(out: OutputBuffer, aconf: AuditConf, banner: Optional['Banner'], client_host: Optional[str], kex: Optional['SSH2_Kex'] = None)
| 664 | |
| 665 | |
| 666 | def evaluate_policy(out: OutputBuffer, aconf: AuditConf, banner: Optional['Banner'], client_host: Optional[str], kex: Optional['SSH2_Kex'] = None) -> bool: |
| 667 | |
| 668 | if aconf.policy is None: |
| 669 | raise RuntimeError('Internal error: cannot evaluate against null Policy!') |
| 670 | |
| 671 | passed, error_struct, error_str = aconf.policy.evaluate(banner, kex) |
| 672 | if aconf.json: |
| 673 | warnings: List[str] = [] |
| 674 | if aconf.policy.is_outdated_builtin_policy(): |
| 675 | warnings.append("A newer version of this built-in policy is available.") |
| 676 | |
| 677 | json_struct = {'host': aconf.host, 'port': aconf.port, 'policy': aconf.policy.get_name_and_version(), 'passed': passed, 'errors': error_struct, 'warnings': warnings} |
| 678 | |
| 679 | out.info(json.dumps(json_struct, indent=4 if aconf.json_print_indent else None, sort_keys=True)) |
| 680 | else: |
| 681 | spacing = '' |
| 682 | if aconf.client_audit: |
| 683 | out.info("Client IP: %s" % client_host) |
| 684 | spacing = " " # So the fields below line up with 'Client IP: '. |
| 685 | else: |
| 686 | host = aconf.host |
| 687 | if aconf.port != 22: |
| 688 | # Check if this is an IPv6 address, as that is printed in a different format. |
| 689 | if Utils.is_ipv6_address(aconf.host): |
| 690 | host = '[%s]:%d' % (aconf.host, aconf.port) |
| 691 | else: |
| 692 | host = '%s:%d' % (aconf.host, aconf.port) |
| 693 | |
| 694 | out.info("Host: %s" % host) |
| 695 | out.info("Policy: %s%s" % (spacing, aconf.policy.get_name_and_version())) |
| 696 | out.info("Result: %s" % spacing, line_ended=False) |
| 697 | |
| 698 | # Use these nice unicode characters in the result message, unless we're on Windows (the cmd.exe terminal doesn't display them properly). |
| 699 | icon_good = "✔ " |
| 700 | icon_fail = "❌ " |
| 701 | if Utils.is_windows(): |
| 702 | icon_good = "" |
| 703 | icon_fail = "" |
| 704 | |
| 705 | if passed: |
| 706 | out.good("%sPassed" % icon_good) |
| 707 | else: |
| 708 | out.fail("%sFailed!" % icon_fail) |
| 709 | out.warn("\nErrors:\n%s" % error_str) |
| 710 | |
| 711 | # If the user selected an out-dated built-in policy then issue a warning. |
| 712 | if aconf.policy.is_outdated_builtin_policy(): |
| 713 | out.warn("Note: A newer version of this built-in policy is available. Use the -L option to view all available versions.") |
| 714 | |
| 715 | return passed |
| 716 | |
| 717 | |
| 718 | def get_algorithm_recommendations(algs: Optional[Algorithms], algorithm_recommendation_suppress_list: Optional[List[str]], software: Optional[Software], for_server: bool = True) -> Dict[str, Any]: |
no test coverage detected