search

danwent / Perspectives-Server

network notary implementation for the Perspectives project
http://perspectives-project.org
GNU General Public License v3.0
50 stars 13 forks source link

Scan failure leads to url loss #54

Open netsafe opened 9 years ago

netsafe commented 9 years ago

How to repeat : try to scan high-secure site, disallowing weak ciphers handshake. For example https://crowdcourse.net

perspectives@crowdcourse:~$ /usr/bin/python notary_http.py --sni --webport 8081 --pycache 100M --cache-expiry 4H --dbtype sqlite --dbname notary.sqlite --echo-screen --dbecho 1
2015-06-19 21:27:50,942 INFO sqlalchemy.engine.base.Engine PRAGMA table_info("t_services")
2015-06-19 21:27:50,944 INFO sqlalchemy.engine.base.Engine ()
2015-06-19 21:27:50,947 INFO sqlalchemy.engine.base.Engine PRAGMA table_info("t_event_types")
2015-06-19 21:27:50,947 INFO sqlalchemy.engine.base.Engine ()
2015-06-19 21:27:50,947 INFO sqlalchemy.engine.base.Engine PRAGMA table_info("t_observations")
2015-06-19 21:27:50,947 INFO sqlalchemy.engine.base.Engine ()
2015-06-19 21:27:50,948 INFO sqlalchemy.engine.base.Engine PRAGMA table_info("t_metrics")
2015-06-19 21:27:50,948 INFO sqlalchemy.engine.base.Engine ()
Using public key
-----BEGIN PUBLIC KEY-----
MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAGG5qAoxnLOsoHGG3zJs+W5Yn3+
AOMUzxhZqZsGbIxL46lw1wfgXJQ9MUbdzRjZjpd5TBInbNJbqQiQ0axD01MEgIgf
rCiG+ok7P85iKHdY2vHOnQ12AHDFODGJ/dICSVmLnaCsuoeG66pbNWs9JKTge32I
TJ3dULqzc04hO71j+QVZ3fpkuW49/xXzqz7iPvcGTIosc4S68pffd9dqACXw0KxW
DeYQnjW744sCAwEAAQ==
-----END PUBLIC KEY-----

[19/Jun/2015:21:27:50] ENGINE Listening for SIGHUP.
[19/Jun/2015:21:27:50] ENGINE Listening for SIGTERM.
[19/Jun/2015:21:27:50] ENGINE Listening for SIGUSR1.
[19/Jun/2015:21:27:50] ENGINE Bus STARTING
[19/Jun/2015:21:27:50] ENGINE Started monitor thread 'Autoreloader'.
[19/Jun/2015:21:27:50] ENGINE Started monitor thread '_TimeoutMonitor'.
[19/Jun/2015:21:27:51] ENGINE Serving on 127.0.0.1:8081
[19/Jun/2015:21:27:51] ENGINE Bus STARTED
2015-06-19 21:27:57,143 INFO sqlalchemy.engine.base.Engine BEGIN (implicit)
2015-06-19 21:27:57,143 INFO sqlalchemy.engine.base.Engine BEGIN (implicit)
2015-06-19 21:27:57,145 INFO sqlalchemy.engine.base.Engine SELECT t_services.name AS t_services_name, t_observations."key" AS t_observations_key, t_observations.start AS t_observations_start, t_observations."end" AS t_observations_end
FROM t_services JOIN t_observations ON t_services.service_id = t_observations.service_id
WHERE t_services.name = ?
2015-06-19 21:27:57,145 INFO sqlalchemy.engine.base.Engine SELECT t_services.name AS t_services_name, t_observations."key" AS t_observations_key, t_observations.start AS t_observations_start, t_observations."end" AS t_observations_end
FROM t_services JOIN t_observations ON t_services.service_id = t_observations.service_id
WHERE t_services.name = ?
2015-06-19 21:27:57,146 INFO sqlalchemy.engine.base.Engine ('crowdcourse.net:443,2',)
2015-06-19 21:27:57,146 INFO sqlalchemy.engine.base.Engine ('crowdcourse.net:443,2',)
ERROR:root:Received SSL Alert during SNI scan of crowdcourse.net:443 - 'Fatal (2): Code 40 - Handshake Failure'. Will re-run with non-SNI scan.
Error scanning 'crowdcourse.net:443,2' - Fatal (2): Code 40 - Handshake Failure
^C[19/Jun/2015:21:30:42] ENGINE Keyboard Interrupt: shutting down bus
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Keyboard Interrupt: shutting down bus
[19/Jun/2015:21:30:42] ENGINE Bus STOPPING
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Bus STOPPING
[19/Jun/2015:21:30:42] ENGINE HTTP Server cherrypy._cpwsgi_server.CPWSGIServer(('127.0.0.1', 8081)) shut down
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE HTTP Server cherrypy._cpwsgi_server.CPWSGIServer(('127.0.0.1', 8081)) shut down
[19/Jun/2015:21:30:42] ENGINE Stopped thread 'Autoreloader'.
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Stopped thread 'Autoreloader'.
[19/Jun/2015:21:30:42] ENGINE Stopped thread '_TimeoutMonitor'.
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Stopped thread '_TimeoutMonitor'.
[19/Jun/2015:21:30:42] ENGINE Bus STOPPED
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Bus STOPPED
[19/Jun/2015:21:30:42] ENGINE Bus EXITING
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Bus EXITING
[19/Jun/2015:21:30:42] ENGINE Bus EXITED
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Bus EXITED
[19/Jun/2015:21:30:42] ENGINE Waiting for child threads to terminate...
INFO:cherrypy.error:[19/Jun/2015:21:30:42] ENGINE Waiting for child threads to terminate...

after that - the bug : 

perspectives@crowdcourse:~$ /usr/bin/python notary_util/list_services.py | grep -c crowdcourse.net
0

The URL was lost!

daveschaefer commented 8 years ago

Thanks for sending this. I have a bunch of code backed up to fix #45 to make the scanner work properly. I'd like to add unit tests as well. We may also want to enable scanning with a proper TLS stack (e.g. libressl, boringssl) instead.

I'd like to fix #45 before I take a stab at this.