ssh_scan_api 0.0.1.pre2 → 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,30 +1,36 @@
1
1
  module SSHScan
2
- class Authenticator
3
- attr_reader :config
2
+ module Api
3
+ class Authenticator
4
+ attr_reader :config
4
5
 
5
- def initialize(config)
6
- @config = config
7
- end
6
+ def initialize(config = {})
7
+ @config = config
8
+ end
8
9
 
9
- def self.from_config_file(config_file)
10
- opts = YAML.load_file(config_file)
11
- SSHScan::Authenticator.new(opts)
12
- end
10
+ def self.from_config_file(config_file)
11
+ opts = YAML.load_file(config_file)
12
+ SSHScan::Api::Authenticator.new(opts)
13
+ end
13
14
 
14
- def valid_token?(token)
15
- if @config["users"]
16
- @config["users"].each do |user|
17
- return true if user["token"] == token
15
+ def valid_token?(token)
16
+ if @config["users"]
17
+ @config["users"].each do |user|
18
+ return true if user["token"] == token
19
+ end
18
20
  end
19
- end
20
21
 
21
- if @config["workers"]
22
- @config["workers"].each do |worker|
23
- return true if worker["token"] == token
22
+ if @config["workers"]
23
+ @config["workers"].each do |worker|
24
+ return true if worker["token"] == token
25
+ end
26
+ end
27
+
28
+ if ENV['sshscan.worker.token'] == token
29
+ return true
24
30
  end
25
- end
26
31
 
27
- return false
32
+ return false
33
+ end
28
34
  end
29
35
  end
30
36
  end
@@ -0,0 +1,58 @@
1
+ module SSHScan
2
+ module Api
3
+ module Constants
4
+ CONTRIBUTE_JSON = {
5
+ :name => "ssh_scan api",
6
+ :description => "An api for performing ssh compliance \
7
+ and policy scanning",
8
+ :repository => {
9
+ :url => "https://github.com/mozilla/ssh_scan",
10
+ :tests => "https://travis-ci.org/mozilla/ssh_scan",
11
+ },
12
+ :participate => {
13
+ :home => "https://github.com/mozilla/ssh_scan",
14
+ :docs => "https://github.com/mozilla/ssh_scan",
15
+ :irc => "irc://irc.mozilla.org/#infosec",
16
+ :irc_contacts => [
17
+ "claudijd",
18
+ "pwnbus",
19
+ "kang",
20
+ ],
21
+ :gitter => "https://gitter.im/mozilla-ssh_scan/Lobby",
22
+ :gitter_contacts => [
23
+ "claudijd",
24
+ "pwnbus",
25
+ "kang",
26
+ "jinankjain",
27
+ "agaurav77"
28
+ ],
29
+ },
30
+ :bugs => {
31
+ :list => "https://github.com/mozilla/ssh_scan/issues",
32
+ },
33
+ :keywords => [
34
+ "ruby",
35
+ "sinatra",
36
+ ],
37
+ :urls => {
38
+ :dev => "https://sshscan.rubidus.com",
39
+ }
40
+ }.freeze
41
+
42
+ VALID_CHAR_LIST = (("0".."9").to_a + ("a".."z").to_a + ("A".."Z").to_a + [":", ".", "-"]).freeze
