Generic TLS checker
parent
b20c94ff2d
commit
1043ad3e29
|
@ -1,12 +1,14 @@
|
|||
/.bundle/
|
||||
.bundle/
|
||||
.generators
|
||||
.rakeTasks
|
||||
*.iml
|
||||
Gemfile.lock
|
||||
|
||||
/db/*.sqlite3
|
||||
/db/*.sqlite3-journal
|
||||
/log/*
|
||||
!/log/.keep
|
||||
/tmp
|
||||
/tmp/
|
||||
/public/assets/
|
||||
*.iml
|
||||
Gemfile.lock
|
||||
.generators
|
||||
.rakeTasks
|
||||
|
||||
/deploy.sh
|
||||
/.excluded
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
$ ->
|
||||
tls_submit = ->
|
||||
host = $('#tls_check_host').val()
|
||||
port = $('#tls_check_port').val()
|
||||
if port == ''
|
||||
alert 'Veuillez saisir un port'
|
||||
return
|
||||
window.location.href = "<%= Rails.configuration.relative_url_root %>/tls/#{host}:#{port}"
|
||||
|
||||
$('#tls_check_host').keypress (e) ->
|
||||
tls_submit() if e.which == 13
|
||||
return
|
||||
$('#tls_check_port').keypress (e) ->
|
||||
tls_submit() if e.which == 13
|
||||
return
|
||||
$('#tls_check_submit').click ->
|
||||
tls_submit()
|
||||
return
|
|
@ -44,3 +44,9 @@ body {
|
|||
.progress {
|
||||
margin: 0;
|
||||
}
|
||||
|
||||
#check,
|
||||
#ssh_check,
|
||||
#tls_check {
|
||||
margin-top: 100px;
|
||||
}
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
#check {
|
||||
margin-top: 100px;
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
// Place all the styles related to the Smtp controller here.
|
||||
// They will automatically be included in application.css.
|
||||
// You can use Sass (SCSS) here: http://sass-lang.com/
|
|
@ -1,3 +0,0 @@
|
|||
// Place all the styles related to the ssh controller here.
|
||||
// They will automatically be included in application.css.
|
||||
// You can use Sass (SCSS) here: http://sass-lang.com/
|
|
@ -1,16 +1,8 @@
|
|||
class CheckController < ApplicationController
|
||||
before_action :check_host
|
||||
before_action :check_host, except: %i(index)
|
||||
helper_method :tls_type, :type
|
||||
|
||||
def check_host
|
||||
@host = params[:id]
|
||||
@idn = SimpleIDN.to_ascii @host
|
||||
if /[^a-zA-Z0-9.-]/.match @idn
|
||||
flash[:danger] = "Hôte #{@host} invalide"
|
||||
redirect_to :root
|
||||
return false
|
||||
end
|
||||
@result = Datastore.host self.type, @idn
|
||||
def index
|
||||
end
|
||||
|
||||
def show
|
||||
|
@ -34,7 +26,19 @@ class CheckController < ApplicationController
|
|||
protected
|
||||
def enqueue_host
|
||||
Datastore.pending self.type, @host
|
||||
self.worker.perform_async @idn
|
||||
self.worker.perform_async *(@port ? [@idn, @port] : [@idn])
|
||||
@result = OpenStruct.new pending: true , date: Time.now
|
||||
end
|
||||
|
||||
def check_host
|
||||
@host, @port = params[:id].split ':'
|
||||
@idn = SimpleIDN.to_ascii @host
|
||||
if /[^a-zA-Z0-9.-]/.match @idn
|
||||
flash[:danger] = "Hôte #{@host} invalide"
|
||||
redirect_to action: :index
|
||||
return false
|
||||
end
|
||||
@host = "#{@idn}:#{@port}" if @port
|
||||
@result = Datastore.host self.type, @host
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,7 +1,4 @@
|
|||
class SiteController < ApplicationController
|
||||
def index
|
||||
end
|
||||
|
||||
def ciphers
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,43 +1,14 @@
|
|||
class SshController < ApplicationController
|
||||
before_action :check_host, except: %i(index)
|
||||
|
||||
def check_host
|
||||
@host, @port = params[:id].split ':'
|
||||
@idn = SimpleIDN.to_ascii @host
|
||||
if /[^a-zA-Z0-9.-]/.match @idn
|
||||
flash[:danger] = "Hôte #{@host} invalide"
|
||||
redirect_to :index
|
||||
return false
|
||||
end
|
||||
@host = "#{@idn}:#{@port}"
|
||||
@result = Datastore.host :ssh, @host
|
||||
end
|
||||
|
||||
def index
|
||||
end
|
||||
|
||||
def show
|
