Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
try: # Let's try to renegotiate
sslConn.do_renegotiate()
clientReneg = True
# Errors caused by a server rejecting the renegotiation
except socket.error as e:
if 'connection was forcibly closed' in str(e.args):
clientReneg = False
elif 'reset by peer' in str(e.args):
clientReneg = False
else:
raise
#except socket.timeout as e:
# result_reneg = 'Rejected (timeout)'
except OpenSSLError as e:
if 'handshake failure' in str(e.args):
clientReneg = False
elif 'no renegotiation' in str(e.args):
clientReneg = False
else:
raise
# Should be last as socket errors are also IOError
except IOError as e:
if 'Nassl SSL handshake failed' in str(e.args):
clientReneg = False
else:
raise
finally:
sslConn.close()
try: # Let's try to renegotiate
sslConn.do_renegotiate()
clientReneg = True
# Errors caused by a server rejecting the renegotiation
except socket.error as e:
if 'connection was forcibly closed' in str(e.args):
clientReneg = False
elif 'reset by peer' in str(e.args):
clientReneg = False
else:
raise
#except socket.timeout as e:
# result_reneg = 'Rejected (timeout)'
except OpenSSLError as e:
if 'handshake failure' in str(e.args):
clientReneg = False
elif 'no renegotiation' in str(e.args):
clientReneg = False
else:
raise
# Should be last as socket errors are also IOError
except IOError as e:
if 'Nassl SSL handshake failed' in str(e.args):
clientReneg = False
else:
raise
finally:
sslConn.close()
return
try:
result = scanner.run_scan_command(server_info, command())
vuln_model = SslVulnerabilityModel.from_database_model(
self.network_service_scan,
test_errored=False,
vuln_test_name=vulnerability_name,
)
vuln_model.test_results = []
for field in command_map[vulnerability_name]["fields"]:
vuln_model.test_results.append({
"key": field,
"value": getattr(result, field),
})
vuln_model.save(org_uuid)
except (socket.error, OpenSSLError):
vuln_model = SslVulnerabilityModel.from_database_model(
self.network_service_scan,
test_errored=True,
)
vuln_model.save(org_uuid)
logger.info(
"Network service %s successfully tested for SSL vulnerability %s."
% (network_service_uuid, vulnerability_name)
)