Skip to content

Instantly share code, notes, and snippets.

@donpdonp donpdonp/tls.js

Last active May 15, 2020
Embed
What would you like to do?
gluon tls ssl checks
(function() {
setup()
return {name:"tls"}
})
var watchlist = {}
var key = "tls:watchlist"
function setup() {
scan("*", function(result){
bot.say(bot.admin_channel, "tls scan: "+JSON.stringify(result))
})
}
function go(msg) {
if (msg.method == "irc.privmsg") {
var cmd = /^!tls(\s+(\S+))?(\s+(.*))?/.exec(msg.params.message)
if(cmd) {
if(cmd[2]) {
if (cmd[2] == "add") {
bot.say(msg.params.channel, "watching: "+cmd[4])
add_host(msg.params.nick, cmd[4])
} else
if (cmd[2] == "del") {
bot.say(msg.params.channel, "unwatching: "+cmd[4])
del_host(msg.params.nick, cmd[4])
} else
if (cmd[2] == "check") {
nickscan(msg.params.nick, function(result){
Object.keys(result).forEach(function(hostname){
tls_check(hostname, msg.params.channel)
})
})
} else
if (cmd[2] == "list") {
nickscan(msg.params.nick, function(result){
bot.say(msg.params.channel, msg.params.nick+": "+Object.keys(result))
})
} else {
tls_check(cmd[2], msg.params.channel)
}
} else {
bot.say(msg.params.channel, "!tls [<domainname> | check | list | add <domainname> | del <domainname> ]")
}
}
}
}
function tls_check(host, channel) {
var data = http.get({url:"https://"+host})
var msg
if(data["error"]) {
msg = data.error.message
} else {
var tls = ""
if(data.tls.version == 0x0304) { tls = "tls1.3" }
if(data.tls.version == 0x0303) { tls = "tls1.2" }
if(data.tls.version == 0x0302) { tls = "tls1.1" }
msg = [tls,
"cert 1/"+data.tls.peer_certs.length + ":",
certFormat(data.tls["peer_certs"][0]) ].join(' ')
}
bot.say(channel, host+" "+msg)
}
function certFormat(cert) {
var dn = JSON.stringify(cert.dns_names)
var exp_date = new Date(cert.not_after)
var expires = (new Date()) > exp_date
var exp_date_str = cert.not_after.substr(0,10)
//[cert.not_after.getFullYear(), cert.not_after.getMonth(), cert.not_after.getDate() ].join('-')
return [(expires ? "EXPIRED " : "expires ")+exp_date_str,
"dns_names "+dn ].join(' ')
}
function add_host(nick, hostname) {
var dbkey = [key, nick, hostname].join(':')
db.set(dbkey, "{}", function(){
})
}
function del_host(nick, hostname) {
var dbkey = [key, nick, hostname].join(':')
db.del(dbkey)
}
function load_host(nick, hostname, cb) {
var dbkey = [key, nick, hostname].join(':')
db.get(dbkey, cb)
}
function nickscan(nick, cb) {
scan(nick+":*", function(result){
var hosts = {}
result.forEach(function(r,idx){
if (idx % 2 == 0) {
hosts[r.substr(nick.length+1)] = result[idx+1]
}
})
cb(hosts)
})
}
function scan(match, cb, cursor, answers, loop) {
if(cursor == null) { cursor = 0; answers = []; loop = 1 }
loop = loop + 1
db.scan(cursor, key+':'+match, 100, function(result){
cursor = result[0]
answers = answers.concat(result[1])
var count = answers.length/2
if(cursor == 0) {
var short_answers = answers.map(function(a, idx){
if(idx % 2 == 0) {
return a.substr(key.length+1)
} else {
return JSON.parse(a)
}
})
cb(short_answers)
} else {
if(loop < 1500) {
scan(match, cb, cursor, answers, loop)
} else {
cb({error: "tls scan overload. stopping."})
}
}
})
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.