feat(sslyze): Updates to use json output to find supported ciphers. #43
Conversation
Makes parsing easier and less error prone. Adds scan result caching to prevent unnecessary repeated scans on the same host
There was a problem hiding this comment.
Great idea to use the json as output, for sure will be more long term solution.
About the caching in my local version i added the cache on the Koa side (like https://github.com/koajs/cash) leveraging the http cache mechanism.
| try { | ||
| const result = await exec(`cd /usr/local/bin && ./sslyze --regular --http_headers ${ctx.params.host}`); | ||
| const result = await exec(`sslyze --regular --http_headers ${hostName} --json_out=${fileName}`); |
There was a problem hiding this comment.
what do you think about using --json_out=- send json output on the standard output in this way:
const result = await exec(sslyze --regular --http_headers ${hostName} --json_out=-);
ctx.headers = { 'Content-Type': 'application/json' };
ctx.body = JSON.parse(result.stdout);
There was a problem hiding this comment.
I thought there was some value in capturing both the formatted text output and the json output separately.
That way each of the scenario does not have to be to be rewritten immediately with the change.
e.g. verifying heartbleed requires additional code now to get it from the json output.
Makes parsing easier and less error prone.
Adds scan result caching to prevent unnecessary repeated scans on the same host