func main() {
log := logger.GetLogger()
router := NewRouter()
var cfgFile string
var debug bool
flag.StringVar(&cfgFile, "c", "/etc/tls-observatory/api.cfg", "Input file csv format")
flag.BoolVar(&debug, "debug", false, "Set debug logging")
flag.Parse()
if debug {
logger.SetLevelToDebug()
}
conf, err := config.Load(cfgFile)
if err != nil {
log.Fatal("Failed to load configuration: %v", err)
}
if !conf.General.Enable && os.Getenv("TLSOBS_API_ENABLE") != "on" {
log.Fatal("API is disabled in configuration")
}
dbtls := "disable"
if conf.General.PostgresUseTLS {
dbtls = "verify-full"
}
db, err := pg.RegisterConnection(
conf.General.PostgresDB,
conf.General.PostgresUser,
conf.General.PostgresPass,
conf.General.Postgres,
dbtls)
defer db.Close()
if err != nil {
log.Fatal(err)
}
db.SetMaxOpenConns(runtime.NumCPU() * 27)
db.SetMaxIdleConns(2)
// simple DB watchdog, crashes the process if connection dies
go func() {
for {
var one uint
err = db.QueryRow("SELECT 1").Scan(&one)
if err != nil {
log.Fatal("Database connection failed:", err)
}
if one != 1 {
log.Fatal("Apparently the database doesn't know the meaning of one anymore. Crashing.")
}
time.Sleep(10 * time.Second)
}
}()
scanRefreshRate = float64(conf.General.ScanRefreshRate)
// wait for clients
err = http.ListenAndServe(":8083", Adapt(router, AddDB(db)))
log.Fatal(err)
}
func main() {
var (
cfgFile, cipherscan string
debug bool
)
flag.StringVar(&cfgFile, "c", "/etc/tls-observatory/scanner.cfg", "Configuration file")
flag.StringVar(&cipherscan, "b", "/opt/cipherscan/cipherscan", "Cipherscan binary location")
flag.BoolVar(&debug, "debug", false, "Set debug logging")
flag.Parse()
if debug {
logger.SetLevelToDebug()
}
conf, err := config.Load(cfgFile)
if err != nil {
log.Fatal(fmt.Sprintf("Failed to load configuration: %v", err))
}
if !conf.General.Enable && os.Getenv("TLSOBS_SCANNER_ENABLE") != "on" {
log.Fatal("Scanner is disabled in configuration")
}
_, err = os.Stat(cipherscan)
if err != nil {
log.WithFields(logrus.Fields{
"error": err.Error(),
}).Error("Could not locate cipherscan executable. TLS connection capabilities will not be available.")
}
// increase the n
runtime.GOMAXPROCS(conf.General.MaxProc)
dbtls := "disable"
if conf.General.PostgresUseTLS {
dbtls = "verify-full"
}
db, err = pg.RegisterConnection(
conf.General.PostgresDB,
conf.General.PostgresUser,
conf.General.PostgresPass,
conf.General.Postgres,
dbtls)
defer db.Close()
if err != nil {
log.WithFields(logrus.Fields{
"error": err.Error(),
}).Fatal("Failed to connect to database")
}
db.SetMaxOpenConns(conf.General.MaxProc)
db.SetMaxIdleConns(10)
// simple DB watchdog, crashes the process if connection dies
go func() {
for {
var one uint
err = db.QueryRow("SELECT 1").Scan(&one)
if err != nil {
log.Fatal("Database connection failed:", err)
}
if one != 1 {
log.Fatal("Apparently the database doesn't know the meaning of one anymore. Crashing.")
}
time.Sleep(10 * time.Second)
}
}()
incomingScans := db.RegisterScanListener(
conf.General.PostgresDB,
conf.General.PostgresUser,
conf.General.PostgresPass,
conf.General.Postgres,
"disable")
Setup(conf)
activeScanners := 0
for scanID := range incomingScans {
// wait until we have an available scanner
for {
if activeScanners >= conf.General.MaxProc {
time.Sleep(time.Second)
} else {
break
}
}
go func() {
activeScanners++
scan(scanID, cipherscan)
activeScanners--
}()
}
}