43
+
44
+ INVALID_TARGET_REGEXES = [
45
+ '^127\.', # Forbid IPv4 localhosts
46
+ '^::1', # Forbid IPv6 localhosts
47
+ '^10\.', # Forbid RFC1918
48
+ '^192\.168', # Forbid RFC1918
49
+ '^172\.(1[6-9]|2[0-9]|3[0-1])' # Forbid RFC1918
50
+ ].freeze
51
+
52
+ INVALID_TARGET_STRINGS = [
53
+ 'localhost', # Forbid localhost ref verbatim
54
+ 'notallowed.example.com', # an FQDN example, so we know can prevent a FQDN from being scanned for whatever reason
55
+ ].freeze
56
+ end
57
+ end
58
+ end
@@ -0,0 +1,7 @@
1
+ require 'sinatra/activerecord'
2
+
3
+ class SSHScan::Scan < ActiveRecord::Base
4
+ validates_presence_of :target
5
+ validates_presence_of :port
6
+ validates_presence_of :state
7
+ end
@@ -0,0 +1,50 @@
1
+ require 'ssh_scan_api/constants'
2
+
3
+
4
+ module SSHScan
5
+ module Api
6
+ class TargetValidator
7
+ def initialize(config = {})
8
+ @invalid_target_regexes = config["invalid_target_regexes"] || SSHScan::Api::Constants::INVALID_TARGET_REGEXES
9
+ @invalid_target_strings = config["invalid_target_strings"] || SSHScan::Api::Constants::INVALID_TARGET_STRINGS
10
+ @valid_char_list = config["valid_char_list"] || SSHScan::Api::Constants::VALID_CHAR_LIST
11
+ end
12
+
13
+ def invalid_char?(target_string)
14
+ target_string.chars.each do |char|
15
+ return true unless @valid_char_list.include?(char)
16
+ end
17
+
18
+ return false
19
+ end
20
+
21
+ def invalid?(target_string)
22
+ !valid?(target_string)
23
+ end
24
+
25
+ def valid?(target_string)
26
+ return false unless target_string.is_a?(String)
27
+ return false if target_string.empty?
28
+ return false if invalid_char?(target_string)
29
+
30
+ if @invalid_target_regexes.is_a?(::Array)
31
+ @invalid_target_regexes.each do |invalid_regex|
32
+ if target_string.match(Regexp.new(invalid_regex))
33
+ return false
34
+ end
35
+ end
36
+ end
37
+
38
+ if @invalid_target_strings.is_a?(::Array)
39
+ @invalid_target_strings.each do |invalid_string|
40
+ if target_string.chomp.downcase == invalid_string.chomp.downcase
41
+ return false
42
+ end
43
+ end
44
+ end
45
+
46
+ return true
47
+ end
48
+ end
49
+ end
50
+ end
@@ -1,3 +1,5 @@
1
1
  module SSHScan
2
- API_VERSION = '0.0.1.pre2'
2
+ module Api
3
+ VERSION = '0.0.1'
4
+ end
3
5
  end
@@ -1,10 +1,9 @@
1
- $: << "lib"
2
- require 'ssh_scan_api/version'
1
+ require_relative 'lib/ssh_scan_api/version'
3
2
  require 'date'
4
3
 
