Golang Config.ClientDSAEnabled Examples

Programming Language: Golang

Namespace/Package Name: github.com/zmap/zgrab/ztools/ztls

Class/Type: Config

Method/Function: ClientDSAEnabled

Examples at hotexamples.com: 2

Golang Config.ClientDSAEnabled - 2 examples found. These are the top rated real world Golang examples of github.com/zmap/zgrab/ztools/ztls.Config.ClientDSAEnabled extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

CipherSuites(2)

ClientDSAEnabled(2)

ExtendedRandom(2)

ForceSessionTicketExt(2)

ForceSuites(2)

HeartbeatEnabled(2)

InsecureSkipVerify(2)

MaxVersion(2)

MinVersion(2)

RootCAs(2)

ServerName(2)

ExtendedMasterSecret(1)

Example #1

Show file

File: conn.go Project: aaspring/zgrab

// Extra method - Do a TLS Handshake and record progress
func (c *Conn) TLSHandshake() error {
	if c.isTls {
		return fmt.Errorf(
			"Attempted repeat handshake with remote host %s",
			c.RemoteAddr().String())
	}
	tlsConfig := new(ztls.Config)
	tlsConfig.InsecureSkipVerify = true
	tlsConfig.MinVersion = ztls.VersionSSL30
	tlsConfig.MaxVersion = c.maxTlsVersion
	tlsConfig.RootCAs = c.caPool
	tlsConfig.HeartbeatEnabled = true
	tlsConfig.ClientDSAEnabled = true
	if !c.noSNI && c.domain != "" {
		tlsConfig.ServerName = c.domain
	}
	if c.onlyDHE {
		tlsConfig.CipherSuites = ztls.DHECiphers
	}
	if c.onlyExports {
		tlsConfig.CipherSuites = ztls.RSA512ExportCiphers
	}
	if c.onlyExportsDH {
		tlsConfig.CipherSuites = ztls.DHEExportCiphers
	}
	if c.chromeCiphers {
		tlsConfig.CipherSuites = ztls.ChromeCiphers
	}
	if c.chromeNoDHE {
		tlsConfig.CipherSuites = ztls.ChromeNoDHECiphers
	}
	if c.firefoxCiphers {
		tlsConfig.CipherSuites = ztls.FirefoxCiphers
	}
	if c.firefoxNoDHECiphers {
		tlsConfig.CipherSuites = ztls.FirefoxNoDHECiphers
	}

	if c.safariCiphers {
		tlsConfig.CipherSuites = ztls.SafariCiphers
		tlsConfig.ForceSuites = true
	}
	if c.safariNoDHECiphers {
		tlsConfig.CipherSuites = ztls.SafariNoDHECiphers
		tlsConfig.ForceSuites = true
	}
	if c.extendedRandom {
		tlsConfig.ExtendedRandom = true
	}
	if c.gatherSessionTicket {
		tlsConfig.ForceSessionTicketExt = true
	}
	if c.offerExtendedMasterSecret {
		tlsConfig.ExtendedMasterSecret = true
	}

	c.tlsConn = ztls.Client(c.conn, tlsConfig)
	c.tlsConn.SetReadDeadline(c.readDeadline)
	c.tlsConn.SetWriteDeadline(c.writeDeadline)
	c.isTls = true
	err := c.tlsConn.Handshake()
	if tlsConfig.ForceSuites && err == ztls.ErrUnimplementedCipher {
		err = nil
	}
	hl := c.tlsConn.GetHandshakeLog()

	if !c.tlsVerbose {
		hl.KeyMaterial = nil
		hl.ClientHello = nil
		hl.ClientFinished = nil
		hl.ClientKeyExchange = nil
	}

	c.grabData.TLSHandshake = hl
	return err
}

Example #2

Show file

File: grabber.go Project: aaspring/zgrab

func makeHTTPGrabber(config *Config, grabData GrabData) func(string) error {
	g := func(addr string) error {

		var tlsConfig *ztls.Config
		if config.TLS {
			tlsConfig = new(ztls.Config)
			tlsConfig.InsecureSkipVerify = true
			tlsConfig.MinVersion = ztls.VersionSSL30
			tlsConfig.MaxVersion = config.TLSVersion
			tlsConfig.RootCAs = config.RootCAPool
			tlsConfig.HeartbeatEnabled = true
			tlsConfig.ClientDSAEnabled = true
			if config.DHEOnly {
				tlsConfig.CipherSuites = ztls.DHECiphers
			}
			if config.ExportsOnly {
				tlsConfig.CipherSuites = ztls.RSA512ExportCiphers
			}
			if config.ExportsDHOnly {
				tlsConfig.CipherSuites = ztls.DHEExportCiphers
			}
			if config.ChromeOnly {
				tlsConfig.CipherSuites = ztls.ChromeCiphers
			}
			if config.ChromeNoDHE {
				tlsConfig.CipherSuites = ztls.ChromeNoDHECiphers
			}
			if config.FirefoxOnly {
				tlsConfig.CipherSuites = ztls.FirefoxCiphers
			}
			if config.FirefoxNoDHE {
				tlsConfig.CipherSuites = ztls.FirefoxNoDHECiphers
			}

			if config.SafariOnly {
				tlsConfig.CipherSuites = ztls.SafariCiphers
				tlsConfig.ForceSuites = true
			}
			if config.SafariNoDHE {
				tlsConfig.CipherSuites = ztls.SafariNoDHECiphers
				tlsConfig.ForceSuites = true
			}
			if config.TLSExtendedRandom {
				tlsConfig.ExtendedRandom = true
			}
			if config.GatherSessionTicket {
				tlsConfig.ForceSessionTicketExt = true
			}
			if !config.NoSNI && addr != "" {
				tlsConfig.ServerName = addr
			}

		}

		transport := &http.Transport{
			Proxy:               nil, // TODO: implement proxying
			Dial:                makeNetDialer(config),
			DisableKeepAlives:   false,
			DisableCompression:  false,
			MaxIdleConnsPerHost: -1,
			TLSClientConfig:     tlsConfig,
		}

		client := &http.Client{
			CheckRedirect: func(req *http.Request, res *http.Response, via []*http.Request) error {
				grabData.HTTP.RedirectResponseChain = append(grabData.HTTP.RedirectResponseChain, res)
				if str, err := util.ReadString(res.Body, config.HTTP.MaxSize*1000); err != nil {
					return err
				} else {
					res.BodyText = str
					m := sha256.New()
					m.Write([]byte(str))
					res.BodySHA256 = m.Sum(nil)
				}
				res.Body.Close()

				if len(via) > config.HTTP.MaxRedirects {
					return errors.New(fmt.Sprintf("stopped after %d redirects", config.HTTP.MaxRedirects))
				}

				return nil
			}, //Defaults to following up to 10 redirects
			Jar:       nil, // Don't send or receive cookies (otherwise use CookieJar)
			Transport: transport,
		}

		var fullURL string

		if config.TLS {
			fullURL = "https://" + addr
		} else {
			fullURL = "http://" + addr
		}

		if resp, err := client.Get(fullURL); err != nil {
			config.ErrorLog.Errorf("Could not connect to remote host %s: %s", addr, err.Error())
			return err
		} else {
			grabData.HTTP.Response = resp

			if str, err := util.ReadString(resp.Body, config.HTTP.MaxSize*1000); err != nil {
				return err
			} else {
				grabData.HTTP.Response.BodyText = str
				m := sha256.New()
				m.Write([]byte(str))
				grabData.HTTP.Response.BodySHA256 = m.Sum(nil)

			}

			resp.Body.Close()
		}

		return nil
	}

	return g
}