Generic TLS checker

.gitignore

@@ -1,12 +1,14 @@
-/.bundle/
+.bundle/
+.generators
+.rakeTasks
+*.iml
+Gemfile.lock
+
 /db/*.sqlite3
 /db/*.sqlite3-journal
 /log/*
 !/log/.keep
-/tmp
+/tmp/
 /public/assets/
-*.iml
-Gemfile.lock
-.generators
-.rakeTasks
-
+/deploy.sh
+/.excluded

app/assets/javascripts/tls.coffee.erb

@@ -0,0 +1,18 @@
+$ ->
+	tls_submit = ->
+		host = $('#tls_check_host').val()
+		port = $('#tls_check_port').val()
+		if port == ''
+			alert 'Veuillez saisir un port'
+			return
+		window.location.href = "<%= Rails.configuration.relative_url_root %>/tls/#{host}:#{port}"
+
+	$('#tls_check_host').keypress (e) ->
+		tls_submit() if e.which == 13
+		return
+	$('#tls_check_port').keypress (e) ->
+		tls_submit() if e.which == 13
+		return
+	$('#tls_check_submit').click ->
+		tls_submit()
+		return

app/assets/stylesheets/application.scss

@@ -44,3 +44,9 @@ body {
 .progress {
 	margin: 0;
 }
+
+#check,
+#ssh_check,
+#tls_check {
+	margin-top: 100px;
+}

app/assets/stylesheets/site.scss

@@ -1,3 +0,0 @@
-#check {
-	margin-top: 100px;
-}

app/assets/stylesheets/smtp.scss

@@ -1,3 +0,0 @@
-// Place all the styles related to the Smtp controller here.
-// They will automatically be included in application.css.
-// You can use Sass (SCSS) here: http://sass-lang.com/

app/assets/stylesheets/ssh.scss

@@ -1,3 +0,0 @@
-// Place all the styles related to the ssh controller here.
-// They will automatically be included in application.css.
-// You can use Sass (SCSS) here: http://sass-lang.com/

app/controllers/check_controller.rb

@@ -1,16 +1,8 @@
 class CheckController < ApplicationController
-	before_action :check_host
+	before_action :check_host, except: %i(index)
 	helper_method :tls_type, :type
 
-	def check_host
-		@host = params[:id]
-		@idn  = SimpleIDN.to_ascii @host
-		if /[^a-zA-Z0-9.-]/.match @idn
-			flash[:danger] = "Hôte #{@host} invalide"
-			redirect_to :root
-			return false
-		end
-		@result = Datastore.host self.type, @idn
+	def index
 	end
 
 	def show
@@ -34,7 +26,19 @@ class CheckController < ApplicationController
 	protected
 	def enqueue_host
 		Datastore.pending self.type, @host
-		self.worker.perform_async @idn
+		self.worker.perform_async *(@port ? [@idn, @port] : [@idn])
 		@result = OpenStruct.new pending: true , date: Time.now
 	end
+
+	def check_host
+		@host, @port = params[:id].split ':'
+		@idn         = SimpleIDN.to_ascii @host
+		if /[^a-zA-Z0-9.-]/.match @idn
+			flash[:danger] = "Hôte #{@host} invalide"
+			redirect_to action: :index
+			return false
+		end
+		@host   = "#{@idn}:#{@port}" if @port
+		@result = Datastore.host self.type, @host
+	end
 end

app/controllers/site_controller.rb

@@ -1,7 +1,4 @@
 class SiteController < ApplicationController
-	def index
-	end
-
 	def ciphers
 	end
 end

