Browse Source

Generic TLS checker

master
Aeris 4 years ago
parent
commit
1043ad3e29

+ 9
- 7
.gitignore View File

@@ -1,12 +1,14 @@
/.bundle/
.bundle/
.generators
.rakeTasks
*.iml
Gemfile.lock

/db/*.sqlite3
/db/*.sqlite3-journal
/log/*
!/log/.keep
/tmp
/tmp/
/public/assets/
*.iml
Gemfile.lock
.generators
.rakeTasks

/deploy.sh
/.excluded

+ 18
- 0
app/assets/javascripts/tls.coffee.erb View File

@@ -0,0 +1,18 @@
$ ->
tls_submit = ->
host = $('#tls_check_host').val()
port = $('#tls_check_port').val()
if port == ''
alert 'Veuillez saisir un port'
return
window.location.href = "<%= Rails.configuration.relative_url_root %>/tls/#{host}:#{port}"

$('#tls_check_host').keypress (e) ->
tls_submit() if e.which == 13
return
$('#tls_check_port').keypress (e) ->
tls_submit() if e.which == 13
return
$('#tls_check_submit').click ->
tls_submit()
return

+ 6
- 0
app/assets/stylesheets/application.scss View File

@@ -44,3 +44,9 @@ body {
.progress {
margin: 0;
}

#check,
#ssh_check,
#tls_check {
margin-top: 100px;
}

+ 0
- 3
app/assets/stylesheets/site.scss View File

@@ -1,3 +0,0 @@
#check {
margin-top: 100px;
}

+ 0
- 3
app/assets/stylesheets/smtp.scss View File

@@ -1,3 +0,0 @@
// Place all the styles related to the Smtp controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/

+ 0
- 3
app/assets/stylesheets/ssh.scss View File

@@ -1,3 +0,0 @@
// Place all the styles related to the ssh controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/

+ 0
- 0
app/assets/stylesheets/tls.scss View File


+ 15
- 11
app/controllers/check_controller.rb View File

@@ -1,16 +1,8 @@
class CheckController < ApplicationController
before_action :check_host
before_action :check_host, except: %i(index)
helper_method :tls_type, :type

def check_host
@host = params[:id]
@idn = SimpleIDN.to_ascii @host
if /[^a-zA-Z0-9.-]/.match @idn
flash[:danger] = "Hôte #{@host} invalide"
redirect_to :root
return false
end
@result = Datastore.host self.type, @idn
def index
end

def show
@@ -34,7 +26,19 @@ class CheckController < ApplicationController
protected
def enqueue_host
Datastore.pending self.type, @host
self.worker.perform_async @idn
self.worker.perform_async *(@port ? [@idn, @port] : [@idn])
@result = OpenStruct.new pending: true , date: Time.now
end

def check_host
@host, @port = params[:id].split ':'
@idn = SimpleIDN.to_ascii @host
if /[^a-zA-Z0-9.-]/.match @idn
flash[:danger] = "Hôte #{@host} invalide"
redirect_to action: :index
return false
end
@host = "#{@idn}:#{@port}" if @port
@result = Datastore.host self.type, @host
end
end

+ 0
- 3
app/controllers/site_controller.rb View File

@@ -1,7 +1,4 @@
class SiteController < ApplicationController
def index
end

def ciphers
end
end

+ 8
- 37
app/controllers/ssh_controller.rb View File

@@ -1,43 +1,14 @@
class SshController < ApplicationController
before_action :check_host, except: %i(index)

def check_host
@host, @port = params[:id].split ':'
@idn = SimpleIDN.to_ascii @host
if /[^a-zA-Z0-9.-]/.match @idn
flash[:danger] = "Hôte #{@host} invalide"
redirect_to :index
return false
end
@host = "#{@idn}:#{@port}"
@result = Datastore.host :ssh, @host
end

