Browse Source

Generic TLS checker

master
Aeris 3 years ago
parent
commit
1043ad3e29

+ 9
- 7
.gitignore View File

@@ -1,12 +1,14 @@
1
-/.bundle/
1
+.bundle/
2
+.generators
3
+.rakeTasks
4
+*.iml
5
+Gemfile.lock
6
+
2 7
 /db/*.sqlite3
3 8
 /db/*.sqlite3-journal
4 9
 /log/*
5 10
 !/log/.keep
6
-/tmp
11
+/tmp/
7 12
 /public/assets/
8
-*.iml
9
-Gemfile.lock
10
-.generators
11
-.rakeTasks
12
-
13
+/deploy.sh
14
+/.excluded

+ 18
- 0
app/assets/javascripts/tls.coffee.erb View File

@@ -0,0 +1,18 @@
1
+$ ->
2
+	tls_submit = ->
3
+		host = $('#tls_check_host').val()
4
+		port = $('#tls_check_port').val()
5
+		if port == ''
6
+			alert 'Veuillez saisir un port'
7
+			return
8
+		window.location.href = "<%= Rails.configuration.relative_url_root %>/tls/#{host}:#{port}"
9
+
10
+	$('#tls_check_host').keypress (e) ->
11
+		tls_submit() if e.which == 13
12
+		return
13
+	$('#tls_check_port').keypress (e) ->
14
+		tls_submit() if e.which == 13
15
+		return
16
+	$('#tls_check_submit').click ->
17
+		tls_submit()
18
+		return

+ 6
- 0
app/assets/stylesheets/application.scss View File

@@ -44,3 +44,9 @@ body {
44 44
 .progress {
45 45
 	margin: 0;
46 46
 }
47
+
48
+#check,
49
+#ssh_check,
50
+#tls_check {
51
+	margin-top: 100px;
52
+}

+ 0
- 3
app/assets/stylesheets/site.scss View File

@@ -1,3 +0,0 @@
1
-#check {
2
-	margin-top: 100px;
3
-}

+ 0
- 3
app/assets/stylesheets/smtp.scss View File

@@ -1,3 +0,0 @@
1
-// Place all the styles related to the Smtp controller here.
2
-// They will automatically be included in application.css.
3
-// You can use Sass (SCSS) here: http://sass-lang.com/

+ 0
- 3
app/assets/stylesheets/ssh.scss View File

@@ -1,3 +0,0 @@
1
-// Place all the styles related to the ssh controller here.
2
-// They will automatically be included in application.css.
3
-// You can use Sass (SCSS) here: http://sass-lang.com/

+ 0
- 0
app/assets/stylesheets/tls.scss View File


+ 15
- 11
app/controllers/check_controller.rb View File

@@ -1,16 +1,8 @@
1 1
 class CheckController < ApplicationController
2
-	before_action :check_host
2
+	before_action :check_host, except: %i(index)
3 3
 	helper_method :tls_type, :type
4 4
 
5
-	def check_host
6
-		@host = params[:id]
7
-		@idn  = SimpleIDN.to_ascii @host
8
-		if /[^a-zA-Z0-9.-]/.match @idn
9
-			flash[:danger] = "Hôte #{@host} invalide"
10
-			redirect_to :root
11
-			return false
12
-		end
13
-		@result = Datastore.host self.type, @idn
5
+	def index
14 6
 	end
15 7
 
16 8
 	def show
@@ -34,7 +26,19 @@ class CheckController < ApplicationController
34 26
 	protected
35 27
 	def enqueue_host
36 28
 		Datastore.pending self.type, @host
37
-		self.worker.perform_async @idn
29
+		self.worker.perform_async *(@port ? [@idn, @port] : [@idn])
38 30
 		@result = OpenStruct.new pending: true , date: Time.now
39 31
 	end
32
+
33
+	def check_host
34
+		@host, @port = params[:id].split ':'
35
+		@idn         = SimpleIDN.to_ascii @host
36
+		if /[^a-zA-Z0-9.-]/.match @idn
37
+			flash[:danger] = "Hôte #{@host} invalide"
38
+			redirect_to action: :index
39
+			return false
40
+		end
41
+		@host   = "#{@idn}:#{@port}" if @port
42
+		@result = Datastore.host self.type, @host
43
+	end
40 44
 end

