5 years ago · 02e6367d17
--- a/app/assets/javascripts/ssh.coffee.erb
+++ b/app/assets/javascripts/ssh.coffee.erb
@@ -0,0 +1,16 @@
 $ ->
 	ssh_submit = ->
 		host = $('#ssh_check_host').val()
 		port = $('#ssh_check_port').val()
 		port = 22 if port == ''
 		window.location.href = "<%= Rails.configuration.relative_url_root %>/ssh/#{host}:#{port}"

 	$('#ssh_check_host').keypress (e) ->
 		ssh_submit() if e.which == 13
 		return
 	$('#ssh_check_port').keypress (e) ->
 		ssh_submit() if e.which == 13
 		return
 	$('#ssh_check_submit').click ->
 		ssh_submit()
 		return
--- a/app/assets/stylesheets/ssh.scss
+++ b/app/assets/stylesheets/ssh.scss
@@ -0,0 +1,3 @@
 // Place all the styles related to the ssh controller here.
 // They will automatically be included in application.css.
 // You can use Sass (SCSS) here: http://sass-lang.com/
--- a/app/controllers/check_controller.rb
+++ b/app/controllers/check_controller.rb
@@ -1,5 +1,6 @@
 class CheckController < ApplicationController
 	before_action :check_host
 	helper_method :tls_type, :type

 	def check_host
 		@host = params[:id]
--- a/app/controllers/https_controller.rb
+++ b/app/controllers/https_controller.rb
@@ -7,4 +7,8 @@ class HttpsController < CheckController
 	def worker
 		HTTPSWorker
 	end

 	def tls_type
 		'HTTPS'
 	end
 end
--- a/app/controllers/smtp_controller.rb
+++ b/app/controllers/smtp_controller.rb
@@ -7,4 +7,8 @@ class SmtpController < CheckController
 	def worker
 		SMTPWorker
 	end

 	def tls_type
 		'STARTTLS'
 	end
 end
--- a/app/controllers/ssh_controller.rb
+++ b/app/controllers/ssh_controller.rb
@@ -0,0 +1,43 @@
 class SshController < ApplicationController
 	before_action :check_host, except: %i(index)

 	def check_host
 		@host, @port = params[:id].split ':'
 		@idn         = SimpleIDN.to_ascii @host
 		if /[^a-zA-Z0-9.-]/.match @idn
 			flash[:danger] = "Hôte #{@host} invalide"
 			redirect_to :index
 			return false
 		end
 		@host   = "#{@idn}:#{@port}"
 		@result = Datastore.host :ssh, @host
 	end

 	def index
 	end

 	def show
 		enqueue_host unless @result
 		return render :processing if @result.pending
 		return render :no_ssh if @result.no_ssh
 	end

 	def refresh
 		unless @result.pending
 			refresh_allowed = @result.date + Rails.configuration.refresh_delay
 			if Time.now < refresh_allowed
 				flash[:warning] = "Merci d’attendre au moins #{l refresh_allowed} pour rafraîchir"
 				return redirect_to result_path @host
 			end
 			enqueue_host
 		end
 		redirect_to action: :show
 	end

 	protected
 	def enqueue_host
 		Datastore.pending :ssh, @host
 		SSHWorker.perform_async @idn, @port
 		@result = OpenStruct.new pending: true, date: Time.now
 	end
 end
--- a/app/controllers/xmpp_controller.rb
+++ b/app/controllers/xmpp_controller.rb
@@ -7,4 +7,8 @@ class XmppController < CheckController
 	def worker
 		XMPPWorker
 	end

 	def tls_type
 		'STARTTLS'
 	end
 end
--- a/app/helpers/site_helper.rb
+++ b/app/helpers/site_helper.rb
@@ -96,7 +96,7 @@ module SiteHelper
 			when Hashie::Mash
 				{ success: %i(pfs),
 				  warning: %i(des3 sha1),
 				  danger: %i(md5 psk srp anonymous null export des rc2 rc4)
 				  danger: %i(dss md5 psk srp anonymous null export des rc2 rc4)
 				}.collect do |c, ts|
 					ts.select { |t| CryptCheck::Tls::Cipher.send "#{t}?", cipher.name }.collect { |t| [c, t] }
 				end
--- a/app/helpers/ssh_helper.rb
+++ b/app/helpers/ssh_helper.rb
@@ -0,0 +1,28 @@
 module SshHelper
 	COLORS = { green: :success, yellow: :warning, red: :danger, nil => :default  }

 	def kex_label(key)
 		label key, COLORS[CryptCheck::Ssh::Server::KEX[key]]
 	end

 	def cipher_label(cipher)
 		label cipher, COLORS[CryptCheck::Ssh::Server::ENCRYPTION[cipher]]
 	end

