Handle IDN cleanly

6 years ago · 972526af46
7 changed files with 73 additions and 60 deletions
--- a/app/controllers/check_controller.rb
+++ b/app/controllers/check_controller.rb
@ -2,11 +2,9 @@ class CheckController < ApplicationController
 	before_action :check_host, except: %i(index)
 	helper_method :tls_type, :type

-	def index
-	end
-
 	def show
 		enqueue_host unless @result
+		@host = SimpleIDN.to_unicode @host
 		return render :processing if @result.pending
 		return render :no_tls if @result.no_tls
 	end
@ -25,20 +23,20 @@ class CheckController < ApplicationController

 	protected
 	def enqueue_host
-		Datastore.pending self.type, @host
-		self.worker.perform_async *(@port ? [@idn, @port] : [@idn])
+		Datastore.pending self.type, @id
+		self.worker.perform_async *(@port.blank? ? [@host] : [@host, @port])
 		@result = OpenStruct.new pending: true , date: Time.now
 	end

 	def check_host
-		@host, @port = params[:id].split ':'
-		@idn         = SimpleIDN.to_ascii @host
-		if /[^a-zA-Z0-9.-]/.match @idn
+		@id = params[:id]
+		@host, @port = @id.split ':'
+		@host = SimpleIDN.to_ascii @host.downcase
+		if /[^a-zA-Z0-9.-]/.match @host
 			flash[:danger] = "Hôte #{@host} invalide"
 			redirect_to action: :index
 			return false
 		end
-		@host   = "#{@idn}:#{@port}" if @port
-		@result = Datastore.host self.type, @host
+		@result = Datastore.host self.type, @id
 	end
 end
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@ -1,4 +1,37 @@
+require 'simpleidn'
+
 class SiteController < ApplicationController
-	def ciphers
+	def check
+		host, port, type = params[:host], params[:port], params[:type]
+
+		host = SimpleIDN.to_ascii host.downcase
+		if host.blank? or /[^a-zA-Z0-9.-]/ =~ host
+			flash[:danger] = "Hôte #{host} invalide"
+			render :index
+			return
+		end
+
+		unless port.blank?
+			port = port.to_i
+			unless (1..65535).include? port
+				flash[:danger] = "Port #{port} invalide"
+				render :index
+				return
+			end
+			host = "#{host}:#{port}"
+		end
+
+		unless %w(https smtp xmpp tls ssh).include? type
+			flash[:danger] = "Type #{type} invalide"
+			render :index
+			return
+		end
+
+		redirect_to "/#{type}/#{host}"
+	end
+
+	def suite
+		@suite = params.require :suite
+		@ciphers = CryptCheck::Tls::Cipher.list @suite
 	end
 end
--- a/app/views/https/index.html.erb
+++ b/app/views/https/index.html.erb
@ -1,18 +0,0 @@
-<div id="check" class="container">
-	<div class="row">
-		<div class="col-sm-12">
-			<h1>Vérifier votre domaine</h1>
-			<div class="form-group">
-				<div class="col-sm-8">
-					<%= text_field_tag :check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
-				</div>
-				<div class="col-sm-2">
-					<%= select_tag :check_type, options_for_select({'HTTPS' => :https, 'SMTP' => :smtp, 'XMPP' => :xmpp}), class: %i(form-control input-lg) %>
-				</div>
-				<div class="col-sm-2">
-					<%= submit_tag 'Test-moi !', id: 'check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
-				</div>
-			</div>
-		</div>
-	</div>
-</div>
--- a/app/views/ssh/index.html.erb
+++ b/app/views/ssh/index.html.erb
@ -2,17 +2,20 @@
 	<div class="row">
 		<div class="col-sm-12">
 			<h1>Vérifier votre serveur SSH</h1>
-			<div class="form-group">
-				<div class="col-sm-8">
-					<%= text_field_tag :ssh_check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
+			<%= form_tag root_path do %>
+				<div class="form-group">
+					<div class="col-sm-8">
+						<%= text_field_tag :host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
+					</div>
+					<div class="col-sm-2">
+						<%= text_field_tag :port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
+					</div>
+					<div class="col-sm-2">
+						<%= hidden_field_tag :type, :ssh %>
+						<%= submit_tag 'Test-moi !', class: %i(form-control btn btn-primary input-lg pull-right) %>
+					</div>
 				</div>
-				<div class="col-sm-2">
-					<%= text_field_tag :ssh_check_port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
-				</div>
-				<div class="col-sm-2">
-					<%= submit_tag 'Test-moi !', id: 'ssh_check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
-				</div>
-			</div>
+			<% end %>
 		</div>
 	</div>
 </div>
--- a/app/views/tls/index.html.erb
+++ b/app/views/tls/index.html.erb
@ -2,17 +2,20 @@
 	<div class="row">
 		<div class="col-sm-12">
 			<h1>Vérifier votre serveur TLS</h1>
-			<div class="form-group">
-				<div class="col-sm-8">
-					<%= text_field_tag :tls_check_host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
+			<%= form_tag root_path do %>
+				<div class="form-group">
+					<div class="col-sm-8">
+						<%= text_field_tag :host, nil, class: %i(form-control input-lg), placeholder: 'your-site.com' %>
+					</div>
+					<div class="col-sm-2">
+						<%= text_field_tag :port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
+					</div>
+					<div class="col-sm-2">
+						<%= hidden_field_tag :type, :tls %>
+						<%= submit_tag 'Test-moi !', class: %i(form-control btn btn-primary input-lg pull-right) %>
+					</div>
 				</div>
-				<div class="col-sm-2">
-					<%= text_field_tag :tls_check_port, nil, class: %i(form-control input-lg), placeholder: 'port' %>
-				</div>
-				<div class="col-sm-2">
-					<%= submit_tag 'Test-moi !', id: 'tls_check_submit', class: %i(form-control btn btn-primary input-lg pull-right) %>
-				</div>
-			</div>
+			<% end %>
 		</div>
 	</div>
 </div>
--- a/app/workers/check_worker.rb
+++ b/app/workers/check_worker.rb
@ -1,6 +1,3 @@
-require 'simpleidn'
-require 'cryptcheck'
-
 class CheckWorker
 	include Sidekiq::Worker
 	sidekiq_options retry: false
@ -10,10 +7,9 @@ class CheckWorker
 	end

