Added HTTP_SKIP_CERT_VALIDATION and http implementation to http util

COSSAS · May 6, 2024 · ee3afb6 · ee3afb6
1 parent 1648245
commit ee3afb6
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 3 deletions.
diff --git a/.env.example b/.env.example
@@ -16,4 +16,6 @@ LOG_FORMAT: "json"
 
 ENABLE_FINS: false
 MQTT_BROKER: "localhost"
-MQTT_PORT: 1883
+MQTT_PORT: 1883
+
+HTTP_SKIP_CERT_VALIDATION: false
diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -27,6 +27,7 @@ services:
       DB_PASSWORD: "rootpassword"
       PLAYBOOK_API_LOG_LEVEL: trace
       DATABASE: "false"
+      HTTP_SKIP_CERT_VALIDATION: false
     ports:
       - 127.0.0.1:8080:8080
     depends_on:

diff --git a/docker/soarca/docker-compose.yml b/docker/soarca/docker-compose.yml
@@ -58,6 +58,7 @@ services:
       ENABLE_FINS: true
       MQTT_BROKER: "mosquitto"
       MQTT_PORT: 1883
+      HTTP_SKIP_CERT_VALIDATION: false
     networks:
       - db-net
     ports:

diff --git a/internal/controller/controller.go b/internal/controller/controller.go
@@ -51,7 +51,10 @@ func (controller *Controller) NewDecomposer() decomposer.IDecomposer {
 	ssh := new(ssh.SshCapability)
 	capabilities := map[string]capability.ICapability{ssh.GetType(): ssh}
 
+	skip, _ := strconv.ParseBool(utils.GetEnv("HTTP_SKIP_CERT_VALIDATION", "false"))
+
 	httpUtil := new(httpUtil.HttpRequest)
+	httpUtil.SkipCertificateValidation(skip)
 	http := http.New(httpUtil)
 	capabilities[http.GetType()] = http
 

diff --git a/utils/http/http.go b/utils/http/http.go
@@ -2,6 +2,7 @@ package http
 
 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/base64"
 	"errors"
 	"fmt"
@@ -35,7 +36,9 @@ type IHttpRequest interface {
 	Request(httpOptions HttpOptions) ([]byte, error)
 }
 
-type HttpRequest struct{}
+type HttpRequest struct {
+	skipCertificateValidation bool
+}
 
 // https://gist.githubusercontent.com/ahmetozer/ffa4cd0b319aff32ea9ed0068c8b81cf/raw/fc8742e6e087451e954bf0da214794a620356a4d/IPv4-IPv6-domain-regex.go
 const (
@@ -44,14 +47,22 @@ const (
 	domainRegex = `^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$`
 )
 
+func (httpRequest *HttpRequest) SkipCertificateValidation(skip bool) {
+	httpRequest.skipCertificateValidation = skip
+}
+
 func (httpRequest *HttpRequest) Request(httpOptions HttpOptions) ([]byte, error) {
 	log = logger.Logger(component, logger.Info, "", logger.Json)
 	request, err := httpOptions.setupRequest()
 	if err != nil {
 		return []byte{}, err
 	}
 
-	client := &http.Client{}
+	transport := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: httpRequest.skipCertificateValidation},
+	}
+
+	client := &http.Client{Transport: transport}
 	log.Trace(request)
 	response, err := client.Do(request)
 	if err != nil {