app/controllers/ssh_controller.rb

@@ -1,43 +1,14 @@
-class SshController < ApplicationController
-	before_action :check_host, except: %i(index)
-
-	def check_host
-		@host, @port = params[:id].split ':'
-		@idn         = SimpleIDN.to_ascii @host
-		if /[^a-zA-Z0-9.-]/.match @idn
-			flash[:danger] = "Hôte #{@host} invalide"
-			redirect_to :index
-			return false
-		end
-		@host   = "#{@idn}:#{@port}"
-		@result = Datastore.host :ssh, @host
-	end
-
-	def index
-	end
-
-	def show
-		enqueue_host unless @result
-		return render :processing if @result.pending
-		return render :no_ssh if @result.no_ssh
-	end
-
-	def refresh
-		unless @result.pending
-			refresh_allowed = @result.date + Rails.configuration.refresh_delay
-			if Time.now < refresh_allowed
-				flash[:warning] = "Merci d’attendre au moins #{l refresh_allowed} pour rafraîchir"
-				return redirect_to action: :show, id: @host
-			end
-			enqueue_host
-		end
-		redirect_to action: :show
-	end
-
+class SshController < CheckController
 	protected
-	def enqueue_host
-		Datastore.pending :ssh, @host
-		SSHWorker.perform_async @idn, @port
-		@result = OpenStruct.new pending: true, date: Time.now
+	def type
+		:ssh
+	end
+
+	def worker
+		SSHWorker
+	end
+
+	def tls_type
+		'SSH'
 	end
 end

app/controllers/tls_controller.rb

@@ -0,0 +1,14 @@
+class TlsController < CheckController
+  protected
+  def type
+    :tls
+  end
+
+  def worker
+    TLSWorker
+  end
+
+  def tls_type
+    'TLS'
+  end
+end

app/helpers/tls_helper.rb

@@ -0,0 +1,2 @@
+module TlsHelper
+end

app/views/application/_headers.erb

@@ -6,6 +6,7 @@
 			</div>
 			<ul class="nav navbar-nav">
 				<li><%= link_to 'HTTPS / SMTP / XMPP', root_path %></li>
+				<li><%= link_to 'TLS', tls_path %></li>
 				<li><%= link_to 'SSH', ssh_path %></li>
 			</ul>
 			<ul class="nav navbar-nav navbar-right">

app/views/ssh/no_ssh.html.erb

@@ -1,12 +0,0 @@
-<div id="check" class="container">
-	<div class="row">
-		<div class="col-sm-8 col-sm-offset-2">
-			<h1>
-				<%= @host %> ne supporte pas SSH
-			</h1>
-			<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
-			<%= link_to 'Rafraîchir', {action: :refresh}, class: %i(btn btn-default pull-right) %>
-			<% end %>
-		</div>
-	</div>
-</div>

app/views/ssh/processing.html.erb

@@ -1,20 +0,0 @@
-<% content_for :head do %>
-	<meta http-equiv="refresh" content="10">
-<% end %>
-<div id="check" class="container">
-	<div class="row">
-		<div class="col-sm-8 col-sm-offset-2">
-			<h1>
-				<i class="fa fa-spinner fa-pulse"></i>
-				[SSH] Analyse en cours de <%= @host %>
-			</h1>
-			<p class="small">
-				Début de l’analyse : <%= l @result.date %>
-			</p>
-			<p class="pull-right">
-				Merci de patienter…
-				<span class="small">(Cette page se rafraîchit automatiquement toutes les 10 secondes)</span>
-			</p>
-		</div>
-	</div>
-</div>

app/views/tls/index.html.erb

@@ -0,0 +1,18 @@
+<div id="tls_check" class="container">
+	<div class="row">
+		<div class="col-sm-12">
+			<h1>Vérifier votre serveur TLS</h1>
+			<div class="form-group">
+				<div class="col-sm-8">
+					<%= text_field_tag :tls_check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
+				</div>
+				<div class="col-sm-2">
+					<%= text_field_tag :tls_check_port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
+				</div>
+				<div class="col-sm-2">
+					<%= submit_tag 'Test-moi !', id: 'tls_check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
+				</div>
+			</div>
+		</div>
+	</div>
+</div>

app/workers/check_worker.rb

@@ -9,11 +9,12 @@ class CheckWorker
 		key.nil? ? nil : { type: key.type, size: key.size, rsa_size: key.rsa_equivalent_size }
 	end
 
-	def perform(host)
+	def perform(host, port=nil)
 		idn    = SimpleIDN.to_ascii host
+		host = "#{host}:#{port}" if port
 		result = begin
-			server = self.module::Server.new idn
-			grade  = self.module::Grade.new server
+			server = self.server.new *(port ? [idn, port] : [idn])
+			grade  = self.grade.new server
 			result = {
 					key:       key_to_json(server.key),
 					dh:        server.dh.collect { |k| key_to_json k },
@@ -34,7 +35,6 @@ class CheckWorker
 					}
 			}
 