 	def hmac_label(hmac)
 		label hmac, COLORS[CryptCheck::Ssh::Server::HMAC[hmac]]
 	end

 	def compression_label(compression)
 		label compression, COLORS[CryptCheck::Ssh::Server::COMPRESSION[compression]]
 	end

 	def key_label(key)
 		label key, COLORS[CryptCheck::Ssh::Server::KEY[key]]
 	end

 	private
 	def label(name, color)
 		"<span class=\"label label-#{color}\">&nbsp;</span>&nbsp;#{name}".html_safe
 	end
 end
--- a/app/views/application/_headers.erb
+++ b/app/views/application/_headers.erb
@@ -2,13 +2,15 @@
 	<nav class="navbar navbar-inverse navbar-fixed-top">
 		<div class="container">
 			<div class="navbar-header">
 				<%= link_to 'CryptCheck', root_path, class: %i(navbar-brand) %>
 				<span class="navbar-brand">CryptCheck</span>
 			</div>
 			<ul class="nav navbar-nav">
 				<li><%= link_to 'Ciphers', ciphers_path %></li>
 				<li><%= link_to 'HTTPS / SMTP / XMPP', root_path %></li>
 				<li><%= link_to 'SSH', ssh_path %></li>
 			</ul>
 			<!--
 			<ul class="nav navbar-nav navbar-right">
 				<li><%= link_to 'Ciphers', ciphers_path %></li>
 				<!--
 				<li class="dropdown">
 					<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
 						Hall of f/sh·ame
@@ -24,8 +26,8 @@
 						<li><a href="#">US gov</a></li>
 					</ul>
 				</li>
 				-->
 			</ul>
 			-->
 		</div>
 	</nav>
 </header>
--- a/app/views/check/no_tls.html.erb
+++ b/app/views/check/no_tls.html.erb
@@ -2,8 +2,11 @@
 	<div class="row">
 		<div class="col-sm-8 col-sm-offset-2">
 			<h1>
 				<%= @host %> ne supporte pas HTTPS
 				[<%= self.type.to_s.upcase %>] <%= @host %> ne supporte pas <%= self.tls_type %>
 			</h1>
 			<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
 			<%= link_to 'Rafraîchir', {action: :refresh}, class: %i(btn btn-default pull-right) %>
 			<% end %>
 		</div>
 	</div>
 </div>
--- a/app/views/check/processing.html.erb
+++ b/app/views/check/processing.html.erb
@@ -6,7 +6,7 @@
 		<div class="col-sm-8 col-sm-offset-2">
 			<h1>
 				<i class="fa fa-spinner fa-pulse"></i>
 				Analyse en cours de <%= @host %>
 				[<%= self.type.to_s.upcase %>] Analyse en cours de <%= @host %>
 			</h1>
 			<p class="small">
 				Début de l’analyse : <%= l @result.date %>
--- a/app/views/check/show.html.erb
+++ b/app/views/check/show.html.erb
@@ -2,7 +2,7 @@
 	<div class="row">
 		<div class="col-sm-11">
 			<h1>
 				Résultats pour <%= @host %> <span class="small">(<%= l @result.date %>)</span>
 				[<%= self.type.to_s.upcase %>] <%= @host %> <span class="small">(<%= l @result.date %>)</span>
 				<%= rank_label @result.score.rank %>
 			</h1>
 		</div>
--- a/app/views/ssh/index.html.erb
+++ b/app/views/ssh/index.html.erb
@@ -0,0 +1,18 @@
 <div id="ssh_check" class="container">
 	<div class="row">
 		<div class="col-sm-12">
 			<h1>Vérifier votre serveur SSH</h1>
 			<div class="form-group">
 				<div class="col-sm-8">
 					<%= text_field_tag :ssh_check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
 				</div>
 				<div class="col-sm-2">
 					<%= text_field_tag :ssh_check_port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
 				</div>
 				<div class="col-sm-2">
 					<%= submit_tag 'Test-moi !', id: 'ssh_check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
 				</div>
 			</div>
 		</div>
 	</div>
 </div>
--- a/app/views/ssh/no_ssh.html.erb
+++ b/app/views/ssh/no_ssh.html.erb
@@ -0,0 +1,12 @@
 <div id="check" class="container">
 	<div class="row">
 		<div class="col-sm-8 col-sm-offset-2">
 			<h1>
 				<%= @host %> ne supporte pas SSH
 			</h1>
 			<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
 			<%= link_to 'Rafraîchir', {action: :refresh}, class: %i(btn btn-default pull-right) %>
 			<% end %>
 		</div>
 	</div>
 </div>
--- a/app/views/ssh/processing.html.erb
+++ b/app/views/ssh/processing.html.erb
@@ -0,0 +1,20 @@
 <% content_for :head do %>
 	<meta http-equiv="refresh" content="10">
 <% end %>
 <div id="check" class="container">
 	<div class="row">
 		<div class="col-sm-8 col-sm-offset-2">
 			<h1>
 				<i class="fa fa-spinner fa-pulse"></i>
 				[SSH] Analyse en cours de <%= @host %>
 			</h1>
 			<p class="small">
 				Début de l’analyse : <%= l @result.date %>
 			</p>
 			<p class="pull-right">
 				Merci de patienter…
 				<span class="small">(Cette page se rafraîchit automatiquement toutes les 10 secondes)</span>
 			</p>
 		</div>
 	</div>
 </div>
--- a/app/views/ssh/show.html.erb
+++ b/app/views/ssh/show.html.erb
@@ -0,0 +1,67 @@
 <div class="container">
 	<div class="row">
 		<div class="col-sm-11">
 			<h1>
 				[SSH] <%= @host %> <span class="small">(<%= l @result.date %>)</span>
 			</h1>
 		</div>
 		<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
 		<div class="col-sm-1">
 			<%= link_to 'Rafraîchir', {action: :refresh}, class: %i(btn btn-default) %>
 		</div>
 		<% end %>
 	</div>
 	<br/>
 	<div class="row">
 		<div class="col-sm-12">
 			<table class="table table-bordered table-condensed table-striped">
 				<tbody>
 					<tr>
 						<th>Échange de clef</th>
 					</tr>
 					<% @result.kex.each do |kex| %>
 					<tr>
 						<td><%= kex_label kex %></td>
 					</tr>
 					<% end %>

