async def do_get_testssl_job(args, sock):
await sock.send_json(
coordinator_api.mkv1request(
coordinator_api.RequestType.GET_TESTSSL_JOB, {
"worker_id": args.worker_id,
}))
resp = await sock.recv_json()
pprint.pprint(resp)
async def do_ping(args, sock):
await sock.send_json(
coordinator_api.mkv1request(
coordinator_api.RequestType.PING,
{},
))
resp = await sock.recv_json()
pprint.pprint(resp)
async def do_scan(args, sock):
await sock.send_json(
coordinator_api.mkv1request(coordinator_api.RequestType.SCAN_DOMAIN, {
"domain": args.domain,
"protocol": args.protocol,
}))
resp = await sock.recv_json()
pprint.pprint(resp)
async def _get_job(self, sock):
await sock.send_json(
coordinator_api.mkv1request(
coordinator_api.RequestType.GET_TESTSSL_JOB,
{
"worker_id": self._worker_id,
}
)
)
resp = coordinator_api.api_response.validate(await sock.recv_json())
if resp["type"] == coordinator_api.ResponseType.GET_TESTSSL_JOB.value:
return resp["payload"]
elif resp["type"] == coordinator_api.ResponseType.NO_TASKS.value:
raise NoJob(resp["payload"]["ask_again_after"])
else:
raise RuntimeError("unexpected server reply: %r".format(resp))
async def _send_push_update(self, sock, job_id, data):
msg = coordinator_api.mkv1request(
coordinator_api.RequestType.TESTSSL_RESULT_PUSH,
{
"worker_id": self._worker_id,
"job_id": job_id,
"testssl_data": data,
}
)
await sock.send_json(msg)
response = await sock.recv_json()
if (response["type"] !=
coordinator_api.ResponseType.JOB_CONFIRMATION.value):
raise RuntimeError(
"unexpected push reply: {!r}".format(response)
)
if not response["payload"]["continue"]:
raise RuntimeError("cancelled job at server request")
async def queue_scan():
form_data = await request.form
scan_request = coordinator_api.mkv1request(
coordinator_api.RequestType.SCAN_DOMAIN,
{
"domain": form_data["domain"],
"protocol": form_data["protocol"],
},
)
with zmq_socket(zmq.REQ) as sock:
sock.connect(current_app.config["COORDINATOR_URI"])
await sock.send_json(scan_request)
reply = await sock.recv_json()
if reply["type"] == coordinator_api.ResponseType.SCAN_QUEUED.value:
return redirect(
url_for("main.scan_result", scan_id=reply["payload"]["scan_id"]))
elif reply["type"] == coordinator_api.ResponseType.ERROR.value:
return abort(reply["payload"]["code"], reply["payload"]["message"])
raise RuntimeError("unexpected reply: {!r}".format(reply))
async def _get_and_run_job(self, sock):
logger.debug("fetching job")
try:
job = await self._get_job(sock)
except NoJob as exc:
logger.debug("no job, waiting for %d", exc.wait_time)
return exc.wait_time
logger.info("got job: %r", job)
if job["tls_mode"] == "starttls":
if job["protocol"] == "c2s":
starttls = "xmpp"
else:
starttls = "xmpp-server"
else:
starttls = None
result = {
"tls_versions": {},
"cipherlists": {},
"certificate": None,
"server_cipher_order": False,
"ciphers": []
}
async for info_blob in run_testssl(self._testssl_argv_base,
job["domain"],
job["hostname"],
job["port"],
starttls):
type_, *info = info_blob
if type_ == "tls-version-support":
tls_version, supported = info
result["tls_versions"][tls_version] = supported
await self._send_push_update(sock, job["job_id"], {
"type": "tls_versions",
"tls_versions": result["tls_versions"],
})
elif type_ == "server-cipher-order":
result["server_cipher_order"] = info[0]
await self._send_push_update(sock, job["job_id"], {
"type": "server_cipher_order",
"server_cipher_order": result["server_cipher_order"],
})
elif type_ == "cipherlist":
tls_version, ciphers = info
result["cipherlists"][tls_version] = ciphers
await self._send_push_update(sock, job["job_id"], {
"type": "cipherlists",
"cipherlists": result["cipherlists"],
})
elif type_ == "certificate":
result["certificate"] = info[0]
await self._send_push_update(sock, job["job_id"], {
"type": "certificate",
"certificate": result["certificate"],
})
elif type_ == "cipher-offered":
result["ciphers"].append(info[0])
await self._send_push_update(sock, job["job_id"], {
"type": "cipher_info",
"cipher": info[0],
})
msg = coordinator_api.mkv1request(
coordinator_api.RequestType.TESTSSL_COMPLETE,
{
"worker_id": self._worker_id,
"job_id": job["job_id"],
"testssl_result": result,
}
)
await sock.send_json(msg)
await sock.recv_json()
# we don’t care about the reply
return 1