EzNBxn2nIJ5WzuAFb5tmxUGX83Yc0Xg6YN1hn3bLMao= github.com/adedayo/tcpscan v0.5.6/go.mod h1:6v2onzEsetkP35RqQnKhB5B5MLVV1w+eepgCkXWQzwc= github.com/adedayo/tls-definitions v0.0.1 h1:RklSTUeBn5DD/jDsps44eR2e3mbQRYR+a7YrtmKwal4= github.com/adedayo/tls-definitions v0.0.1/go.mod h1:gMvNG/ngGUR7D56FeXy6hvkheV95CuTPiv7OfZCWHCM= +github.com/adedayo/tls-definitions v0.0.2 h1:TS+J1UwmZpbF3a/82Ahr4L0WluG8rjv5soeAPccjG1M= +github.com/adedayo/tls-definitions v0.0.2/go.mod h1:gMvNG/ngGUR7D56FeXy6hvkheV95CuTPiv7OfZCWHCM= github.com/adedayo/tls-stats v0.0.0-20190603172217-4329b2334087 h1:ZyMM6lZbEeZzL1gkYqAKTAbDdgiq9Hj3Ot536uWO4ps= github.com/adedayo/tls-stats v0.0.0-20190603172217-4329b2334087/go.mod h1:d+kU3FzEvIVYOie4QRBqApp3Ywz8qbNQShGVJwTU818= github.com/adedayo/tls-stats v0.0.1 h1:NJDv78JRJtG3uGW1dV3fmDNfrxD5p+pV2PGfZUeaN+M= diff --git a/pkg/model/models_test.go b/pkg/model/models_test.go index 4e4febe..fde1b06 100644 --- a/pkg/model/models_test.go +++ b/pkg/model/models_test.go @@ -4,6 +4,8 @@ import ( "reflect" "strings" "testing" + + tlsdefs "github.com/adedayo/tls-definitions" ) type args struct { @@ -79,7 +81,7 @@ type parseError struct { } func enumerateCipherParseErrors() (data []parseError) { - for c, cn := range CipherSuiteMap { + for c, cn := range tlsdefs.CipherSuiteMap { _, err := GetCipherConfig(c) data = append(data, parseError{ cipher: cn, @@ -146,7 +148,7 @@ func TestScanResult_SupportsTLS(t *testing.T) { } func TestScanResult_IsExportable(t *testing.T) { - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if strings.Contains(strings.Split(cipherName, "_WITH_")[0], "EXPORT") { if cc, _ := GetCipherConfig(cipher); !cc.IsExport { @@ -158,7 +160,7 @@ func TestScanResult_IsExportable(t *testing.T) { } func TestScanResult_GetEncryptionKeyLength(t *testing.T) { - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.GetEncryptionKeyLength() == -1 { t.Errorf("CipherConfig.GetEncryptionKeyLength() = -1, when cipher is %s", cc.Encryption) @@ -179,10 +181,10 @@ func TestEnumerateCipherMetrics_EnsureMacPRFIsSet(t *testing.T) { func TestKeyExchangePerformance(t *testing.T) { conf := CipherConfigParameters{ - RSABitLength: 1024, - NamedCurveStrength: 1024, + RSABitLength: 1024, + SupportedGroupStrength: 1024, } - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.getKXPerf(conf) == -1 { t.Errorf("Key exchange performance = -1, when key exchange is %s", cc.KeyExchange) @@ -192,7 +194,7 @@ func TestKeyExchangePerformance(t *testing.T) { } func TestAuthenticationPerformance(t *testing.T) { - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.getAuthPerf() == -1 { t.Errorf("Authentication performance = -1, when authentication is %s", cc.Authentication) @@ -202,7 +204,7 @@ func TestAuthenticationPerformance(t *testing.T) { } func TestMACPRFPerformance(t *testing.T) { - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.getMACPRFPerf() == -1 { t.Errorf("MACPRF performance = -1, when MACPRF is %s", cc.MACPRF) @@ -212,7 +214,7 @@ func TestMACPRFPerformance(t *testing.T) { } func TestEncryptionAlgorithmPerformance(t *testing.T) { - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.getEncAlgPerf() == -1 { t.Errorf("Encryption Algorithm performance = -1, when Encryption Algorithm is %s", cc.getEncAlg()) @@ -222,7 +224,7 @@ func TestEncryptionAlgorithmPerformance(t *testing.T) { } func TestEncryptionKeyPerformance(t *testing.T) { - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.getEncKeyPerf() == -1 { t.Errorf("Encryption Key performance = -1, when Encryption Key is %d", cc.GetEncryptionKeyLength()) @@ -232,7 +234,7 @@ func TestEncryptionKeyPerformance(t *testing.T) { } func TestEncryptionModePerformance(t *testing.T) { - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.getEncModePerf() == -1 { t.Errorf("Encryption Mode performance = -1, when encryption mode is %s", cc.getEncMode()) @@ -243,10 +245,10 @@ func TestEncryptionModePerformance(t *testing.T) { func TestCalculateCypherPerformance(t *testing.T) { conf := CipherConfigParameters{ - RSABitLength: 1024, - NamedCurveStrength: 1024, + RSABitLength: 1024, + SupportedGroupStrength: 1024, } - for cipher, cipherName := range CipherSuiteMap { + for cipher, cipherName := range tlsdefs.CipherSuiteMap { t.Run(cipherName, func(t *testing.T) { if cc, _ := GetCipherConfig(cipher); cc.getPerformanceMetric(conf) >= 0 { t.Errorf("Cypher suite performance < 0, with value %d", cc.getPerformanceMetric(conf))