+ 0
- 3
app/controllers/site_controller.rb View File

@@ -1,7 +1,4 @@
1 1
 class SiteController < ApplicationController
2
-	def index
3
-	end
4
-
5 2
 	def ciphers
6 3
 	end
7 4
 end

+ 8
- 37
app/controllers/ssh_controller.rb View File

@@ -1,43 +1,14 @@
1
-class SshController < ApplicationController
2
-	before_action :check_host, except: %i(index)
3
-
4
-	def check_host
5
-		@host, @port = params[:id].split ':'
6
-		@idn         = SimpleIDN.to_ascii @host
7
-		if /[^a-zA-Z0-9.-]/.match @idn
8
-			flash[:danger] = "Hôte #{@host} invalide"
9
-			redirect_to :index
10
-			return false
11
-		end
12
-		@host   = "#{@idn}:#{@port}"
13
-		@result = Datastore.host :ssh, @host
14
-	end
15
-
16
-	def index
17
-	end
18
-
19
-	def show
20
-		enqueue_host unless @result
21
-		return render :processing if @result.pending
22
-		return render :no_ssh if @result.no_ssh
1
+class SshController < CheckController
2
+	protected
3
+	def type
4
+		:ssh
23 5
 	end
24 6
 
25
-	def refresh
26
-		unless @result.pending
27
-			refresh_allowed = @result.date + Rails.configuration.refresh_delay
28
-			if Time.now < refresh_allowed
29
-				flash[:warning] = "Merci d’attendre au moins #{l refresh_allowed} pour rafraîchir"
30
-				return redirect_to action: :show, id: @host
31
-			end
32
-			enqueue_host
33
-		end
34
-		redirect_to action: :show
7
+	def worker
8
+		SSHWorker
35 9
 	end
36 10
 
37
-	protected
38
-	def enqueue_host
39
-		Datastore.pending :ssh, @host
40
-		SSHWorker.perform_async @idn, @port
41
-		@result = OpenStruct.new pending: true, date: Time.now
11
+	def tls_type
12
+		'SSH'
42 13
 	end
43 14
 end

+ 14
- 0
app/controllers/tls_controller.rb View File

@@ -0,0 +1,14 @@
1
+class TlsController < CheckController
2
+  protected
3
+  def type
4
+    :tls
5
+  end
6
+
7
+  def worker
8
+    TLSWorker
9
+  end
10
+
11
+  def tls_type
12
+    'TLS'
13
+  end
14
+end

+ 2
- 0
app/helpers/tls_helper.rb View File

@@ -0,0 +1,2 @@
1
+module TlsHelper
2
+end

+ 1
- 0
app/views/application/_headers.erb View File

@@ -6,6 +6,7 @@
6 6
 			</div>
7 7
 			<ul class="nav navbar-nav">
8 8
 				<li><%= link_to 'HTTPS / SMTP / XMPP', root_path %></li>
9
+				<li><%= link_to 'TLS', tls_path %></li>
9 10
 				<li><%= link_to 'SSH', ssh_path %></li>
10 11
 			</ul>
11 12
 			<ul class="nav navbar-nav navbar-right">

app/views/site/index.html.erb → app/views/https/index.html.erb View File


+ 0
- 12
app/views/ssh/no_ssh.html.erb View File

@@ -1,12 +0,0 @@
1
-<div id="check" class="container">
2
-	<div class="row">
3
-		<div class="col-sm-8 col-sm-offset-2">
4
-			<h1>
5
-				<%= @host %> ne supporte pas SSH
6
-			</h1>
7
-			<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
8
-			<%= link_to 'Rafraîchir', {action: :refresh}, class: %i(btn btn-default pull-right) %>
9
-			<% end %>
10
-		</div>
11
-	</div>
12
-</div>

