class Inspec::Resources::SSL

Constants

VERSIONS

Attributes

host[R]
port[R]
retries[R]
timeout[R]

Public Class Methods

new(opts = {}) click to toggle source
# File lib/inspec/resources/ssl.rb, line 45
def initialize(opts = {})
  @host = opts[:host]
  if @host.nil?
    # Transports like SSH and WinRM will provide a hostname
    if inspec.backend.respond_to?("hostname")
      @host = inspec.backend.hostname
    elsif inspec.backend.class.to_s == "Train::Transports::Local::Connection"
      @host = "localhost"
    end
  end
  @port = opts[:port] || 443
  @timeout = opts[:timeout]
  @retries = opts[:retries]
end

Public Instance Methods

to_s() click to toggle source
# File lib/inspec/resources/ssl.rb, line 79
def to_s
  "SSL/TLS on #{@host}:#{@port}"
end

Private Instance Methods

scan_config() click to toggle source
# File lib/inspec/resources/ssl.rb, line 85
def scan_config
  [
    { "protocol" => "ssl2", "ciphers" => SSLShake::SSLv2::CIPHERS.keys },
    { "protocol" => "ssl3", "ciphers" => SSLShake::TLS::SSL3_CIPHERS.keys },
    { "protocol" => "tls1.0", "ciphers" => SSLShake::TLS::TLS10_CIPHERS.keys },
    { "protocol" => "tls1.1", "ciphers" => SSLShake::TLS::TLS10_CIPHERS.keys },
    { "protocol" => "tls1.2", "ciphers" => SSLShake::TLS::TLS_CIPHERS.keys },
  ].map do |line|
    line["ciphers"].map do |cipher|
      { "protocol" => line["protocol"], "cipher" => cipher }
    end
  end.flatten
end