search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
increase default ScanWorker to 2000
[gscan_quic.git] / sni.go
blobe93e7bd783bae42e44e802e59374aac893f11f5e
1 package main
2
3 import (
4 "crypto/tls"
5 "net"
6 "net/http"
7 "net/http/httputil"
8 "time"
9 "math/rand"
10 )
11
12 func testSni(ip string, config *ScanConfig, record *ScanRecord) bool {
13 tlscfg := &tls.Config{
14 InsecureSkipVerify: true,
15 }
16 var Host string
17 if len(config.HTTPVerifyHosts) == 0 {
18 Host = randomHost()
19 } else {
20 Host = config.HTTPVerifyHosts[rand.Intn(len(config.HTTPVerifyHosts))]
21 }
22 for _, serverName := range config.ServerName {
23 start := time.Now()
24 conn, err := net.DialTimeout("tcp", net.JoinHostPort(ip, "443"), config.ScanMaxRTT)
25 if err != nil {
26 return false
27 }
28
29 tlscfg.ServerName = serverName
30 tlsconn := tls.Client(conn, tlscfg)
31 tlsconn.SetDeadline(time.Now().Add(config.HandshakeTimeout))
32 if err = tlsconn.Handshake(); err != nil {
33 tlsconn.Close()
34 return false
35 }
36 if config.Level > 1 {
37 pcs := tlsconn.ConnectionState().PeerCertificates
38 if len(pcs) == 0 || pcs[0].Subject.CommonName != serverName {
39 tlsconn.Close()
40 return false
41 }
42 }
43 if config.Level > 2 {
44 req, err := http.NewRequest(http.MethodHead, "https://"+serverName, nil)
45 req.Header.Add("Host", Host)
46 if err != nil {
47 tlsconn.Close()
48 return false
49 }
50 tlsconn.SetDeadline(time.Now().Add(config.ScanMaxRTT - time.Since(start)))
51 resp, err := httputil.NewClientConn(tlsconn, nil).Do(req)
52 if err != nil {
53 tlsconn.Close()
54 return false
55 }
56 // io.Copy(os.Stdout, resp.Body)
57 // if resp.Body != nil {
58 // io.Copy(ioutil.Discard, resp.Body)
59 // resp.Body.Close()
60 // }
61 if resp.StatusCode != 404 {
62 tlsconn.Close()
63 return false
64 }
65 }
66
67 tlsconn.Close()
68
69 rtt := time.Since(start)
70 if rtt < config.ScanMinRTT {
71 return false
72 }
73 record.RTT += rtt
74 }
75 return true
76 }
utility for scanning IP