update sslyze fork, set correct ehlo name

sslyze now has https://github.com/mxsasha/sslyze/blob/6.0.0%2Binternetnl3/cc408213239386c00cb9a63aa654cc96f9664c4c fix
internetstandards · Aug 28, 2024 · 9f3a295 · 9f3a295
1 parent e983c31
commit 9f3a295
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/checks/tasks/tls/scans.py b/checks/tasks/tls/scans.py
@@ -480,6 +480,7 @@ def check_mail_tls_multiple(server_tuples, task) -> Dict[str, Dict[str, Any]]:
         network_configuration = ServerNetworkConfiguration(
             tls_server_name_indication=server,
             tls_opportunistic_encryption=ProtocolWithOpportunisticTlsEnum.SMTP,
+            smtp_ehlo_hostname=settings.SMTP_EHLO_DOMAIN,
         )
         supported_tls_versions = check_supported_tls_versions(
             ServerConnectivityInfo(
@@ -515,7 +516,7 @@ def check_mail_tls_multiple(server_tuples, task) -> Dict[str, Dict[str, Any]]:
             )
     except TLSException as exc:
         log.info(f"sslyze scan for mail failed: {exc}")
-        # TODO: fix this
+        # TODO: fix this and refine it to apply to specific server
         return dict(server_reachable=False, tls_enabled=False)
     return results
 

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -67,7 +67,7 @@ COPY requirements.txt /src/requirements.txt
 WORKDIR /src
 
 RUN pip3 install -r requirements.txt
-RUN pip3 install --no-deps https://github.com/mxsasha/sslyze/archive/refs/tags/6.0.0+internetnl2.tar.gz
+RUN pip3 install --no-deps https://github.com/mxsasha/sslyze/archive/refs/tags/6.0.0+internetnl3.tar.gz
 
 # stage with app dependencies and lint/test depencencies
 FROM --platform=linux/amd64 build-app-deps as linttest-deps