def index
end

def show
enqueue_host unless @result
return render :processing if @result.pending
return render :no_ssh if @result.no_ssh
class SshController < CheckController
protected
def type
:ssh
end

def refresh
unless @result.pending
refresh_allowed = @result.date + Rails.configuration.refresh_delay
if Time.now < refresh_allowed
flash[:warning] = "Merci d’attendre au moins #{l refresh_allowed} pour rafraîchir"
return redirect_to action: :show, id: @host
end
enqueue_host
end
redirect_to action: :show
def worker
SSHWorker
end

protected
def enqueue_host
Datastore.pending :ssh, @host
SSHWorker.perform_async @idn, @port
@result = OpenStruct.new pending: true, date: Time.now
def tls_type
'SSH'
end
end

+ 14
- 0
app/controllers/tls_controller.rb View File

@@ -0,0 +1,14 @@
class TlsController < CheckController
protected
def type
:tls
end

def worker
TLSWorker
end

def tls_type
'TLS'
end
end

+ 2
- 0
app/helpers/tls_helper.rb View File

@@ -0,0 +1,2 @@
module TlsHelper
end

+ 1
- 0
app/views/application/_headers.erb View File

@@ -6,6 +6,7 @@
</div>
<ul class="nav navbar-nav">
<li><%= link_to 'HTTPS / SMTP / XMPP', root_path %></li>
<li><%= link_to 'TLS', tls_path %></li>
<li><%= link_to 'SSH', ssh_path %></li>
</ul>
<ul class="nav navbar-nav navbar-right">

app/views/site/index.html.erb → app/views/https/index.html.erb View File


+ 0
- 12
app/views/ssh/no_ssh.html.erb View File

@@ -1,12 +0,0 @@
<div id="check" class="container">
<div class="row">
<div class="col-sm-8 col-sm-offset-2">
<h1>
<%= @host %> ne supporte pas SSH
</h1>
<% if Time.now - @result.date >= Rails.configuration.refresh_delay %>
<%= link_to 'Rafraîchir', {action: :refresh}, class: %i(btn btn-default pull-right) %>
<% end %>
</div>
</div>
</div>

+ 0
- 20
app/views/ssh/processing.html.erb View File

@@ -1,20 +0,0 @@
<% content_for :head do %>
<meta http-equiv="refresh" content="10">
<% end %>
<div id="check" class="container">
<div class="row">
<div class="col-sm-8 col-sm-offset-2">
<h1>
<i class="fa fa-spinner fa-pulse"></i>
[SSH] Analyse en cours de <%= @host %>
</h1>
<p class="small">
Début de l’analyse : <%= l @result.date %>
</p>
<p class="pull-right">
Merci de patienter…
<span class="small">(Cette page se rafraîchit automatiquement toutes les 10 secondes)</span>
</p>
</div>
</div>
</div>

+ 18
- 0
app/views/tls/index.html.erb View File

@@ -0,0 +1,18 @@
<div id="tls_check" class="container">
<div class="row">
<div class="col-sm-12">
<h1>Vérifier votre serveur TLS</h1>
<div class="form-group">
<div class="col-sm-8">
<%= text_field_tag :tls_check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
</div>
<div class="col-sm-2">
<%= text_field_tag :tls_check_port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
</div>
<div class="col-sm-2">
<%= submit_tag 'Test-moi !', id: 'tls_check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
</div>
</div>
</div>
</div>
</div>

+ 4
- 4
app/workers/check_worker.rb View File

@@ -9,11 +9,12 @@ class CheckWorker
key.nil? ? nil : { type: key.type, size: key.size, rsa_size: key.rsa_equivalent_size }
end

def perform(host)
def perform(host, port=nil)
idn = SimpleIDN.to_ascii host
host = "#{host}:#{port}" if port
result = begin
server = self.module::Server.new idn
grade = self.module::Grade.new server
server = self.server.new *(port ? [idn, port] : [idn])
grade = self.grade.new server
result = {
key: key_to_json(server.key),
dh: server.dh.collect { |k| key_to_json k },
@@ -34,7 +35,6 @@ class CheckWorker
}
}


self.result server, grade, result
rescue CryptCheck::Tls::Server::TLSNotAvailableException
{ no_tls: true }

