Clean up spec failures from Results refactoring

lib/ssh_scan/grader.rb

@@ -10,17 +10,14 @@ class Grader
       0..60 => "F",
     }
 
-    def initialize(results)
-      @results = results
+    def initialize(result)
+      @result = result
     end
 
     def grade
       score = 100
 
-      if @results["compliance"] &&
-         @results["compliance"][:recommendations]
-
-        @results["compliance"][:recommendations].each do |recommendation|
+      if @result.compliance_recommendations.each do |recommendation|
           score -= 10
         end
       end

lib/ssh_scan/result.rb

@@ -10,6 +10,7 @@ def initialize()
       @version = SSHScan::VERSION
       @fingerprints = nil
       @duplicate_host_key_ips = Set.new()
+      @compliance = {}
     end
 
     def version
@@ -60,16 +61,8 @@ def banner=(banner)
       @banner = banner
     end
 
-    def ssh_version=(ssh_version)
-      unless ssh_version.is_a?(Float)
-        raise ArgumentError, "Invalid attempt to set ssh_version to a non-port value"
-      end
-
-      @ssh_version = ssh_version
-    end
-
     def ssh_version
-      @ssh_version
+      self.banner.ssh_version
     end
 
     def os_guess_common
@@ -136,10 +129,6 @@ def set_kex_result(kex_result)
       @hex_result_hash = kex_result.to_hash
     end
 
-    def set_auth_methods(auth_methods)
-      @auth_methods = auth_methods
-    end
-
     def set_start_time
       @start_time = Time.now
     end
@@ -192,24 +181,24 @@ def auth_methods()
       @auth_methods || []
     end
 
-    def set_compliance(compliance)
+    def set_compliance=(compliance)
       @compliance = compliance
     end
 
-     def compliance_policy=(policy)
-      @compliance_policy = policy
+    def compliance_policy
+      @compliance[:policy]
     end
 
-    def compliance_policy
-      @compliance_policy
+    def compliant?
+      @compliance[:compliant]
     end
 
-    def compliant=(compliance_status)
-      @compliance_status = compliance_status
+    def compliance_references
+      @compliance[:references]
     end
 
-	  def compliant?
-      @compliance_status
+    def compliance_recommendations
+      @compliance[:recommendations]
     end
 
     def set_client_attributes(client)
@@ -218,22 +207,6 @@ def set_client_attributes(client)
       self.banner = client.banner || SSHScan::Banner.new("")
     end
 
-    def recommendations=(recommendations)
-      @compliance_recommendations = recommendations
-    end
-
-    def references=(references)
-      @compliance_references = references
-    end
-
-    def recommendations
-      @compliance_recommendations	
-    end
-
-    def references
-      @compliance_references
-    end
-
     def error=(error)
       @error = error.to_s
     end
@@ -278,13 +251,7 @@ def to_hash
       	"auth_methods" => self.auth_methods,
         "fingerprints" => self.fingerprints,
         "duplicate_host_key_ips" => self.duplicate_host_key_ips,
-      	"compliance" => {
-      	  "policy" => self.compliance_policy,
-          "compliant" => self.compliant?,
-          "recommendations" => self.recommendations,
-          "references" => self.references,
-          "grade" => self.grade
-      	},
+      	"compliance" => @compliance,
         "start_time" => self.start_time,
         "end_time" => self.end_time,
         "scan_duration_seconds" => self.scan_duration,

lib/ssh_scan/scan_engine.rb

@@ -213,33 +213,24 @@ def scan(opts)
       # Decorate all the results with compliance information
       results.each do |result|
         # Do this only when we have all the information we need
-        if !opts["policy"].nil? &&
-           !result.key_algorithms.empty? &&
-           !result.server_host_key_algorithms.empty? &&
-           !result.encryption_algorithms_client_to_server.empty? &&
-           !result.encryption_algorithms_server_to_client.empty? &&
-           !result.mac_algorithms_client_to_server.empty? &&
-           !result.mac_algorithms_server_to_client.empty? &&
-           !result.compression_algorithms_client_to_server.empty? &&
-           !result.compression_algorithms_server_to_client.empty? &&
-           !result.languages_client_to_server.empty? &&
-           !result.languages_server_to_client.empty?
+        if opts["policy"] &&
+           result.key_algorithms.any? &&
+           result.server_host_key_algorithms.any? &&
+           result.encryption_algorithms_client_to_server.any? &&
+           result.encryption_algorithms_server_to_client.any? &&
+           result.mac_algorithms_client_to_server.any? &&
+           result.mac_algorithms_server_to_client.any? &&
+           result.compression_algorithms_client_to_server.any? &&
+           result.compression_algorithms_server_to_client.any?
 
           policy = SSHScan::Policy.from_file(opts["policy"])
           policy_mgr = SSHScan::PolicyManager.new(result, policy)
-          compliance_results = policy_mgr.compliance_results
-          result.compliance_policy = compliance_results[:policy]
-          result.compliant = compliance_results[:compliant]
-          result.recommendations = compliance_results[:recommendations]
-          result.references = compliance_results[:references]
-        end
-      end
+          result.set_compliance = policy_mgr.compliance_results
 
