tracker/services/scanners/https/scan/models.py at master · LearningAzure2020/tracker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
class Domain(object):
    def __init__(self, domain):
        self.domain = domain

        # 4 endpoints for each domain.
        self.http = None
        self.httpwww = None
        self.https = None
        self.httpswww = None
        self.unknown_error = False

        # Filled in after analyzing each endpoint.
        self.canonical = None

    def to_object(self):
        return {
            "https": self.https.to_object(),
            "httpswww": self.httpswww.to_object(),
            "http": self.http.to_object(),
            "httpwww": self.httpwww.to_object(),
        }


class Endpoint(object):
    def __init__(self, protocol, host, base_domain):
        # Basic endpoint description
        self.protocol = protocol
        self.host = host  # "www" or "root"
        self.base_domain = base_domain
        self.url = self.url_for(protocol, host, base_domain)

        # all HTTP/HTTPS endpoints have these
        self.headers = (
            {}
        )  # will be replaced with a requests.structures.CaseInsensitiveDict
        self.status = None
        self.live = None
        self.ip = None
        self.redirect = None
        self.server_header = None
        self.server_version = None
        self.unknown_error = False
        self.notes = ""

        # If an endpoint redirects, characterize the redirect behavior
        self.redirect_immediately_to = None
        self.redirect_immediately_to_www = None
        self.redirect_immediately_to_https = None
        self.redirect_immediately_to_http = None
        self.redirect_immediately_to_external = None
        self.redirect_immediately_to_subdomain = None
        self.redirect_eventually_to = None
        self.redirect_eventually_to_https = None
        self.redirect_eventually_to_http = None
        self.redirect_eventually_to_external = None
        self.redirect_eventually_to_subdomain = None

        # Only HTTPS endpoints have these.
        # Initialize all of them to None, so that it's
        # discernible if they don't get explicitly set.
        self.https_full_connection = None
        self.https_client_auth_required = False
        self.https_valid = None
        self.https_public_trusted = None
        self.https_custom_trusted = None
        self.https_bad_chain = None
        self.https_bad_hostname = None
        self.https_expired_cert = None
        self.https_self_signed_cert = None
        self.https_cert_chain_len = None
        self.https_missing_intermediate_cert = None
        self.hsts = None
        self.hsts_header = None
        self.hsts_max_age = None
        self.hsts_all_subdomains = None
        self.hsts_preload = None
        self.hsts_preloaded = None
        self.https_cert_revoked = False

    def url_for(self, protocol, host, base_domain):
        if host == "root":
            prefix = ""
        elif host == "www":
            prefix = "www."

        return "%s://%s%s" % (protocol, prefix, base_domain)

    # The fields we want to serialize to JSON.
    def to_object(self):
        obj = {
            "url": self.url,
            "headers": dict(self.headers),
            "status": self.status,
            "ip": self.ip,
            "live": self.live,
            "redirect": self.redirect,
            "redirect_eventually_to": self.redirect_eventually_to,
            "redirect_immediately_to": self.redirect_immediately_to,
            "redirect_immediately_to_www": self.redirect_immediately_to_www,
            "redirect_immediately_to_https": self.redirect_immediately_to_https,
            "redirect_immediately_to_http": self.redirect_immediately_to_http,
            "redirect_immediately_to_external": self.redirect_immediately_to_external,
            "redirect_immediately_to_subdomain": self.redirect_immediately_to_subdomain,
            "redirect_eventually_to_https": self.redirect_eventually_to_https,
            "redirect_eventually_to_http": self.redirect_eventually_to_http,
            "redirect_eventually_to_external": self.redirect_eventually_to_external,
            "redirect_eventually_to_subdomain": self.redirect_eventually_to_subdomain,
            "server_header": self.server_header,
            "server_version": self.server_version,
            "notes": self.notes,
            "unknown_error": self.unknown_error,
        }

        if self.protocol == "https":
            obj["https_full_connection"] = self.https_full_connection
            obj["https_client_auth_required"] = self.https_client_auth_required
            obj["https_valid"] = self.https_valid
            obj["https_public_trusted"] = self.https_public_trusted
            obj["https_custom_trusted"] = self.https_custom_trusted
            obj["https_bad_chain"] = self.https_bad_chain
            obj["https_bad_hostname"] = self.https_bad_hostname
            obj["https_expired_cert"] = self.https_expired_cert
            obj["https_self_signed_cert"] = self.https_self_signed_cert
            obj["https_cert_chain_len"] = self.https_cert_chain_len
            obj[
                "https_missing_intermediate_cert"
            ] = self.https_missing_intermediate_cert
            obj["hsts"] = self.hsts
            obj["hsts_header"] = self.hsts_header
            obj["hsts_max_age"] = self.hsts_max_age
            obj["hsts_all_subdomains"] = self.hsts_all_subdomains
            obj["hsts_preload"] = self.hsts_preload

        return obj