+ 5
- 2
app/workers/https_worker.rb View File

@@ -2,8 +2,11 @@ class HTTPSWorker < CheckWorker
sidekiq_options retry: false

protected
def module
CryptCheck::Tls::Https
def server
CryptCheck::Tls::Https::Server
end
def grade
CryptCheck::Tls::Https::Grade
end

def type

+ 5
- 2
app/workers/smtp_worker.rb View File

@@ -2,8 +2,11 @@ class SMTPWorker < CheckWorker
sidekiq_options retry: false

protected
def module
CryptCheck::Tls::Smtp
def server
CryptCheck::Tls::Smtp::Server
end
def grade
CryptCheck::Tls::Smtp::Grade
end

def type

+ 2
- 2
app/workers/ssh_worker.rb View File

@@ -5,7 +5,7 @@ class SSHWorker
include Sidekiq::Worker
sidekiq_options retry: false

def perform(host, port)
def perform(host, port=nil)
idn = SimpleIDN.to_ascii host
result = begin
server = CryptCheck::Ssh::Server.new idn, port
@@ -17,7 +17,7 @@ class SSHWorker
key: server.key
}
rescue CryptCheck::Ssh::Server::SshNotAvailableException
{ no_ssh: true }
{ no_tls: true }
end
Datastore.post :ssh, "#{host}:#{port}", result
end

+ 15
- 0
app/workers/tls_worker.rb View File

@@ -0,0 +1,15 @@
class TLSWorker < CheckWorker
sidekiq_options retry: false

protected
def server
CryptCheck::Tls::TcpServer
end
def grade
CryptCheck::Tls::Grade
end

def type
:tls
end
end

+ 5
- 2
app/workers/xmpp_worker.rb View File

@@ -2,8 +2,11 @@ class XMPPWorker < CheckWorker
sidekiq_options retry: false

protected
def module
CryptCheck::Tls::Xmpp
def server
CryptCheck::Tls::Xmpp::Server
end
def grade
CryptCheck::Tls::Xmpp::Grade
end

def type

+ 11
- 5
config/routes.rb View File

@@ -1,25 +1,31 @@
Rails.application.routes.draw do
namespace :https, id: /[^\/]*/ do
namespace :https, id: /[^\/]+/ do
get ':id/', action: :show
get ':id/refresh', action: :refresh, as: :refresh
end

namespace :smtp, id: /[^\/]*/ do
namespace :smtp, id: /[^\/]+/ do
get ':id/', action: :show
get ':id/refresh', action: :refresh, as: :refresh
end

namespace :xmpp, id: /[^\/]*/ do
namespace :xmpp, id: /[^\/]+/ do
get ':id/', action: :show
get ':id/refresh', action: :refresh, as: :refresh
end

namespace :ssh, id: /[^\/]*/ do
namespace :tls, id: /[^\/]+/ do
get '/', action: :index
get ':id/', action: :show
get ':id/refresh', action: :refresh, as: :refresh
end

root 'site#index'
namespace :ssh, id: /[^\/]+/ do
get '/', action: :index
get ':id/', action: :show
get ':id/refresh', action: :refresh, as: :refresh
end

root 'https#index'
get '/ciphers' => 'site#ciphers'
end

+ 19
- 0
test/controllers/tls_controller_test.rb View File

@@ -0,0 +1,19 @@
require 'test_helper'

class TlsControllerTest < ActionController::TestCase
test "should get index" do
get :index
assert_response :success
end

test "should get show" do
get :show
assert_response :success
end

test "should get refresh" do
get :refresh
assert_response :success
end

end

Loading…
Cancel
Save