protected async Task EvaluateMxRecordProfile(MxRecordTlsProfile mxRecordTlsProfile)
{
if (mxRecordTlsProfile.MxHostname == null)
{
await _tlsRecordDao.SaveTlsEvaluatorResults(mxRecordTlsProfile, EvaluatorResults.EmptyResults);
_log.Debug(
$"MX record with ID {mxRecordTlsProfile.MxRecordId} has no hostname, saving null results.");
}
else
{
string failedConnectionErrors = mxRecordTlsProfile.ConnectionResults.GetFailedConnectionErrors();
if (string.IsNullOrWhiteSpace(failedConnectionErrors))
{
var tlsEvaluatorResults = _mxSecurityEvaluator.Evaluate(mxRecordTlsProfile.ConnectionResults);
await _tlsRecordDao.SaveTlsEvaluatorResults(mxRecordTlsProfile, tlsEvaluatorResults);
_log.Debug(
$"Evaluated TLS connection results for MX record with ID {mxRecordTlsProfile.MxRecordId}.");
}
else
{
await _tlsRecordDao.SaveTlsEvaluatorResults(mxRecordTlsProfile,
EvaluatorResults.GetConnectionFailedResults(failedConnectionErrors));
_log.Debug(
$"MX record with ID {mxRecordTlsProfile.MxRecordId} TLS connection failed, saving single inconclusive result.");
}
}
}
protected Task EvaluateMxRecordProfile(MxRecordTlsProfile mxRecordTlsProfile)
{
if (mxRecordTlsProfile.MxHostname == null)
{
_log.Debug($"No hostname for MX record with ID {mxRecordTlsProfile.MxRecordId}.");
return(_tlsRecordDao.SaveTlsEvaluatorResults(mxRecordTlsProfile, EvaluatorResults.EmptyResults));
}
if (mxRecordTlsProfile.ConnectionResults.HasFailedConnection())
{
_log.Debug($"TLS connection failed for host {mxRecordTlsProfile.MxHostname}");
string failedConnectionErrors = mxRecordTlsProfile.ConnectionResults.GetFailedConnectionErrors();
return(_tlsRecordDao.SaveTlsEvaluatorResults(mxRecordTlsProfile,
EvaluatorResults.GetConnectionFailedResults(failedConnectionErrors)));
}
if (mxRecordTlsProfile.ConnectionResults.HostNotFound())
{
_log.Debug($"Host not found for {mxRecordTlsProfile.MxHostname}");
return(_tlsRecordDao.SaveTlsEvaluatorResults(mxRecordTlsProfile,
EvaluatorResults.GetHostNotFoundResults(mxRecordTlsProfile.MxHostname)));
}
_log.Debug($"Evaluating TLS connection results for {mxRecordTlsProfile.MxHostname}.");
return(_tlsRecordDao.SaveTlsEvaluatorResults(mxRecordTlsProfile,
_mxSecurityEvaluator.Evaluate(mxRecordTlsProfile.ConnectionResults)));
}
protected async Task <TlsResultsEvaluated> EvaluateMxRecordProfile(TlsTestResults tlsTestResults)
{
List <BouncyCastleTlsTestResult> bouncyCastleTlsTestResults = new List <BouncyCastleTlsTestResult> {
tlsTestResults.Ssl3FailsWithBadCipherSuite,
tlsTestResults.Tls10AvailableWithBestCipherSuiteSelected,
tlsTestResults.Tls10AvailableWithWeakCipherSuiteNotSelected,
tlsTestResults.Tls11AvailableWithBestCipherSuiteSelected,
tlsTestResults.Tls11AvailableWithWeakCipherSuiteNotSelected,
tlsTestResults.Tls12AvailableWithBestCipherSuiteSelected,
tlsTestResults.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList,
tlsTestResults.Tls12AvailableWithSha2HashFunctionSelected,
tlsTestResults.Tls12AvailableWithWeakCipherSuiteNotSelected,
tlsTestResults.TlsSecureDiffieHellmanGroupSelected,
tlsTestResults.TlsSecureEllipticCurveSelected,
tlsTestResults.TlsWeakCipherSuitesRejected
};
bool hasFailedConnection = bouncyCastleTlsTestResults.All(_ =>
_.TlsError == TlsError.SESSION_INITIALIZATION_FAILED ||
_.TlsError == TlsError.TCP_CONNECTION_FAILED);
if (hasFailedConnection)
{
_log.LogDebug($"TLS connection failed for host {tlsTestResults.Id}");
string failedConnectionErrors = string.Join(", ", bouncyCastleTlsTestResults
.Select(_ => _.ErrorDescription)
.Distinct()
.ToList());
return(GetConnectionFailedResults(tlsTestResults.Id, failedConnectionErrors, tlsTestResults.ToTlsResult()));
}
bool hostNotFound = bouncyCastleTlsTestResults.All(_ => _.TlsError == TlsError.HOST_NOT_FOUND);
if (hostNotFound)
{
_log.LogDebug($"Host not found for {tlsTestResults.Id}");
return(GetHostNotFoundResults(tlsTestResults.Id, tlsTestResults.ToTlsResult()));
}
_log.LogDebug($"Evaluating TLS connection results for {tlsTestResults.Id}.");
TlsResultsEvaluated tlsEvaluatedResults = await _mxSecurityEvaluator.Evaluate(tlsTestResults);
return(tlsEvaluatedResults);
}