||||
enqueue_host unless @result
|
||||
return render :processing if @result.pending
|
||||
return render :no_ssh if @result.no_ssh
|
||||
end
|
||||
|
||||
def refresh
|
||||
unless @result.pending
|
||||
refresh_allowed = @result.date + Rails.configuration.refresh_delay
|
||||
if Time.now < refresh_allowed
|
||||
flash[:warning] = "Merci d’attendre au moins #{l refresh_allowed} pour rafraîchir"
|
||||
return redirect_to action: :show, id: @host
|
||||
end
|
||||
enqueue_host
|
||||
end
|
||||
redirect_to action: :show
|
||||
end
|
||||
|
||||
class SshController < CheckController
|
||||
protected
|
||||
def enqueue_host
|
||||
Datastore.pending :ssh, @host
|
||||
SSHWorker.perform_async @idn, @port
|
||||
@result = OpenStruct.new pending: true, date: Time.now
|
||||
def type
|
||||
:ssh
|
||||
end
|
||||
|
||||
def worker
|
||||
SSHWorker
|
||||
end
|
||||
|
||||
def tls_type
|
||||
'SSH'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
class TlsController < CheckController
|
||||
protected
|
||||
def type
|
||||
:tls
|
||||
end
|
||||
|
||||
def worker
|
||||
TLSWorker
|
||||
end
|
||||
|
||||
def tls_type
|
||||
'TLS'
|
||||
end
|
||||
end
|
|
@ -0,0 +1,2 @@
|
|||
module TlsHelper
|
||||
end
|
|
@ -6,6 +6,7 @@
|
|||
</div>
|
||||
<ul class="nav navbar-nav">
|
||||
<li><%= link_to 'HTTPS / SMTP / XMPP', root_path %></li>
|
||||
<li><%= link_to 'TLS', tls_path %></li>
|
||||
<li><%= link_to 'SSH', ssh_path %></li>
|
||||
</ul>
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
<div id="check" class="container">
|
||||
<div class="row">
|
||||
<div class="col-sm-8 col-sm-offset-2">
|
||||
<h1>
|
||||
<%= @host %> ne supporte pas SSH
|
||||
</h1>
|
||||
<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
|
||||
<%= link_to 'Rafraîchir', {action: :refresh}, class: %i(btn btn-default pull-right) %>
|
||||
<% end %>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
|
@ -1,20 +0,0 @@
|
|||
<% content_for :head do %>
|
||||
<meta http-equiv="refresh" content="10">
|
||||
<% end %>
|
||||
<div id="check" class="container">
|
||||
<div class="row">
|
||||
<div class="col-sm-8 col-sm-offset-2">
|
||||
<h1>
|
||||
<i class="fa fa-spinner fa-pulse"></i>
|
||||
[SSH] Analyse en cours de <%= @host %>
|
||||
</h1>
|
||||
<p class="small">
|
||||
Début de l’analyse : <%= l @result.date %>
|
||||
</p>
|
||||
<p class="pull-right">
|
||||
Merci de patienter…
|
||||
<span class="small">(Cette page se rafraîchit automatiquement toutes les 10 secondes)</span>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
|
@ -0,0 +1,18 @@
|
|||
<div id="tls_check" class="container">
|
||||
<div class="row">
|
||||
<div class="col-sm-12">
|
||||
<h1>Vérifier votre serveur TLS</h1>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-8">
|
||||
<%= text_field_tag :tls_check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
|
||||
</div>
|
||||
<div class="col-sm-2">
|
||||
<%= text_field_tag :tls_check_port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
|
||||
</div>
|
||||
<div class="col-sm-2">
|
||||
<%= submit_tag 'Test-moi !', id: 'tls_check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
|
@ -9,11 +9,12 @@ class CheckWorker
|
|||
key.nil? ? nil : { type: key.type, size: key.size, rsa_size: key.rsa_equivalent_size }
|
||||
end
|
||||
|
||||
def perform(host)
|
||||
def perform(host, port=nil)
|
||||
idn = SimpleIDN.to_ascii host
|
||||
host = "#{host}:#{port}" if port
|
||||
result = begin
|
||||
server = self.module::Server.new idn
|
||||
grade = self.module::Grade.new server
|
||||
server = self.server.new *(port ? [idn, port] : [idn])
|
||||
grade = self.grade.new server
|
||||
result = {
|
||||
key: key_to_json(server.key),
|
||||