 	def perform(host, port=nil)
-		idn    = SimpleIDN.to_ascii host
-		host = "#{host}:#{port}" if port
+		host    = SimpleIDN.to_ascii host.downcase
 		result = begin
-			server = self.server.new *(port ? [idn, port] : [idn])
+			server = self.server.new *(port ? [host, port] : [host])
 			grade  = self.grade.new server
 			result = {
 					key:       key_to_json(server.key),
@ -39,6 +35,7 @@ class CheckWorker
 		rescue CryptCheck::Tls::Server::TLSNotAvailableException
 			{ no_tls: true }
 		end
+		host = "#{host}:#{port}" if port
 		Datastore.post self.type, host, result
 	end

--- a/app/workers/ssh_worker.rb
+++ b/app/workers/ssh_worker.rb
@ -1,14 +1,11 @@
-require 'simpleidn'
-require 'cryptcheck'
-
 class SSHWorker
 	include Sidekiq::Worker
 	sidekiq_options retry: false

 	def perform(host, port=nil)
-		idn    = SimpleIDN.to_ascii host
+		host    = SimpleIDN.to_ascii host.downcase
 		result = begin
-			server = CryptCheck::Ssh::Server.new idn, port
+			server = CryptCheck::Ssh::Server.new *(port ? [host, port] : [host])
 			{
 					kex:         server.kex,
 					encryption:  server.encryption,