--root-cas implementation (#189)
This commit is contained in:
parent
808dd3e528
commit
c1da0fffea
18
tls.go
18
tls.go
@ -4,13 +4,16 @@ import (
|
|||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/csv"
|
"encoding/csv"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
"net"
|
"net"
|
||||||
|
"os"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
log "github.com/sirupsen/logrus"
|
log "github.com/sirupsen/logrus"
|
||||||
"github.com/zmap/zcrypto/tls"
|
"github.com/zmap/zcrypto/tls"
|
||||||
|
"github.com/zmap/zcrypto/x509"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Shared code for TLS scans.
|
// Shared code for TLS scans.
|
||||||
@ -124,8 +127,19 @@ func (t *TLSFlags) GetTLSConfigForTarget(target *ScanTarget) (*tls.Config, error
|
|||||||
log.Fatalf("--certificate-map not implemented")
|
log.Fatalf("--certificate-map not implemented")
|
||||||
}
|
}
|
||||||
if t.RootCAs != "" {
|
if t.RootCAs != "" {
|
||||||
// TODO FIXME: Implement
|
var fd *os.File
|
||||||
log.Fatalf("--root-cas not implemented")
|
if fd, err = os.Open(t.RootCAs); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
caBytes, readErr := ioutil.ReadAll(fd)
|
||||||
|
if readErr != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
ret.RootCAs = x509.NewCertPool()
|
||||||
|
ok := ret.RootCAs.AppendCertsFromPEM(caBytes)
|
||||||
|
if !ok {
|
||||||
|
log.Fatalf("Could not read certificates from PEM file. Invalid PEM?")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if t.NextProtos != "" {
|
if t.NextProtos != "" {
|
||||||
// TODO: Different format?
|
// TODO: Different format?
|
||||||
|
Loading…
Reference in New Issue
Block a user