+ 0
- 20
app/views/ssh/processing.html.erb View File

@@ -1,20 +0,0 @@
1
-<% content_for :head do %>
2
-	<meta http-equiv="refresh" content="10">
3
-<% end %>
4
-<div id="check" class="container">
5
-	<div class="row">
6
-		<div class="col-sm-8 col-sm-offset-2">
7
-			<h1>
8
-				<i class="fa fa-spinner fa-pulse"></i>
9
-				[SSH] Analyse en cours de <%= @host %>
10
-			</h1>
11
-			<p class="small">
12
-				Début de l’analyse : <%= l @result.date %>
13
-			</p>
14
-			<p class="pull-right">
15
-				Merci de patienter…
16
-				<span class="small">(Cette page se rafraîchit automatiquement toutes les 10 secondes)</span>
17
-			</p>
18
-		</div>
19
-	</div>
20
-</div>

+ 18
- 0
app/views/tls/index.html.erb View File

@@ -0,0 +1,18 @@
1
+<div id="tls_check" class="container">
2
+	<div class="row">
3
+		<div class="col-sm-12">
4
+			<h1>Vérifier votre serveur TLS</h1>
5
+			<div class="form-group">
6
+				<div class="col-sm-8">
7
+					<%= text_field_tag :tls_check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
8
+				</div>
9
+				<div class="col-sm-2">
10
+					<%= text_field_tag :tls_check_port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
11
+				</div>
12
+				<div class="col-sm-2">
13
+					<%= submit_tag 'Test-moi !', id: 'tls_check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
14
+				</div>
15
+			</div>
16
+		</div>
17
+	</div>
18
+</div>

+ 4
- 4
app/workers/check_worker.rb View File

@@ -9,11 +9,12 @@ class CheckWorker
9 9
 		key.nil? ? nil : { type: key.type, size: key.size, rsa_size: key.rsa_equivalent_size }
10 10
 	end
11 11
 
12
-	def perform(host)
12
+	def perform(host, port=nil)
13 13
 		idn    = SimpleIDN.to_ascii host
14
+		host = "#{host}:#{port}" if port
14 15
 		result = begin
15
-			server = self.module::Server.new idn
16
-			grade  = self.module::Grade.new server
16
+			server = self.server.new *(port ? [idn, port] : [idn])
17
+			grade  = self.grade.new server
17 18
 			result = {
18 19
 					key:       key_to_json(server.key),
19 20
 					dh:        server.dh.collect { |k| key_to_json k },
@@ -34,7 +35,6 @@ class CheckWorker
34 35
 					}
35 36
 			}
36 37
 
37
-
38 38
 			self.result server, grade, result
39 39
 		rescue CryptCheck::Tls::Server::TLSNotAvailableException
40 40
 			{ no_tls: true }

+ 5
- 2
app/workers/https_worker.rb View File

@@ -2,8 +2,11 @@ class HTTPSWorker < CheckWorker
2 2
 	sidekiq_options retry: false
3 3
 
4 4
 	protected
5
-	def module
6
-		CryptCheck::Tls::Https
5
+	def server
6
+		CryptCheck::Tls::Https::Server
7
+	end
8
+	def grade
9
+		CryptCheck::Tls::Https::Grade
7 10
 	end
8 11
 
9 12
 	def type

+ 5
- 2
app/workers/smtp_worker.rb View File

@@ -2,8 +2,11 @@ class SMTPWorker < CheckWorker
2 2
 	sidekiq_options retry: false
3 3
 
4 4
 	protected
5
-	def module
6
-		CryptCheck::Tls::Smtp
5
+	def server
6
+		CryptCheck::Tls::Smtp::Server
7
+	end
8
+	def grade
9
+		CryptCheck::Tls::Smtp::Grade
7 10
 	end
8 11
 
