TLS checks now follow global timeout

Scans now check that the domain is valid before proceeding Refactored a few functions to improve readability Bumped dependency versions Fixed a couple of non thread-safe operations
globalcyberalliance · Nov 16, 2023 · 3279d82 · 3279d82
1 parent 68e4e3c
commit 3279d82
Show file tree

Hide file tree

Showing 17 changed files with 467 additions and 381 deletions.
diff --git a/Makefile b/Makefile
@@ -2,6 +2,7 @@ PROJECT			 := github.com/GlobalCyberAlliance/DomainSecurityScanner
 GO				 := $(shell which go 2>/dev/null)
 GOFIELDALIGNMENT := $(shell which fieldalignment 2>/dev/null)
 GOFUMPT			 := $(shell which gofumpt 2>/dev/null)
+GOLINTER		 := $(shell which staticcheck 2>/dev/null)
 GO_BENCH_FLAGS	 := -short -bench=. -benchmem
 GO_BENCH		 := $(GO) test $(GO_BENCH_FLAGS)
 GO_BUILD		 := CGO_ENABLED=0 $(GO) build -ldflags "-s -w" -trimpath
@@ -44,6 +45,14 @@ format:
 	@echo "Formatting code..."
 	@$(GO_FORMAT) $(PWD)
 
+lint:
+	@if [ -z "${GOLINTER}" ]; then \
+		echo "Cannot find 'staticcheck' in your $$PATH"; \
+		exit 1; \
+	fi
+	@echo "Running linter..."
+	@$(GOLINTER) ./...
+
 prepare:
 	@echo "Cleaning previous builds..."
 	@rm -rf bin build

diff --git a/cmd/dss/main.go b/cmd/dss/main.go
@@ -23,7 +23,7 @@ var (
 		Use:     "dss",
 		Short:   "Scan a domain's DNS records.",
 		Long:    "Scan a domain's DNS records.\nhttps://github.com/GlobalCyberAlliance/DomainSecurityScanner",
-		Version: "2.3.6",
+		Version: "2.4.0",
 		PersistentPreRun: func(cmd *cobra.Command, args []string) {
 			if debug {
 				log = zerolog.New(zerolog.ConsoleWriter{Out: os.Stdout, TimeFormat: time.RFC3339}).With().Timestamp().Logger().Level(zerolog.DebugLevel)

diff --git a/cmd/dss/scan.go b/cmd/dss/scan.go
@@ -5,7 +5,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/domain_advisor"
+	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/advisor"
 	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/model"
 	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/scanner"
 	"github.com/spf13/cobra"
@@ -50,6 +50,8 @@ var cmdScan = &cobra.Command{
 
 		sc.DKIMSelectors = dkimSelector
 
+		domainAdvisor := advisor.NewAdvisor(time.Duration(timeout) * time.Second)
+
 		if format == "csv" && outputFile == "" {
 			log.Info().Msg("CSV header: domain,A,AAAA,BIMI,CNAME,DKIM,DMARC,MX,SPF,TXT,duration,error,advice")
 		}

diff --git a/cmd/dss/serve.go b/cmd/dss/serve.go
@@ -3,6 +3,7 @@ package main
 import (
 	"time"
 
+	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/advisor"
 	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/http"
 	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/mail"
 	"github.com/GlobalCyberAlliance/DomainSecurityScanner/pkg/scanner"
@@ -52,6 +53,7 @@ var (
 				scanner.ConcurrentScans(concurrent),
 				scanner.UseCache(cache),
 				scanner.UseNameservers(nameservers),
+				scanner.WithDnsBuffer(dnsBuffer),
 				scanner.WithTimeout(time.Duration(timeout) * time.Second),
 			}
 
@@ -60,6 +62,7 @@ var (
 				log.Fatal().Err(err).Msg("could not create domain scanner")
 			}
 
+			server.Advisor = advisor.NewAdvisor(time.Duration(timeout) * time.Second)
 			server.CheckTls = checkTls
 			server.Scanner = sc
 
@@ -75,6 +78,7 @@ var (
 				scanner.ConcurrentScans(concurrent),
 				scanner.UseCache(cache),
 				scanner.UseNameservers(nameservers),
+				scanner.WithDnsBuffer(dnsBuffer),
 				scanner.WithTimeout(time.Duration(timeout) * time.Second),
 			}
 
