mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-23 04:55:24 +00:00
Switch logic to a shared package
This commit is contained in:
kchason
parent
a911245d26
commit
a539184ffd
@ -2,9 +2,7 @@ package engine
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"crypto/x509"
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/utils"
|
||||||
"io/ioutil"
|
|
||||||
"log"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"time"
|
"time"
|
||||||
@ -23,26 +21,8 @@ func newhttpClient(options *types.Options) *http.Client {
|
|||||||
InsecureSkipVerify: true,
|
InsecureSkipVerify: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
// Build the TLS config with the client certificate if it has been configured with the appropriate options.
|
// Add the client certificate authentication to the request if it's configured
|
||||||
// Only one of the options needs to be checked since the validation checks in main.go ensure that all three
|
tlsConfig = utils.AddConfiguredClientCertToRequest(tlsConfig, options)
|
||||||
// files are set if any of the client certification configuration options are.
|
|
||||||
if len(options.ClientCertFile) > 0 {
|
|
||||||
// Load the client certificate using the PEM encoded client certificate and the private key file
|
|
||||||
cert, err := tls.LoadX509KeyPair(options.ClientCertFile, options.ClientKeyFile)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal(err)
|
|
||||||
}
|
|
||||||
tlsConfig.Certificates = []tls.Certificate{cert}
|
|
||||||
|
|
||||||
// Load the certificate authority PEM certificate into the TLS configuration
|
|
||||||
caCert, err := ioutil.ReadFile(options.ClientCAFile)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal(err)
|
|
||||||
}
|
|
||||||
caCertPool := x509.NewCertPool()
|
|
||||||
caCertPool.AppendCertsFromPEM(caCert)
|
|
||||||
tlsConfig.RootCAs = caCertPool
|
|
||||||
}
|
|
||||||
|
|
||||||
transport := &http.Transport{
|
transport := &http.Transport{
|
||||||
DialContext: dialer.Dial,
|
DialContext: dialer.Dial,
|
||||||
|
|||||||
@ -3,10 +3,8 @@ package httpclientpool
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"crypto/x509"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/utils"
|
||||||
"log"
|
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/cookiejar"
|
"net/http/cookiejar"
|
||||||
@ -170,26 +168,8 @@ func wrappedGet(options *types.Options, configuration *Configuration) (*retryabl
|
|||||||
InsecureSkipVerify: true,
|
InsecureSkipVerify: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
// Build the TLS config with the client certificate if it has been configured with the appropriate options.
|
// Add the client certificate authentication to the request if it's configured
|
||||||
// Only one of the options needs to be checked since the validation checks in main.go ensure that all three
|
tlsConfig = utils.AddConfiguredClientCertToRequest(tlsConfig, options)
|
||||||
// files are set if any of the client certification configuration options are.
|
|
||||||
if len(options.ClientCertFile) > 0 {
|
|
||||||
// Load the client certificate using the PEM encoded client certificate and the private key file
|
|
||||||
cert, err := tls.LoadX509KeyPair(options.ClientCertFile, options.ClientKeyFile)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal(err)
|
|
||||||
}
|
|
||||||
tlsConfig.Certificates = []tls.Certificate{cert}
|
|
||||||
|
|
||||||
// Load the certificate authority PEM certificate into the TLS configuration
|
|
||||||
caCert, err := ioutil.ReadFile(options.ClientCAFile)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal(err)
|
|
||||||
}
|
|
||||||
caCertPool := x509.NewCertPool()
|
|
||||||
caCertPool.AppendCertsFromPEM(caCert)
|
|
||||||
tlsConfig.RootCAs = caCertPool
|
|
||||||
}
|
|
||||||
|
|
||||||
transport := &http.Transport{
|
transport := &http.Transport{
|
||||||
DialContext: Dialer.Dial,
|
DialContext: Dialer.Dial,
|
||||||
|
|||||||
34
v2/pkg/protocols/utils/utils.go
Normal file
34
v2/pkg/protocols/utils/utils.go
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
package utils
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/tls"
|
||||||
|
"crypto/x509"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
||||||
|
"io/ioutil"
|
||||||
|
"log"
|
||||||
|
)
|
||||||
|
|
||||||
|
// AddConfiguredClientCertToRequest adds the client certificate authentication to the tls.Config object and returns it
|
||||||
|
func AddConfiguredClientCertToRequest(tlsConfig *tls.Config, options *types.Options) *tls.Config {
|
||||||
|
// Build the TLS config with the client certificate if it has been configured with the appropriate options.
|
||||||
|
// Only one of the options needs to be checked since the validation checks in main.go ensure that all three
|
||||||
|
// files are set if any of the client certification configuration options are.
|
||||||
|
if len(options.ClientCertFile) > 0 {
|
||||||
|
// Load the client certificate using the PEM encoded client certificate and the private key file
|
||||||
|
cert, err := tls.LoadX509KeyPair(options.ClientCertFile, options.ClientKeyFile)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
tlsConfig.Certificates = []tls.Certificate{cert}
|
||||||
|
|
||||||
|
// Load the certificate authority PEM certificate into the TLS configuration
|
||||||
|
caCert, err := ioutil.ReadFile(options.ClientCAFile)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
caCertPool := x509.NewCertPool()
|
||||||
|
caCertPool.AppendCertsFromPEM(caCert)
|
||||||
|
tlsConfig.RootCAs = caCertPool
|
||||||
|
}
|
||||||
|
return tlsConfig
|
||||||
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user