-      # Decorate complaince results with a grade
-      results.each do |result|
-        if result.compliance_policy
-          grader = SSHScan::Grader.new(result)
-          result.grade = grader.grade
+          if result.compliance_policy
+            grader = SSHScan::Grader.new(result)
+            result.grade = grader.grade
+          end
         end
       end
 

spec/ssh_scan/grader_spec.rb

@@ -4,96 +4,90 @@
 
 describe SSHScan::Grader do
   it "should provide an F grade" do
-    results = {
-      "compliance" => {
-        :policy => "Test Result",
-        :compliant => false,
-        :recommendations => [
-          "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
-          "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
-          "Add these Encryption Ciphers: aes256-gcm@openssh.com,aes128-gcm@openssh.com",
-          "Remove these Key Exchange Algos: diffie-hellman-group14-sha1, diffie-hellman-group1-sha1",
-          "Remove these MAC Algos: hmac-sha1",
-          "Remove these Encryption Ciphers: aes256-cbc, aes192-cbc, aes128-cbc, blowfish-cbc",
-        ]
-      }
+    result = SSHScan::Result.new()
+    result.set_compliance = {
+      :policy => "Test Result",
+      :compliant => false,
+      :recommendations => [
+        "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
+        "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
+        "Add these Encryption Ciphers: aes256-gcm@openssh.com,aes128-gcm@openssh.com",
+        "Remove these Key Exchange Algos: diffie-hellman-group14-sha1, diffie-hellman-group1-sha1",
+        "Remove these MAC Algos: hmac-sha1",
+        "Remove these Encryption Ciphers: aes256-cbc, aes192-cbc, aes128-cbc, blowfish-cbc",
+      ]
     }
-    grader = SSHScan::Grader.new(results)
+    grader = SSHScan::Grader.new(result)
     expect(grader.grade).to eql("F")
   end
 
   it "should provide an F grade" do
-    results = {
-      "compliance" => {
-        :policy => "Test Result",
-        :compliant => false,
-        :recommendations => [
-          "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
-          "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
-          "Add these Encryption Ciphers: aes256-gcm@openssh.com,aes128-gcm@openssh.com",
-          "Remove these Key Exchange Algos: diffie-hellman-group14-sha1, diffie-hellman-group1-sha1",
-        ]
-      }
+    result = SSHScan::Result.new()
+    result.set_compliance = {
+      :policy => "Test Result",
+      :compliant => false,
+      :recommendations => [
+        "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
+        "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
+        "Add these Encryption Ciphers: aes256-gcm@openssh.com,aes128-gcm@openssh.com",
+        "Remove these Key Exchange Algos: diffie-hellman-group14-sha1, diffie-hellman-group1-sha1",
+      ]
     }
-    grader = SSHScan::Grader.new(results)
+    grader = SSHScan::Grader.new(result)
     expect(grader.grade).to eql("F")
   end
 
   it "should provide an D grade" do
-    results = {
-      "compliance" => {
-        :policy => "Test Result",
-        :compliant => false,
-        :recommendations => [
-          "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
-          "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
-          "Add these Encryption Ciphers: aes256-gcm@openssh.com,aes128-gcm@openssh.com",
-        ]
-      }
+    result = SSHScan::Result.new()
+    result.set_compliance = {
+      :policy => "Test Result",
+      :compliant => false,
+      :recommendations => [
+        "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
+        "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
+        "Add these Encryption Ciphers: aes256-gcm@openssh.com,aes128-gcm@openssh.com",
+      ]
     }
-    grader = SSHScan::Grader.new(results)
+    grader = SSHScan::Grader.new(result)
     expect(grader.grade).to eql("D")
   end
 
   it "should provide an C grade" do
-    results = {
-      "compliance" => {
-        :policy => "Test Result",
-        :compliant => false,
-        :recommendations => [
-          "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
-          "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
-        ]
-      }
+    result = SSHScan::Result.new()
+    result.set_compliance = {
+      :policy => "Test Result",
+      :compliant => false,
+      :recommendations => [
+        "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
+        "Add these MAC Algos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com",
+      ]
     }
-    grader = SSHScan::Grader.new(results)
+    grader = SSHScan::Grader.new(result)
     expect(grader.grade).to eql("C")
   end
 
   it "should provide an B grade" do
-    results = {
-      "compliance" => {
-        :policy => "Test Result",
-        :compliant => false,
-        :recommendations => [
-          "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
-        ]
-      }
+    result = SSHScan::Result.new()
+    result.set_compliance = {
+      :policy => "Test Result",
+      :compliant => false,
+      :recommendations => [
+        "Add these Key Exchange Algos: ecdh-sha2-nistp521,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256",
+      ]
     }
-    grader = SSHScan::Grader.new(results)
+    grader = SSHScan::Grader.new(result)
     expect(grader.grade).to eql("B")
   end
 
   it "should provide an A grade" do
-    results = {
-      "compliance" => {
-        :policy => "Test Result",
-        :compliant => false,
-        :recommendations => [
-        ]
-      }
+    result = SSHScan::Result.new()
+    result.set_compliance = {
+      :policy => "Test Result",
+      :compliant => false,
+      :recommendations => [
+      ]
     }
-    grader = SSHScan::Grader.new(results)
+    grader = SSHScan::Grader.new(result)
     expect(grader.grade).to eql("A")
   end
 end