5
4
  Gem::Specification.new do |s|
6
5
  s.name = 'ssh_scan_api'
7
- s.version = SSHScan::API_VERSION
6
+ s.version = SSHScan::Api::VERSION
8
7
  s.authors = ["Harsh Vardhan", "Rishabh Saxena", "Ashish Gaurav", "Jonathan Claudius" ]
9
8
  s.date = Date.today.to_s
10
9
  s.email = 'jclaudius@mozilla.com'
@@ -26,18 +25,19 @@ Gem::Specification.new do |s|
26
25
  s.description = 'An API for performing SSH scans'
27
26
  s.homepage = 'http://rubygems.org/gems/ssh_scan_api'
28
27
 
29
- s.add_dependency('ssh_scan', '0.0.17.pre')
30
- s.add_dependency('mongo')
31
- s.add_dependency('sqlite3')
28
+ s.add_dependency('ssh_scan', '0.0.35')
32
29
  s.add_dependency('sinatra')
33
30
  s.add_dependency('sinatra-contrib')
31
+ s.add_dependency('sinatra-activerecord')
32
+ s.add_dependency('pg', '~> 0.21')
34
33
  s.add_dependency('thin')
35
34
  s.add_dependency('haml')
36
- s.add_dependency('secure_headers')
35
+ s.add_dependency('secure_headers', '3.6.4')
37
36
  s.add_development_dependency('rack-test')
37
+ s.add_development_dependency('coveralls')
38
38
  s.add_development_dependency('pry')
39
39
  s.add_development_dependency('rspec', '~> 3.0')
40
40
  s.add_development_dependency('rspec-its', '~> 1.2')
41
- s.add_development_dependency('rake', '~> 10.3')
41
+ s.add_development_dependency('rake')
42
42
  s.add_development_dependency('rubocop')
43
43
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ssh_scan_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1.pre2
4
+ version: 0.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Harsh Vardhan
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2017-03-02 00:00:00.000000000 Z
14
+ date: 2018-06-26 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: ssh_scan
@@ -19,16 +19,16 @@ dependencies:
19
19
  requirements:
20
20
  - - '='
21
21
  - !ruby/object:Gem::Version
22
- version: 0.0.17.pre
22
+ version: 0.0.35
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  requirements:
27
27
  - - '='
28
28
  - !ruby/object:Gem::Version
29
- version: 0.0.17.pre
29
+ version: 0.0.35
30
30
  - !ruby/object:Gem::Dependency
31
- name: mongo
31
+ name: sinatra
32
32
  requirement: !ruby/object:Gem::Requirement
33
33
  requirements:
34
34
  - - ">="
@@ -42,7 +42,7 @@ dependencies:
42
42
  - !ruby/object:Gem::Version
43
43
  version: '0'
44
44
  - !ruby/object:Gem::Dependency
45
- name: sqlite3
45
+ name: sinatra-contrib
46
46
  requirement: !ruby/object:Gem::Requirement
47
47
  requirements:
48
48
  - - ">="
@@ -56,7 +56,7 @@ dependencies:
56
56
  - !ruby/object:Gem::Version
57
57
  version: '0'
58
58
  - !ruby/object:Gem::Dependency
59
- name: sinatra
59
+ name: sinatra-activerecord
60
60
  requirement: !ruby/object:Gem::Requirement
61
61
  requirements:
62
62
  - - ">="
@@ -70,19 +70,19 @@ dependencies:
70
70
  - !ruby/object:Gem::Version
71
71
  version: '0'
72
72
  - !ruby/object:Gem::Dependency
73
- name: sinatra-contrib
73
+ name: pg
74
74
  requirement: !ruby/object:Gem::Requirement
75
75
  requirements:
76
- - - ">="
76
+ - - "~>"
77
77
  - !ruby/object:Gem::Version
78
- version: '0'
78
+ version: '0.21'
79
79
  type: :runtime
80
80
  prerelease: false
81
81
  version_requirements: !ruby/object:Gem::Requirement
82
82
  requirements:
83
- - - ">="
83
+ - - "~>"
84
84
  - !ruby/object:Gem::Version
85
- version: '0'
85
+ version: '0.21'
86
86
  - !ruby/object:Gem::Dependency
87
87
  name: thin
88
88
  requirement: !ruby/object:Gem::Requirement
@@ -113,12 +113,26 @@ dependencies:
113
113
  version: '0'
114
114
  - !ruby/object:Gem::Dependency
115
115
  name: secure_headers
116
+ requirement: !ruby/object:Gem::Requirement
117
+ requirements:
118
+ - - '='
119
+ - !ruby/object:Gem::Version
120
+ version: 3.6.4
121
+ type: :runtime
122
+ prerelease: false
123
+ version_requirements: !ruby/object:Gem::Requirement
124
+ requirements:
125
+ - - '='
126
+ - !ruby/object:Gem::Version
127
+ version: 3.6.4
128
