Appendix: Writing Your Own Plugins¶
Things that SSLyze can scan for are implemented using a plugin system. If you want to create a new plugin, the easiest way to get started is to review a simple existing plugin such as the CompressionPlugin in sslyze.plugins.compression_plugin.
High Level Overview¶
A plugin is made of one Plugin subclass and one or multiple subclasses of PluginScanCommand and PluginScanResult. The Plugin receives a PluginScanCommand, performs the corresponding scan, and returns a PluginScanResult.
For the Plugin to be discovered by SSLyze, it needs to be added to sslyze.plugins.plugin_repository.
Core parent classes¶
-
class
sslyze.plugins.plugin_base.
Plugin
¶ Abstract class to represent one plugin which can implement one multiple PluginScanCommand and PluginScanResult.
-
process_task
(server_info, scan_command)¶ Should run the supplied scan command on the server and return the result.
Parameters: - server_info (
ServerConnectivityInfo
) – The server to run the scan command on. - scan_command (
PluginScanCommand
) – The scan command.
Return type: Returns: The result of the scan command run on the supplied server.
- server_info (
-
-
class
sslyze.plugins.plugin_base.
PluginScanCommand
¶ Abstract class to represent one specific thing a Plugin can scan for.
-
__init__
()¶ Optional arguments for a command can be passed as keyword arguments here.
Return type: None
-
classmethod
get_cli_argument
()¶ Should return the command line option to be used to run the scan command via the CLI.
Return type: str
-
classmethod
is_aggressive
()¶ Should return True if command will open many simultaneous connections to the server.
When using the ConcurrentScanner to run scan commands, only one aggressive command will be run concurrently per server, to avoid DOS-ing the server.
Return type: bool
-
-
class
sslyze.plugins.plugin_base.
PluginScanResult
(server_info, scan_command) Abstract class to represent the result of running a specific PluginScanCommand against a server .
-
server_info
¶ The server against which the command was run.
Type: ServerConnectivityInfo
-
scan_command
¶ The scan command that was run against the server.
Type: PluginScanCommand
-
__init__
(server_info, scan_command) Initialize self. See help(type(self)) for accurate signature.
Return type: None
-
as_xml
() Should return the XML output to be returned by the CLI tool when –xml_out is used.
Return type: Element
-
as_text
() Should return the text output to be displayed in the console by the CLI tool.
Return type: List
[str
]
-