Switch logic to a shared package

2025-12-18 04:35:24 +00:00 · 2021-10-27 12:11:42 -04:00 · 2021-10-27 12:11:42 -04:00 · a539184ffd
commit a539184ffd
parent a911245d26
3 changed files with 40 additions and 46 deletions
--- a/v2/pkg/protocols/headless/engine/http_client.go
+++ b/v2/pkg/protocols/headless/engine/http_client.go
@ -2,9 +2,7 @@ package engine

 import (
 	"crypto/tls"
-	"crypto/x509"
-	"io/ioutil"
-	"log"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/utils"
 	"net/http"
 	"net/url"
 	"time"
@ -23,26 +21,8 @@ func newhttpClient(options *types.Options) *http.Client {
 		InsecureSkipVerify: true,
 	}

-	// Build the TLS config with the client certificate if it has been configured with the appropriate options.
-	// Only one of the options needs to be checked since the validation checks in main.go ensure that all three
-	// files are set if any of the client certification configuration options are.
-	if len(options.ClientCertFile) > 0 {
-		// Load the client certificate using the PEM encoded client certificate and the private key file
-		cert, err := tls.LoadX509KeyPair(options.ClientCertFile, options.ClientKeyFile)
-		if err != nil {
-			log.Fatal(err)
-		}
-		tlsConfig.Certificates = []tls.Certificate{cert}
-
-		// Load the certificate authority PEM certificate into the TLS configuration
-		caCert, err := ioutil.ReadFile(options.ClientCAFile)
-		if err != nil {
-			log.Fatal(err)
-		}
-		caCertPool := x509.NewCertPool()
-		caCertPool.AppendCertsFromPEM(caCert)
-		tlsConfig.RootCAs = caCertPool
-	}
+	// Add the client certificate authentication to the request if it's configured
+	tlsConfig = utils.AddConfiguredClientCertToRequest(tlsConfig, options)

 	transport := &http.Transport{
 		DialContext:         dialer.Dial,
--- a/v2/pkg/protocols/http/httpclientpool/clientpool.go
+++ b/v2/pkg/protocols/http/httpclientpool/clientpool.go
@ -3,10 +3,8 @@ package httpclientpool
 import (
 	"context"
 	"crypto/tls"
-	"crypto/x509"
 	"fmt"
-	"io/ioutil"
-	"log"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/utils"
 	"net"
 	"net/http"
 	"net/http/cookiejar"
@ -170,26 +168,8 @@ func wrappedGet(options *types.Options, configuration *Configuration) (*retryabl
 		InsecureSkipVerify: true,
 	}

-	// Build the TLS config with the client certificate if it has been configured with the appropriate options.
-	// Only one of the options needs to be checked since the validation checks in main.go ensure that all three
-	// files are set if any of the client certification configuration options are.
-	if len(options.ClientCertFile) > 0 {
-		// Load the client certificate using the PEM encoded client certificate and the private key file
-		cert, err := tls.LoadX509KeyPair(options.ClientCertFile, options.ClientKeyFile)
-		if err != nil {
-			log.Fatal(err)
-		}
-		tlsConfig.Certificates = []tls.Certificate{cert}
-
-		// Load the certificate authority PEM certificate into the TLS configuration
-		caCert, err := ioutil.ReadFile(options.ClientCAFile)
-		if err != nil {
-			log.Fatal(err)
-		}
-		caCertPool := x509.NewCertPool()
-		caCertPool.AppendCertsFromPEM(caCert)
-		tlsConfig.RootCAs = caCertPool
-	}
+	// Add the client certificate authentication to the request if it's configured
+	tlsConfig = utils.AddConfiguredClientCertToRequest(tlsConfig, options)

 	transport := &http.Transport{
 		DialContext:         Dialer.Dial,
--- a/v2/pkg/protocols/utils/utils.go
+++ b/v2/pkg/protocols/utils/utils.go
@ -0,0 +1,34 @@
+package utils
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"github.com/projectdiscovery/nuclei/v2/pkg/types"
+	"io/ioutil"
+	"log"
+)
+
+// AddConfiguredClientCertToRequest adds the client certificate authentication to the tls.Config object and returns it
+func AddConfiguredClientCertToRequest(tlsConfig *tls.Config, options *types.Options) *tls.Config {
+	// Build the TLS config with the client certificate if it has been configured with the appropriate options.
+	// Only one of the options needs to be checked since the validation checks in main.go ensure that all three
+	// files are set if any of the client certification configuration options are.
+	if len(options.ClientCertFile) > 0 {
+		// Load the client certificate using the PEM encoded client certificate and the private key file
+		cert, err := tls.LoadX509KeyPair(options.ClientCertFile, options.ClientKeyFile)
+		if err != nil {
+			log.Fatal(err)
+		}
+		tlsConfig.Certificates = []tls.Certificate{cert}
+
+		// Load the certificate authority PEM certificate into the TLS configuration
+		caCert, err := ioutil.ReadFile(options.ClientCAFile)
+		if err != nil {
+			log.Fatal(err)
+		}
+		caCertPool := x509.NewCertPool()
+		caCertPool.AppendCertsFromPEM(caCert)
+		tlsConfig.RootCAs = caCertPool
+	}
+	return tlsConfig
+}