+ - !ruby/object:Gem::Dependency
129
+ name: rack-test
116
130
  requirement: !ruby/object:Gem::Requirement
117
131
  requirements:
118
132
  - - ">="
119
133
  - !ruby/object:Gem::Version
120
134
  version: '0'
121
- type: :runtime
135
+ type: :development
122
136
  prerelease: false
123
137
  version_requirements: !ruby/object:Gem::Requirement
124
138
  requirements:
@@ -126,7 +140,7 @@ dependencies:
126
140
  - !ruby/object:Gem::Version
127
141
  version: '0'
128
142
  - !ruby/object:Gem::Dependency
129
- name: rack-test
143
+ name: coveralls
130
144
  requirement: !ruby/object:Gem::Requirement
131
145
  requirements:
132
146
  - - ">="
@@ -185,16 +199,16 @@ dependencies:
185
199
  name: rake
186
200
  requirement: !ruby/object:Gem::Requirement
187
201
  requirements:
188
- - - "~>"
202
+ - - ">="
189
203
  - !ruby/object:Gem::Version
190
- version: '10.3'
204
+ version: '0'
191
205
  type: :development
192
206
  prerelease: false
193
207
  version_requirements: !ruby/object:Gem::Requirement
194
208
  requirements:
195
- - - "~>"
209
+ - - ">="
196
210
  - !ruby/object:Gem::Version
197
- version: '10.3'
211
+ version: '0'
198
212
  - !ruby/object:Gem::Dependency
199
213
  name: rubocop
200
214
  requirement: !ruby/object:Gem::Requirement
@@ -227,11 +241,9 @@ files:
227
241
  - lib/ssh_scan_api.rb
228
242
  - lib/ssh_scan_api/api.rb
229
243
  - lib/ssh_scan_api/authenticator.rb
230
- - lib/ssh_scan_api/database.rb
231
- - lib/ssh_scan_api/database/mongo.rb
232
- - lib/ssh_scan_api/database/sqlite.rb
233
- - lib/ssh_scan_api/job_queue.rb
234
- - lib/ssh_scan_api/stats.rb
244
+ - lib/ssh_scan_api/constants.rb
245
+ - lib/ssh_scan_api/models/scan.rb
246
+ - lib/ssh_scan_api/target_validator.rb
235
247
  - lib/ssh_scan_api/version.rb
236
248
  - ssh_scan_api.gemspec
237
249
  homepage: http://rubygems.org/gems/ssh_scan_api
@@ -249,12 +261,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
249
261
  version: '0'
250
262
  required_rubygems_version: !ruby/object:Gem::Requirement
251
263
  requirements:
252
- - - ">"
264
+ - - ">="
253
265
  - !ruby/object:Gem::Version
254
- version: 1.3.1
266
+ version: '0'
255
267
  requirements: []
256
268
  rubyforge_project:
257
- rubygems_version: 2.6.2
269
+ rubygems_version: 2.6.13
258
270
  signing_key:
259
271
  specification_version: 4
260
272
  summary: ssh_scan API
@@ -1,61 +0,0 @@
1
- require 'ssh_scan_api/database/mongo'
2
- require 'ssh_scan_api/database/sqlite'
3
-
4
- module SSHScan
5
- class Database
6
- attr_reader :database
7
-
8
- # @param [SSHScan::Database::MongoDb, SSHScan::Database::SQLite] database
9
- def initialize(database)
10
- @database = database
11
- end
12
-
13
- # @param [Hash] opts
14
- # @return [SSHScan::Database]
15
- def self.from_hash(opts)
16
- database_options = opts["database"]
17
-
18
- # Figure out what database object to load
19
- case database_options["type"]
20
- when "sqlite"
21
- database = SSHScan::DB::SQLite.from_hash(database_options)
22
- when "mongodb"
23
- database = SSHScan::DB::MongoDb.from_hash(database_options)
24
- else
25
- raise "Database type of #{database_options[:type].class} not supported"
26
- end
27
-
28
- SSHScan::Database.new(database)
29
- end
30
-
31
- # @param [String] worker_id
32
- # @param [String] uuid
33
- # @param [Hash] result
34
- # @return [Nil]
35
- def add_scan(worker_id, uuid, result, socket)
36
- @database.add_scan(worker_id, uuid, result, socket)
37
- return nil
38
- end
39
-
40
- # @param [String] uuid
41
- # @return [Nil]
42
- def delete_scan(uuid)
43
- @database.delete_scan(uuid)
44
- end
45
-
46
- # @return [Nil]
47
- def delete_all
48
- @database.delete_all
49
- end
50
-
51
- # @return [Hash] result
52
- def find_scan_result(uuid)
53
- @database.find_scan_result(uuid)
54
- end
55
-
56
- # @return [Hash] result
57
- def fetch_cached_result(socket)
58
- @database.fetch_cached_result(socket)
59
- end
60
- end
61
- end