@@ -83,7 +87,7 @@ var (
 				log.Fatal().Err(err).Msg("could not create scanner")
 			}
 
-			mailServer, err := mail.NewMailServer(mailConfig, log, sc)
+			mailServer, err := mail.NewMailServer(mailConfig, log, sc, advisor.NewAdvisor(time.Duration(timeout)*time.Second))
 			if err != nil {
 				log.Fatal().Err(err).Msg("could not open mail server connection")
 			}

diff --git a/go.mod b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/gin-gonic/gin v1.9.1
 	github.com/go-mail/mail/v2 v2.3.0
 	github.com/matcornic/hermes/v2 v2.1.0
-	github.com/miekg/dns v1.1.56
+	github.com/miekg/dns v1.1.57
 	github.com/pkg/errors v0.9.1
 	github.com/rs/cors v1.10.1
 	github.com/rs/zerolog v1.31.0
@@ -19,37 +19,40 @@ require (
 )
 
 require (
-	github.com/Masterminds/semver v1.4.2 // indirect
-	github.com/Masterminds/sprig v2.16.0+incompatible // indirect
-	github.com/PuerkitoBio/goquery v1.5.0 // indirect
-	github.com/andybalholm/cascadia v1.0.0 // indirect
-	github.com/aokoli/goutils v1.0.1 // indirect
-	github.com/bytedance/sonic v1.9.1 // indirect
-	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
-	github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21 // indirect
-	github.com/fsnotify/fsnotify v1.6.0 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
+	github.com/Masterminds/goutils v1.1.1 // indirect
+	github.com/Masterminds/semver v1.5.0 // indirect
+	github.com/Masterminds/sprig v2.22.0+incompatible // indirect
+	github.com/PuerkitoBio/goquery v1.8.1 // indirect
+	github.com/andybalholm/cascadia v1.3.2 // indirect
+	github.com/bytedance/sonic v1.10.2 // indirect
+	github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d // indirect
+	github.com/chenzhuoyu/iasm v0.9.1 // indirect
+	github.com/emersion/go-sasl v0.0.0-20231106173351-e73c9f7bad43 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
-	github.com/go-pkgz/expirable-cache v0.1.0 // indirect
+	github.com/go-pkgz/expirable-cache v1.0.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.14.0 // indirect
+	github.com/go-playground/validator/v10 v10.16.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
-	github.com/google/uuid v1.1.2 // indirect
-	github.com/gorilla/css v1.0.0 // indirect
+	github.com/google/uuid v1.4.0 // indirect
+	github.com/gorilla/css v1.0.1 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/huandu/xstrings v1.2.0 // indirect
+	github.com/huandu/xstrings v1.4.0 // indirect
 	github.com/imdario/mergo v0.3.6 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
-	github.com/jaytaylor/html2text v0.0.0-20180606194806-57d518f124b0 // indirect
+	github.com/jaytaylor/html2text v0.0.0-20230321000545-74c2419ad056 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.6 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/mattn/go-runewidth v0.0.3 // indirect
+	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/olekukonko/tablewriter v0.0.1 // indirect
@@ -64,18 +67,17 @@ require (
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
-	github.com/vanng822/css v0.0.0-20190504095207-a21e860bcd04 // indirect
-	github.com/vanng822/go-premailer v0.0.0-20191214114701-be27abe028fe // indirect
-	go.uber.org/atomic v1.9.0 // indirect
-	go.uber.org/multierr v1.9.0 // indirect
-	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/crypto v0.13.0 // indirect
-	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
-	golang.org/x/mod v0.12.0 // indirect
-	golang.org/x/net v0.15.0 // indirect
-	golang.org/x/sys v0.12.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
-	golang.org/x/tools v0.13.0 // indirect
+	github.com/vanng822/css v1.0.1 // indirect
+	github.com/vanng822/go-premailer v1.20.2 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	golang.org/x/arch v0.6.0 // indirect
+	golang.org/x/crypto v0.15.0 // indirect
+	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect
+	golang.org/x/mod v0.14.0 // indirect
+	golang.org/x/net v0.18.0 // indirect
+	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/tools v0.15.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect