Compare commits
3 Commits
7bffb828e7
...
d5811ae08e
Author | SHA1 | Date |
---|---|---|
Jean-Louis Huynen | d5811ae08e | |
Jean-Louis Huynen | 7a6f8505a7 | |
Jean-Louis Huynen | 779c204b1b |
|
@ -4,7 +4,7 @@ analyzer-d4-passivessl fetch a redis feed of certificate and TLS sessions and ma
|
|||
```bash
|
||||
go get github.com/gomodule/redigo/redis
|
||||
go get github.com/lib/pq
|
||||
sudo apt install postgresql-plpython3-10
|
||||
sudo apt install postgresql-plpython3-[your psql version]
|
||||
```
|
||||
|
||||
# Config
|
||||
|
|
8
main.go
8
main.go
|
@ -87,7 +87,7 @@ var (
|
|||
recursive = flag.Bool("r", false, "should it open the directory recursively")
|
||||
tarball = flag.Bool("t", false, "is it a tar archive")
|
||||
format = flag.String("f", "json", "certificate file format [json, crt, der]")
|
||||
pull = flag.Bool("p", true, "pull from redis?")
|
||||
pull = flag.Bool("p", false, "pull from redis?")
|
||||
cr redis.Conn
|
||||
)
|
||||
|
||||
|
@ -380,8 +380,8 @@ func insertLeafCertificate(fp string, c certMapElm) error {
|
|||
}
|
||||
}
|
||||
J:
|
||||
// q := `INSERT INTO "certificate" (hash, "is_CA", "is_SS", issuer, subject, cert_chain, is_valid_chain, file_path) VALUES ($1, $2, $3, $4, $5, $6, $7, $8) ON CONFLICT DO NOTHING`
|
||||
q := `INSERT INTO "certificate" (hash, "is_CA", "is_SS", issuer, subject, cert_chain, is_valid_chain, file_path) VALUES ($1, $2, $3, $4, $5, $6, $7, $8) ON CONFLICT (hash) DO UPDATE SET file_path = excluded.file_path`
|
||||
// q := `INSERT INTO "certificate" (hash, "is_CA", "is_SS", issuer, subject, cert_chain, is_valid_chain, atrest_path) VALUES ($1, $2, $3, $4, $5, $6, $7, $8) ON CONFLICT DO NOTHING`
|
||||
q := `INSERT INTO "certificate" (hash, "is_CA", "is_SS", issuer, subject, cert_chain, is_valid_chain, atrest_path) VALUES ($1, $2, $3, $4, $5, $6, $7, $8) ON CONFLICT (hash) DO UPDATE SET atrest_path = excluded.atrest_path`
|
||||
_, err = db.Exec(q, c.CertHash, c.Certificate.IsCA, false, c.Certificate.Issuer.String(), c.Certificate.Subject.String(), nil, false, fp)
|
||||
fmt.Println(fp)
|
||||
if err != nil {
|
||||
|
@ -624,7 +624,7 @@ func unique(s []certMapElm) []certMapElm {
|
|||
}
|
||||
|
||||
func insertCertificate(fp string, c certMapElm) (string, error) {
|
||||
q := `INSERT INTO "certificate" (hash, "is_CA", "is_SS", issuer, subject, cert_chain, is_valid_chain, file_path) VALUES ($1, $2, $3, $4, $5, $6, $7, $8) ON CONFLICT DO NOTHING`
|
||||
q := `INSERT INTO "certificate" (hash, "is_CA", "is_SS", issuer, subject, cert_chain, is_valid_chain, atrest_path) VALUES ($1, $2, $3, $4, $5, $6, $7, $8) ON CONFLICT DO NOTHING`
|
||||
_, err := db.Exec(q, c.CertHash, c.Certificate.IsCA, c.chain.isSS, c.Certificate.Issuer.String(), c.Certificate.Subject.String(), c.chain.s, c.chain.isValid, getFullPath(fp, c.CertHash))
|
||||
if err != nil {
|
||||
return c.CertHash, err
|
||||
|
|
|
@ -68,7 +68,7 @@ ALTER TABLE public.public_key OWNER TO postgres;
|
|||
-- object: public.certificate | type: TABLE --
|
||||
-- DROP TABLE IF EXISTS public.certificate CASCADE;
|
||||
CREATE TABLE public.certificate(
|
||||
mounted_path character varying(4096) NOT NULL,
|
||||
mounted_path character varying(4096),
|
||||
issuer text,
|
||||
cert_chain ltree,
|
||||
subject text,
|
||||
|
@ -94,7 +94,7 @@ CREATE TABLE public.certificate(
|
|||
"PermittedURIDomains" text[],
|
||||
"ExcludedURIDomains" text[],
|
||||
fs_type smallint DEFAULT 0,
|
||||
atrest_path character varying(4096) NOT NULL,
|
||||
atrest_path character varying(4096),
|
||||
CONSTRAINT certificate_pk PRIMARY KEY (hash)
|
||||
|
||||
);
|
||||
|
@ -312,54 +312,8 @@ CREATE INDEX path_index ON public.certificate
|
|||
WITH (FILLFACTOR = 90);
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_validator | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_validator(oid) CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_validator ( _param1 oid)
|
||||
RETURNS void
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
STRICT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_validator';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_validator(oid) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_call_handler | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_call_handler() CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_call_handler ()
|
||||
RETURNS language_handler
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
CALLED ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_call_handler';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_call_handler() OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: pg_catalog.plpython3_inline_handler | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS pg_catalog.plpython3_inline_handler(internal) CASCADE;
|
||||
CREATE FUNCTION pg_catalog.plpython3_inline_handler ( _param1 internal)
|
||||
RETURNS void
|
||||
LANGUAGE c
|
||||
VOLATILE
|
||||
STRICT
|
||||
SECURITY INVOKER
|
||||
COST 1
|
||||
AS '$libdir/plpython3', 'plpython3_inline_handler';
|
||||
-- ddl-end --
|
||||
ALTER FUNCTION pg_catalog.plpython3_inline_handler(internal) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: plpython3u | type: LANGUAGE --
|
||||
-- DROP LANGUAGE IF EXISTS plpython3u CASCADE;
|
||||
CREATE LANGUAGE plpython3u
|
||||
HANDLER pg_catalog.plpython3_call_handler
|
||||
VALIDATOR pg_catalog.plpython3_validator
|
||||
INLINE pg_catalog.plpython3_inline_handler;
|
||||
CREATE LANGUAGE plpython3u;
|
||||
-- ddl-end --
|
||||
ALTER LANGUAGE plpython3u OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
@ -451,21 +405,11 @@ CREATE FUNCTION pg_catalog.plpython3_inline_handler_cp ( _param1 internal)
|
|||
ALTER FUNCTION pg_catalog.plpython3_inline_handler_cp(internal) OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: plpython3u_cp | type: LANGUAGE --
|
||||
-- DROP LANGUAGE IF EXISTS plpython3u_cp CASCADE;
|
||||
CREATE LANGUAGE plpython3u_cp
|
||||
HANDLER pg_catalog.plpython3_call_handler
|
||||
VALIDATOR pg_catalog.plpython3_validator
|
||||
INLINE pg_catalog.plpython3_inline_handler;
|
||||
-- ddl-end --
|
||||
ALTER LANGUAGE plpython3u_cp OWNER TO postgres;
|
||||
-- ddl-end --
|
||||
|
||||
-- object: public.zgrep | type: FUNCTION --
|
||||
-- DROP FUNCTION IF EXISTS public.zgrep(text,text) CASCADE;
|
||||
CREATE FUNCTION public.zgrep ( a text, b text)
|
||||
RETURNS integer
|
||||
LANGUAGE plpython3u_cp
|
||||
LANGUAGE plpython3u
|
||||
VOLATILE
|
||||
CALLED ON NULL INPUT
|
||||
SECURITY INVOKER
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#!/bin/bash
|
||||
# Set PGPASSWORD first
|
||||
# export PGPASSWORD=postgres
|
||||
export PGPASSWORD=postgres
|
||||
psql -hlocalhost -p5432 -Upostgres -f passivesslCreate.sql
|
||||
psql -hlocalhost -p5432 -Upostgres -d p2 -f passivessl.sql
|
||||
|
|
Loading…
Reference in New Issue