dh: server.dh.collect { |k| key_to_json k },
|
||||
|
@ -34,7 +35,6 @@ class CheckWorker
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
self.result server, grade, result
|
||||
rescue CryptCheck::Tls::Server::TLSNotAvailableException
|
||||
{ no_tls: true }
|
||||
|
|
|
@ -2,8 +2,11 @@ class HTTPSWorker < CheckWorker
|
|||
sidekiq_options retry: false
|
||||
|
||||
protected
|
||||
def module
|
||||
CryptCheck::Tls::Https
|
||||
def server
|
||||
CryptCheck::Tls::Https::Server
|
||||
end
|
||||
def grade
|
||||
CryptCheck::Tls::Https::Grade
|
||||
end
|
||||
|
||||
def type
|
||||
|
|
|
@ -2,8 +2,11 @@ class SMTPWorker < CheckWorker
|
|||
sidekiq_options retry: false
|
||||
|
||||
protected
|
||||
def module
|
||||
CryptCheck::Tls::Smtp
|
||||
def server
|
||||
CryptCheck::Tls::Smtp::Server
|
||||
end
|
||||
def grade
|
||||
CryptCheck::Tls::Smtp::Grade
|
||||
end
|
||||
|
||||
def type
|
||||
|
|
|
@ -5,7 +5,7 @@ class SSHWorker
|
|||
include Sidekiq::Worker
|
||||
sidekiq_options retry: false
|
||||
|
||||
def perform(host, port)
|
||||
def perform(host, port=nil)
|
||||
idn = SimpleIDN.to_ascii host
|
||||
result = begin
|
||||
server = CryptCheck::Ssh::Server.new idn, port
|
||||
|
@ -17,7 +17,7 @@ class SSHWorker
|
|||
key: server.key
|
||||
}
|
||||
rescue CryptCheck::Ssh::Server::SshNotAvailableException
|
||||
{ no_ssh: true }
|
||||
{ no_tls: true }
|
||||
end
|
||||
Datastore.post :ssh, "#{host}:#{port}", result
|
||||
end
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
class TLSWorker < CheckWorker
|
||||
sidekiq_options retry: false
|
||||
|
||||
protected
|
||||
def server
|
||||
CryptCheck::Tls::TcpServer
|
||||
end
|
||||
def grade
|
||||
CryptCheck::Tls::Grade
|
||||
end
|
||||
|
||||
def type
|
||||
:tls
|
||||
end
|
||||
end
|
|
@ -2,8 +2,11 @@ class XMPPWorker < CheckWorker
|
|||
sidekiq_options retry: false
|
||||
|
||||
protected
|
||||
def module
|
||||
CryptCheck::Tls::Xmpp
|
||||
def server
|
||||
CryptCheck::Tls::Xmpp::Server
|
||||
end
|
||||
def grade
|
||||
CryptCheck::Tls::Xmpp::Grade
|
||||
end
|
||||
|
||||
def type
|
||||
|
|
|
@ -1,25 +1,31 @@
|
|||
Rails.application.routes.draw do
|
||||
namespace :https, id: /[^\/]*/ do
|
||||
namespace :https, id: /[^\/]+/ do
|
||||
get ':id/', action: :show
|
||||
get ':id/refresh', action: :refresh, as: :refresh
|
||||
end
|
||||
|
||||
namespace :smtp, id: /[^\/]*/ do
|
||||
namespace :smtp, id: /[^\/]+/ do
|
||||
get ':id/', action: :show
|
||||
get ':id/refresh', action: :refresh, as: :refresh
|
||||
end
|
||||
|
||||
namespace :xmpp, id: /[^\/]*/ do
|
||||
namespace :xmpp, id: /[^\/]+/ do
|
||||
get ':id/', action: :show
|
||||
get ':id/refresh', action: :refresh, as: :refresh
|
||||
end
|
||||
|
||||
namespace :ssh, id: /[^\/]*/ do
|
||||
namespace :tls, id: /[^\/]+/ do
|
||||
get '/', action: :index
|
||||
get ':id/', action: :show
|
||||
get ':id/refresh', action: :refresh, as: :refresh
|
||||
end
|
||||
|
||||
root 'site#index'
|
||||
namespace :ssh, id: /[^\/]+/ do
|
||||
get '/', action: :index
|
||||
get ':id/', action: :show
|
||||
get ':id/refresh', action: :refresh, as: :refresh
|
||||
end
|
||||
|
||||
root 'https#index'
|
||||
get '/ciphers' => 'site#ciphers'
|
||||
end
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
require 'test_helper'
|
||||
|
||||
class TlsControllerTest < ActionController::TestCase
|
||||
test "should get index" do
|
||||
get :index
|
||||
assert_response :success
|
||||
end
|
||||
|
||||
test "should get show" do
|
||||
get :show
|
||||
assert_response :success
|
||||
end
|
||||
|
||||
test "should get refresh" do
|
||||
get :refresh
|
||||
assert_response :success
|
||||
end
|
||||
|
||||
end
|
Loading…
Reference in New Issue