From 27f536d149537bb85dd82670186e88621317e4df Mon Sep 17 00:00:00 2001 From: Yann Coleu Date: Sun, 7 May 2017 19:30:40 +0200 Subject: [PATCH] add flag option for TLS/SSL check --- beeping.go | 8 ++++++-- sslcheck/tlscheck.go | 5 ++--- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/beeping.go b/beeping.go index 120b380..2b0dbc1 100644 --- a/beeping.go +++ b/beeping.go @@ -23,6 +23,7 @@ var geodatfile *string var instance *string var listen *string var port *string +var tlsmode *bool type Beeping struct { Version string `json:"version"` @@ -85,6 +86,7 @@ func main() { instance = flag.String("instance", "", "beeping instance name (default hostname)") listen = flag.String("listen", "127.0.0.1", "The host to bind the server to") port = flag.String("port", "8080", "The port to bind the server to") + tlsmode = flag.Bool("tlsmode", false, "Activate SSL/TLS versions and Cipher support checks") flag.Parse() gin.SetMode("release") @@ -196,8 +198,10 @@ func CheckHTTP(check *Check) (*Response, error) { if res.TLS != nil { cTLS := &sslcheck.CheckSSL{} - cTLS.CheckCiphers(conn) - cTLS.CheckVersions(conn) + if *tlsmode { + cTLS.CheckCiphers(conn) + cTLS.CheckVersions(conn) + } cTLS.CertExpiryDate = res.TLS.PeerCertificates[0].NotAfter cTLS.CertExpiryDaysLeft = int64(cTLS.CertExpiryDate.Sub(time.Now()).Hours() / 24) cTLS.CertSignature = res.TLS.PeerCertificates[0].SignatureAlgorithm.String() diff --git a/sslcheck/tlscheck.go b/sslcheck/tlscheck.go index d7637f0..2c76675 100644 --- a/sslcheck/tlscheck.go +++ b/sslcheck/tlscheck.go @@ -2,14 +2,13 @@ package sslcheck import ( "crypto/tls" - "log" "net" "time" ) type CheckSSL struct { - Ciphers []string `json:"ciphers"` - ProtocolVersion []string `json:"protocol_versions"` + Ciphers []string `json:"ciphers,omitempty"` + ProtocolVersion []string `json:"protocol_versions,omitempty"` CertExpiryDate time.Time `json:"cert_expiry_date"` CertExpiryDaysLeft int64 `json:"cert_expiry_days_left"` CertSignature string `json:"cert_signature"`