-
 			self.result server, grade, result
 		rescue CryptCheck::Tls::Server::TLSNotAvailableException
 			{ no_tls: true }

app/workers/https_worker.rb

@@ -2,8 +2,11 @@ class HTTPSWorker < CheckWorker
 	sidekiq_options retry: false
 
 	protected
-	def module
-		CryptCheck::Tls::Https
+	def server
+		CryptCheck::Tls::Https::Server
+	end
+	def grade
+		CryptCheck::Tls::Https::Grade
 	end
 
 	def type

app/workers/smtp_worker.rb

@@ -2,8 +2,11 @@ class SMTPWorker < CheckWorker
 	sidekiq_options retry: false
 
 	protected
-	def module
-		CryptCheck::Tls::Smtp
+	def server
+		CryptCheck::Tls::Smtp::Server
+	end
+	def grade
+		CryptCheck::Tls::Smtp::Grade
 	end
 
 	def type

app/workers/ssh_worker.rb

@@ -5,7 +5,7 @@ class SSHWorker
 	include Sidekiq::Worker
 	sidekiq_options retry: false
 
-	def perform(host, port)
+	def perform(host, port=nil)
 		idn    = SimpleIDN.to_ascii host
 		result = begin
 			server = CryptCheck::Ssh::Server.new idn, port
@@ -17,7 +17,7 @@ class SSHWorker
 					key:         server.key
 			}
 		rescue CryptCheck::Ssh::Server::SshNotAvailableException
-			{ no_ssh: true }
+			{ no_tls: true }
 		end
 		Datastore.post :ssh, "#{host}:#{port}", result
 	end

app/workers/tls_worker.rb

@@ -0,0 +1,15 @@
+class TLSWorker < CheckWorker
+	sidekiq_options retry: false
+
+	protected
+	def server
+		CryptCheck::Tls::TcpServer
+	end
+	def grade
+		CryptCheck::Tls::Grade
+	end
+
+	def type
+		:tls
+	end
+end

app/workers/xmpp_worker.rb

@@ -2,8 +2,11 @@ class XMPPWorker < CheckWorker
 	sidekiq_options retry: false
 
 	protected
-	def module
-		CryptCheck::Tls::Xmpp
+	def server
+		CryptCheck::Tls::Xmpp::Server
+	end
+	def grade
+		CryptCheck::Tls::Xmpp::Grade
 	end
 
 	def type

config/routes.rb

@@ -1,25 +1,31 @@
 Rails.application.routes.draw do
-	namespace :https, id: /[^\/]*/ do
+	namespace :https, id: /[^\/]+/ do
 		get ':id/', action: :show
 		get ':id/refresh', action: :refresh, as: :refresh
 	end
 
-	namespace :smtp, id: /[^\/]*/ do
+	namespace :smtp, id: /[^\/]+/ do
 		get ':id/', action: :show
 		get ':id/refresh', action: :refresh, as: :refresh
 	end
 
-	namespace :xmpp, id: /[^\/]*/ do
+	namespace :xmpp, id: /[^\/]+/ do
 		get ':id/', action: :show
 		get ':id/refresh', action: :refresh, as: :refresh
 	end
 
-	namespace :ssh, id: /[^\/]*/ do
+	namespace :tls, id: /[^\/]+/ do
 		get '/', action: :index
 		get ':id/', action: :show
 		get ':id/refresh', action: :refresh, as: :refresh
 	end
 
-	root 'site#index'
+	namespace :ssh, id: /[^\/]+/ do
+		get '/', action: :index
+		get ':id/', action: :show
+		get ':id/refresh', action: :refresh, as: :refresh
+	end
+
+	root 'https#index'
 	get '/ciphers' => 'site#ciphers'
 end

test/controllers/tls_controller_test.rb

@@ -0,0 +1,19 @@
+require 'test_helper'
+
+class TlsControllerTest < ActionController::TestCase
+  test "should get index" do
+    get :index
+    assert_response :success
+  end
+
+  test "should get show" do
+    get :show
+    assert_response :success
+  end
+
+  test "should get refresh" do
+    get :refresh
+    assert_response :success
+  end
+
+end