Add 5 attemps on ssh_fp checks for better consistency

mozilla · May 27, 2020 · 2d93284 · 2d93284
1 parent 1fc08e4
commit 2d93284
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 20 deletions.
diff --git a/lib/ssh_scan/ssh_fp.rb b/lib/ssh_scan/ssh_fp.rb
@@ -22,26 +22,36 @@ class SshFp
     def query(fqdn)
       sshfp_records = []
 
-      # Reference: https://stackoverflow.com/questions/28867626/how-to-use-resolvdnsresourcegeneric
-      # Note: this includes some fixes too, I'll post a direct link back to the SO article.
-      Resolv::DNS.open do |dns|
-         all_records = dns.getresources(fqdn, Resolv::DNS::Resource::IN::ANY ) rescue nil
-         all_records.each do |rr|
-            if rr.is_a? Resolv::DNS::Resource::Generic then
-               classname = rr.class.name.split('::').last
-               if classname == "Type44_Class1"
-                 data = rr.data.bytes
-                 algo = data[0].to_s
-                 fptype = data[1].to_s
-                 fp = data[2..-1]
-                 hex = fp.map{|b| b.to_s(16).rjust(2,'0') }.join(':')
-                 sshfp_records << {"fptype" => FPTYPE_MAP[fptype.to_i], "algo" => ALGO_MAP[algo.to_i], "hex" => hex}
-               end
-            end
-         end
-      end
-
-      return sshfp_records.sort_by { |k| k["hex"] }
+      # try up to 3 times to resolve ssh_fp's
+      5.times do
+
+        # Reference: https://stackoverflow.com/questions/28867626/how-to-use-resolvdnsresourcegeneric
+        # Note: this includes some fixes too, I'll post a direct link back to the SO article.
+        Resolv::DNS.open do |dns|
+           all_records = dns.getresources(fqdn, Resolv::DNS::Resource::IN::ANY ) rescue nil
+           all_records.each do |rr|
+              if rr.is_a? Resolv::DNS::Resource::Generic then
+                 classname = rr.class.name.split('::').last
+                 if classname == "Type44_Class1"
+                   data = rr.data.bytes
+                   algo = data[0].to_s
+                   fptype = data[1].to_s
+                   fp = data[2..-1]
+                   hex = fp.map{|b| b.to_s(16).rjust(2,'0') }.join(':')
+                   sshfp_records << {"fptype" => FPTYPE_MAP[fptype.to_i], "algo" => ALGO_MAP[algo.to_i], "hex" => hex}
+                 end
+              end
+           end
+        end
+
+        if sshfp_records.any?
+          return sshfp_records.sort_by { |k| k["hex"] }
+        end
+
+        sleep 0.5
+      end 
+
+      return sshfp_records
     end
   end
 end
diff --git a/spec/ssh_scan/ssh_fp_spec.rb b/spec/ssh_scan/ssh_fp_spec.rb
@@ -7,6 +7,7 @@
     it "should query the record and return fptype, algo, and hex" do
       fqdn = "myserverplace.de"
       sshfp = SSHScan::SshFp.new()
+
       expect(sshfp.query(fqdn)).to eq(
         [
           { "algo"=>"ed25519",