diff --git a/nogotofail/mitm/connection/handlers/data/ssl.py b/nogotofail/mitm/connection/handlers/data/ssl.py index cc07cbbe..7e93448e 100644 --- a/nogotofail/mitm/connection/handlers/data/ssl.py +++ b/nogotofail/mitm/connection/handlers/data/ssl.py @@ -126,7 +126,6 @@ def on_response(self, response): if (isinstance(message, tls.types.HandshakeMessage) and message.type == HandshakeMessage.TYPE.CERTIFICATE): certificate = message.obj - if certificate.certificates: # Check leaf certificate in chain for SHA-1 sunset issue crt_byte_string = certificate.certificates[0] @@ -135,16 +134,12 @@ def on_response(self, response): crt_signature_algorithm = \ a_certificate.get_signature_algorithm() if ("sha1" in crt_signature_algorithm): - crt_CN = \ - str(a_certificate.get_subject().CN or "") - crt_not_before = \ - str(a_certificate.get_notBefore() or "") - crt_not_after = \ - str(a_certificate.get_notAfter() or "") + crt_CN = str(a_certificate.get_subject().CN or "") + crt_not_before = str(a_certificate.get_notBefore() or "") + crt_not_after = str(a_certificate.get_notAfter() or "") debug_message = \ ["Certicate using SHA-1 with attributes - CN \"", - self._str_trans(crt_CN), - "\", notBefore \"", crt_not_before, + crt_CN, "\", notBefore \"", crt_not_before, "\", notAfter \"", crt_not_after, "\", signature_algorithm \"", crt_signature_algorithm, "\""] @@ -152,7 +147,6 @@ def on_response(self, response): crt_not_after = datetime.strptime(crt_not_after, CRT_DATE_FORMAT) self._alert_on_sunset_sha1(crt_not_after, crt_CN) - count += 1 index += size except ValueError: # Failed to parse TLS, this is probably due to a short read of a TLS @@ -200,8 +194,3 @@ def _alert_on_sunset_sha1(self, crt_not_after, crt_CN): self.log_event(logging.WARNING, connection.AttackEvent( self.connection, self.name, True, "")) self.connection.vuln_notify(util.vuln.VULN_SUNSET_SHA1) - - def _str_trans(self, s): - """ Converts objects to strings, and "None" objects to empty strings. - """ - return '' if s is None else str(s)