 					<tr>
 						<th>Chiffrement</th>
 					</tr>
 					<% @result.encryption.each do |cipher| %>
 					<tr>
 						<td><%= cipher_label cipher %></td>
 					</tr>
 					<% end %>

 					<tr>
 						<th>HMAC</th>
 					</tr>
 					<% @result.hmac.each do |hmac| %>
 						<tr>
 							<td><%= hmac_label hmac %></td>
 						</tr>
 					<% end %>

 					<tr>
 						<th>Compression</th>
 					</tr>
 					<% @result.compression.each do |compression| %>
 						<tr>
 							<td><%= compression_label compression %></td>
 						</tr>
 					<% end %>

 					<tr>
 						<th>Clefs</th>
 					</tr>
 					<% @result['key'].each do |key| %>
 					<tr>
 						<td><%= key_label key %></td>
 					</tr>
 					<% end %>
 				</tbody>
 			</table>
 		</div>
 	</div>
 </div>
--- a/app/workers/ssh_worker.rb
+++ b/app/workers/ssh_worker.rb
@@ -0,0 +1,24 @@
 require 'simpleidn'
 require 'cryptcheck'

 class SSHWorker
 	include Sidekiq::Worker
 	sidekiq_options retry: false

 	def perform(host, port)
 		idn    = SimpleIDN.to_ascii host
 		result = begin
 			server = CryptCheck::Ssh::Server.new idn, port
 			{
 					kex:         server.kex,
 					encryption:  server.encryption,
 					hmac:        server.hmac,
 					compression: server.compression,
 					key:         server.key
 			}
 		rescue CryptCheck::Ssh::Server::SshNotAvailableException
 			{ no_ssh: true }
 		end
 		Datastore.post :ssh, "#{host}:#{port}", result
 	end
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,4 +1,8 @@
 Rails.application.routes.draw do
  get 'ssh/show'

  get 'ssh/index'

 	namespace :https, id: /[^\/]*/ do
 		get ':id/', action: :show
 		get ':id/refresh', action: :refresh, as: :refresh
@@ -14,6 +18,12 @@ Rails.application.routes.draw do
 		get ':id/refresh', action: :refresh, as: :refresh
 	end

 	namespace :ssh, id: /[^\/]*/ do
 		get '/', action: :index
 		get ':id/', action: :show
 		get ':id/refresh', action: :refresh, as: :refresh
 	end

 	root 'site#index'
 	get '/ciphers' => 'site#ciphers'
 end
--- a/test/controllers/ssh_controller_test.rb
+++ b/test/controllers/ssh_controller_test.rb
@@ -0,0 +1,14 @@
 require 'test_helper'

 class SshControllerTest < ActionController::TestCase
  test "should get show" do
    get :show
    assert_response :success
  end

  test "should get index" do
    get :index
    assert_response :success
  end

 end