mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-12-22 22:15:22 +01:00
Rolled back Windows multithreading crash fix, as upgrading from Python v3.9 to v3.11 may have fixed the root cause. (#152)
This commit is contained in:
parent
1eab4ab0e6
commit
0074fcc1af
@ -189,7 +189,6 @@ For convenience, a web front-end on top of the command-line tool is available at
|
|||||||
- JSON output now includes recommendations and CVE data.
|
- JSON output now includes recommendations and CVE data.
|
||||||
- Mixed host key/CA key types (i.e.: RSA host keys signed with ED25519 CAs, etc.) are now properly handled.
|
- Mixed host key/CA key types (i.e.: RSA host keys signed with ED25519 CAs, etc.) are now properly handled.
|
||||||
- Warnings are now printed for 2048-bit moduli.
|
- Warnings are now printed for 2048-bit moduli.
|
||||||
- Fixed Windows-specific crash when multiple threads were used.
|
|
||||||
- SHA-1 algorithms now cause failures.
|
- SHA-1 algorithms now cause failures.
|
||||||
- CBC mode ciphers are now warnings instead of failures.
|
- CBC mode ciphers are now warnings instead of failures.
|
||||||
- Generic failure/warning messages replaced with more specific reasons (i.e.: 'using weak cipher' => 'using broken RC4 cipher').
|
- Generic failure/warning messages replaced with more specific reasons (i.e.: 'using weak cipher' => 'using broken RC4 cipher').
|
||||||
|
@ -49,8 +49,8 @@ if [[ "$(python -V)" != "Python 3."* ]]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Install/update package dependencies.
|
# Install/update package dependencies.
|
||||||
echo "Installing/updating pyinstaller, colorama, and idna packages..."
|
echo "Installing/updating pyinstaller and colorama packages..."
|
||||||
pip install -U pyinstaller colorama idna
|
pip install -U pyinstaller colorama
|
||||||
echo
|
echo
|
||||||
|
|
||||||
# Prompt for the version to release.
|
# Prompt for the version to release.
|
||||||
|
@ -62,7 +62,7 @@ from ssh_audit.utils import Utils
|
|||||||
from ssh_audit.versionvulnerabilitydb import VersionVulnerabilityDB
|
from ssh_audit.versionvulnerabilitydb import VersionVulnerabilityDB
|
||||||
|
|
||||||
|
|
||||||
no_idna_workaround = False
|
# no_idna_workaround = False
|
||||||
|
|
||||||
# Only import colorama under Windows. Other OSes can natively handle terminal colors.
|
# Only import colorama under Windows. Other OSes can natively handle terminal colors.
|
||||||
if sys.platform == 'win32':
|
if sys.platform == 'win32':
|
||||||
@ -73,12 +73,12 @@ if sys.platform == 'win32':
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
# This is a workaround for a Python bug that causes a crash on Windows when multiple threads are used (see https://github.com/python/cpython/issues/73474). Importing the idna module and using it in a no-op seems to fix the issue. Otherwise, if idna isn't available at run-time, force single threaded scans.
|
# This is a workaround for a Python bug that causes a crash on Windows when multiple threads are used (see https://github.com/python/cpython/issues/73474). Importing the idna module and using it in a no-op seems to fix the issue. Otherwise, if idna isn't available at run-time, force single threaded scans.
|
||||||
try:
|
# try:
|
||||||
import idna # noqa: F401
|
# import idna # noqa: F401
|
||||||
|
#
|
||||||
''.encode('idna')
|
# ''.encode('idna')
|
||||||
except ImportError:
|
# except ImportError:
|
||||||
no_idna_workaround = True
|
# no_idna_workaround = True
|
||||||
|
|
||||||
|
|
||||||
def usage(uout: OutputBuffer, err: Optional[str] = None) -> None:
|
def usage(uout: OutputBuffer, err: Optional[str] = None) -> None:
|
||||||
@ -766,13 +766,13 @@ def process_commandline(out: OutputBuffer, args: List[str], usage_cb: Callable[.
|
|||||||
aconf.target_file = a
|
aconf.target_file = a
|
||||||
|
|
||||||
# If we're on Windows, and we can't use the idna workaround, force only one thread to be used (otherwise a crash would occur).
|
# If we're on Windows, and we can't use the idna workaround, force only one thread to be used (otherwise a crash would occur).
|
||||||
if no_idna_workaround:
|
# if no_idna_workaround:
|
||||||
print("\nWARNING: the idna module was not found on this system, thus only single-threaded scanning will be done (this is a workaround for this Windows-specific crash: https://github.com/python/cpython/issues/73474). Multi-threaded scanning can be enabled by installing the idna module (pip install idna).\n")
|
# print("\nWARNING: the idna module was not found on this system, thus only single-threaded scanning will be done (this is a workaround for this Windows-specific crash: https://github.com/python/cpython/issues/73474). Multi-threaded scanning can be enabled by installing the idna module (pip install idna).\n")
|
||||||
aconf.threads = 1
|
# aconf.threads = 1
|
||||||
elif o == '--threads':
|
elif o == '--threads':
|
||||||
aconf.threads = int(a)
|
aconf.threads = int(a)
|
||||||
if no_idna_workaround:
|
# if no_idna_workaround:
|
||||||
aconf.threads = 1
|
# aconf.threads = 1
|
||||||
elif o in ('-L', '--list-policies'):
|
elif o in ('-L', '--list-policies'):
|
||||||
aconf.list_policies = True
|
aconf.list_policies = True
|
||||||
elif o == '--lookup':
|
elif o == '--lookup':
|
||||||
|
Loading…
Reference in New Issue
Block a user