Home Explore Help
Sign In
cloudflare
/
cfssl
mirror of https://github.com/cloudflare/cfssl
Watch 1
Star 0
Fork 0
Files Issues
Tree: dd9e5cc259
Branches Tags
cfssl
/
api
/
scan
/
scan.go

scan.go 2.1 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. package scan
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/json"
    5. 

  5. 	"net/http"
    6. 

  6. 	"time"
    7. 

  7. 

  8. 	"github.com/cloudflare/cfssl/api"
    9. 

  9. 	"github.com/cloudflare/cfssl/errors"
    10. 

  10. 	"github.com/cloudflare/cfssl/log"
    11. 

  11. 	"github.com/cloudflare/cfssl/scan"
    12. 

  12. )
    13. 

  13. 

  14. // scanHandler is an HTTP handler that accepts GET parameters for host (required)
    15. 

  15. // family and scanner, and uses these to perform scans, returning a JSON blob result.
    16. 

  16. func scanHandler(w http.ResponseWriter, r *http.Request) error {
    17. 

  17. 	if err := r.ParseForm(); err != nil {
    18. 

  18. 		log.Warningf("failed to parse body: %v", err)
    19. 

  19. 		return errors.NewBadRequest(err)
    20. 

  20. 	}
    21. 

  21. 

  22. 	family := r.Form.Get("family")
    23. 

  23. 	scanner := r.Form.Get("scanner")
    24. 

  24. 	ip := r.Form.Get("ip")
    25. 

  25. 	timeoutStr := r.Form.Get("timeout")
    26. 

  26. 	var timeout time.Duration
    27. 

  27. 	var err error
    28. 

  28. 	if timeoutStr != "" {
    29. 

  29. 		if timeout, err = time.ParseDuration(timeoutStr); err != nil {
    30. 

  30. 			return errors.NewBadRequest(err)
    31. 

  31. 		}
    32. 

  32. 		if timeout < time.Second || timeout > 5*time.Minute {
    33. 

  33. 			return errors.NewBadRequestString("invalid timeout given")
    34. 

  34. 		}
    35. 

  35. 	} else {
    36. 

  36. 		timeout = time.Minute
    37. 

  37. 	}
    38. 

  38. 

  39. 	host := r.Form.Get("host")
    40. 

  40. 	if host == "" {
    41. 

  41. 		log.Warningf("no host given")
    42. 

  42. 		return errors.NewBadRequestString("no host given")
    43. 

  43. 	}
    44. 

  44. 

  45. 	results, err := scan.Default.RunScans(host, ip, family, scanner, timeout)
    46. 

  46. 	if err != nil {
    47. 

  47. 		return errors.NewBadRequest(err)
    48. 

  48. 	}
    49. 

  49. 

  50. 	return json.NewEncoder(w).Encode(api.NewSuccessResponse(results))
    51. 

  51. }
    52. 

  52. 

  53. // NewHandler returns a new http.Handler that handles a scan request.
    54. 

  54. func NewHandler(caBundleFile string) (http.Handler, error) {
    55. 

  55. 	return api.HTTPHandler{
    56. 

  56. 		Handler: api.HandlerFunc(scanHandler),
    57. 

  57. 		Methods: []string{"GET"},
    58. 

  58. 	}, scan.LoadRootCAs(caBundleFile)
    59. 

  59. }
    60. 

  60. 

  61. // scanInfoHandler is an HTTP handler that returns a JSON blob result describing
    62. 

  62. // the possible families and scans to be run.
    63. 

  63. func scanInfoHandler(w http.ResponseWriter, r *http.Request) error {
    64. 

  64. 	log.Info("setting up scaninfo handler")
    65. 

  65. 	response := api.NewSuccessResponse(scan.Default)
    66. 

  66. 	enc := json.NewEncoder(w)
    67. 

  67. 	return enc.Encode(response)
    68. 

  68. }
    69. 

  69. 

  70. // NewInfoHandler returns a new http.Handler that handles a request for scan info.
    71. 

  71. func NewInfoHandler() http.Handler {
    72. 

  72. 	return api.HTTPHandler{
    73. 

  73. 		Handler: api.HandlerFunc(scanInfoHandler),
    74. 

  74. 		Methods: []string{"GET"},
    75. 

  75. 	}
    76. 

  76. }
    77. 

  77.