9 12
 	def type

+ 2
- 2
app/workers/ssh_worker.rb View File

@@ -5,7 +5,7 @@ class SSHWorker
5 5
 	include Sidekiq::Worker
6 6
 	sidekiq_options retry: false
7 7
 
8
-	def perform(host, port)
8
+	def perform(host, port=nil)
9 9
 		idn    = SimpleIDN.to_ascii host
10 10
 		result = begin
11 11
 			server = CryptCheck::Ssh::Server.new idn, port
@@ -17,7 +17,7 @@ class SSHWorker
17 17
 					key:         server.key
18 18
 			}
19 19
 		rescue CryptCheck::Ssh::Server::SshNotAvailableException
20
-			{ no_ssh: true }
20
+			{ no_tls: true }
21 21
 		end
22 22
 		Datastore.post :ssh, "#{host}:#{port}", result
23 23
 	end

+ 15
- 0
app/workers/tls_worker.rb View File

@@ -0,0 +1,15 @@
1
+class TLSWorker < CheckWorker
2
+	sidekiq_options retry: false
3
+
4
+	protected
5
+	def server
6
+		CryptCheck::Tls::TcpServer
7
+	end
8
+	def grade
9
+		CryptCheck::Tls::Grade
10
+	end
11
+
12
+	def type
13
+		:tls
14
+	end
15
+end

+ 5
- 2
app/workers/xmpp_worker.rb View File

@@ -2,8 +2,11 @@ class XMPPWorker < CheckWorker
2 2
 	sidekiq_options retry: false
3 3
 
4 4
 	protected
5
-	def module
6
-		CryptCheck::Tls::Xmpp
5
+	def server
6
+		CryptCheck::Tls::Xmpp::Server
7
+	end
8
+	def grade
9
+		CryptCheck::Tls::Xmpp::Grade
7 10
 	end
8 11
 
9 12
 	def type

+ 11
- 5
config/routes.rb View File

@@ -1,25 +1,31 @@
1 1
 Rails.application.routes.draw do
2
-	namespace :https, id: /[^\/]*/ do
2
+	namespace :https, id: /[^\/]+/ do
3 3
 		get ':id/', action: :show
4 4
 		get ':id/refresh', action: :refresh, as: :refresh
5 5
 	end
6 6
 
7
-	namespace :smtp, id: /[^\/]*/ do
7
+	namespace :smtp, id: /[^\/]+/ do
8 8
 		get ':id/', action: :show
9 9
 		get ':id/refresh', action: :refresh, as: :refresh
10 10
 	end
11 11
 
12
-	namespace :xmpp, id: /[^\/]*/ do
12
+	namespace :xmpp, id: /[^\/]+/ do
13 13
 		get ':id/', action: :show
14 14
 		get ':id/refresh', action: :refresh, as: :refresh
15 15
 	end
16 16
 
17
-	namespace :ssh, id: /[^\/]*/ do
17
+	namespace :tls, id: /[^\/]+/ do
18 18
 		get '/', action: :index
19 19
 		get ':id/', action: :show
20 20
 		get ':id/refresh', action: :refresh, as: :refresh
21 21
 	end
22 22
 
23
-	root 'site#index'
23
+	namespace :ssh, id: /[^\/]+/ do
24
+		get '/', action: :index
25
+		get ':id/', action: :show
26
+		get ':id/refresh', action: :refresh, as: :refresh
27
+	end
28
+
29
+	root 'https#index'
24 30
 	get '/ciphers' => 'site#ciphers'
25 31
 end

+ 19
- 0
test/controllers/tls_controller_test.rb View File

@@ -0,0 +1,19 @@
1
+require 'test_helper'
2
+
3
+class TlsControllerTest < ActionController::TestCase
4
+  test "should get index" do
5
+    get :index
6
+    assert_response :success
7
+  end
8
+
9
+  test "should get show" do
10
+    get :show
11
+    assert_response :success
12
+  end
13
+
14
+  test "should get refresh" do
15
+    get :refresh
16
+    assert_response :success
17
+  end
18
+
19
+end

Loading…
Cancel
Save