Land rapid7#5265, handle SSL being disabled in the SSL version scanner

Brent Cook · Brent Cook · commit cc47f8f6e853 · 2015-04-29T12:34:55.000-05:00
diff --git a/modules/auxiliary/scanner/http/ssl_version.rb b/modules/auxiliary/scanner/http/ssl_version.rb
@@ -52,24 +52,20 @@ def initialize
   # Fingerprint a single host
   def run_host(ip)
     begin
-      connect
       res = send_request_raw({ 'uri' => '/', 'method' => 'GET' })
       fp = http_fingerprint(:response => res)
       if fp
         vprint_status("#{peer} connected and fingerprinted: #{fp}")
         # TODO: Interrogate the connection itself to see what version
         # was used. Where that actually lives is eluding me. :/
-        if datastore['SSLVersion'] == 'SSL3'
+        if datastore['SSL'] && datastore['SSLVersion'] == 'SSL3'
           print_good("#{peer} accepts SSLv3")
           report_poodle_vuln(ip)
         end
       end
     rescue ::OpenSSL::SSL::SSLError => e
       ssl_version = e.message.match(/ state=([^\s]+)/)[1]
       vprint_status("#{peer} does not accept #{ssl_version}")
-    rescue ::Timeout::Error, ::Errno::EPIPE
-    ensure
-      disconnect
     end
   end
 
