Sign upLogin

tlsfuzzer/tlslite-ng

View on GitHub
Star

Showing 1,708 of 1,708 total issues

Similar blocks of code found in 2 locations. Consider refactoring.
Open

        if cipherSuite in CipherSuite.certAllSuites or \
                cipherSuite in CipherSuite.ecdheEcdsaSuites or \
                cipherSuite in CipherSuite.dheDsaSuites:
            for result in self._getMsg(ContentType.handshake,
                                       HandshakeType.certificate,
Severity: Major
Found in tlslite/tlsconnection.py and 1 other location - About 1 hr to fix
tlslite/tlsconnection.py on lines 1745..1752

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 44.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    def a2b_base64(s):
        try:
            b = bytearray(binascii.a2b_base64(s))
        except Exception as e:
            raise SyntaxError("base64 error: %s" % e)
Severity: Major
Found in tlslite/utils/compat.py and 1 other location - About 1 hr to fix
tlslite/utils/compat.py on lines 159..164

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 44.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

        if cipherSuite not in CipherSuite.certSuites:
            for result in self._getMsg(ContentType.handshake,
                                       HandshakeType.server_key_exchange,
                                       cipherSuite):
                if result in (0, 1):
Severity: Major
Found in tlslite/tlsconnection.py and 1 other location - About 1 hr to fix
tlslite/tlsconnection.py on lines 1732..1741

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 44.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    def parse(self, parser):
        """Parse the extension from on the wire format

        :param Parser p: parser with data
        """
Severity: Major
Found in tlslite/extensions.py and 1 other location - About 1 hr to fix
tlslite/extensions.py on lines 1813..1818

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 43.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    def parse(self, parser):
        """Deserialise the extension from on the wire data."""
        # the generic class allows for missing values, it's not allowed here
        if not parser.getRemainingLength():
            raise DecodeError("Empty extension payload")
Severity: Major
Found in tlslite/extensions.py and 1 other location - About 1 hr to fix
tlslite/extensions.py on lines 998..1006

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 43.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    @property
    def srp_username(self):
        """
        Return username for the SRP.
Severity: Major
Found in tlslite/messages.py and 1 other location - About 1 hr to fix
tlslite/messages.py on lines 854..866

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 43.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    @property
    def next_protos(self):
        """
        Return the advertised protocols in NPN extension.
Severity: Major
Found in tlslite/messages.py and 1 other location - About 1 hr to fix
tlslite/messages.py on lines 424..437

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 43.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Function __init__ has 9 arguments (exceeds 4 allowed). Consider refactoring.
Open

    def __init__(self, n=0, e=0, d=0, p=0, q=0, dP=0, dQ=0, qInv=0,
Severity: Major
Found in tlslite/utils/python_rsakey.py - About 1 hr to fix

    Function __init__ has 9 arguments (exceeds 4 allowed). Consider refactoring.
    Open

            def __init__(self, n=0, e=0, d=0, p=0, q=0, dP=0, dQ=0, qInv=0,
    Severity: Major
    Found in tlslite/utils/pycrypto_rsakey.py - About 1 hr to fix

      Function _clientKeyExchange has 9 arguments (exceeds 4 allowed). Consider refactoring.
      Open

          def _clientKeyExchange(self, settings, cipherSuite,
      Severity: Major
      Found in tlslite/tlsconnection.py - About 1 hr to fix

        Function _serverCertKeyExchange has 9 arguments (exceeds 4 allowed). Consider refactoring.
        Open

            def _serverCertKeyExchange(self, clientHello, serverHello, sigHashAlg,
        Severity: Major
        Found in tlslite/tlsconnection.py - About 1 hr to fix

          Function create has 9 arguments (exceeds 4 allowed). Consider refactoring.
          Open

              def create(self, master_secret, protocol_version, cipher_suite,
          Severity: Major
          Found in tlslite/messages.py - About 1 hr to fix

            Function _serverTLS13Handshake has 9 arguments (exceeds 4 allowed). Consider refactoring.
            Open

                def _serverTLS13Handshake(self, settings, clientHello, cipherSuite,
            Severity: Major
            Found in tlslite/tlsconnection.py - About 1 hr to fix

              Function __init__ has 9 arguments (exceeds 4 allowed). Consider refactoring.
              Open

                  def __init__(self, host, port = POP3_SSL_PORT,
              Severity: Major
              Found in tlslite/integration/pop3_tls.py - About 1 hr to fix

                Function _handshakeClientAsyncHelper has 9 arguments (exceeds 4 allowed). Consider refactoring.
                Open

                    def _handshakeClientAsyncHelper(self, srpParams, certParams, anonParams,
                Severity: Major
                Found in tlslite/tlsconnection.py - About 1 hr to fix

                  Function _serverFinished has 9 arguments (exceeds 4 allowed). Consider refactoring.
                  Open

                      def _serverFinished(self, premasterSecret, clientRandom, serverRandom,
                  Severity: Major
                  Found in tlslite/tlsconnection.py - About 1 hr to fix

                    Function __string_to_bitlist has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
                    Open

                        def __string_to_bitlist(self, data):
        """Turn the string data into a list of bits (1, 0)'s."""

        if PY_VER < (3, ):
            # Turn the strings into integers. Python 3 uses a bytes
                    Severity: Minor
                    Found in tlslite/utils/python_tripledes.py - About 1 hr to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function write has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
                    Open

                            def write(self, password=None):
            bio = m2.bio_new(m2.bio_s_mem())
            if self._hasPrivateKey:
                if password:
                    def f(v): return password
                    Severity: Minor
                    Found in tlslite/utils/openssl_rsakey.py - About 1 hr to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function _sendMsg has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
                    Open

                        def _sendMsg(self, msg, randomizeFirstBlock=True, update_hashes=True):
        """Fragment and send message through socket"""
        #Whenever we're connected and asked to send an app data message,
        #we first send the first byte of the message.  This prevents
        #an attacker from launching a chosen-plaintext attack based on
                    Severity: Minor
                    Found in tlslite/tlsrecordlayer.py - About 1 hr to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function transformDictionaryWord has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
                    Open

                        def transformDictionaryWord(dst, idx, word, length, transform):
        prefix = kTransforms[transform].prefix
        suffix = kTransforms[transform].suffix
        t = kTransforms[transform].transform
        skip = t < (0 if kOmitFirst1 else (t - (kOmitFirst1 - 1)))
                    Severity: Minor
                    Found in tlslite/utils/brotlidecpy/transform.py - About 1 hr to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Severity
                    Category
                    Status
                    Source
                    Language