add some logs to tlsping

2019-02-19 16:35:05 +01:00 · 2019-02-19 16:35:05 +01:00 · da8efb4afe
parent c5cce8be6f
commit da8efb4afe
1 changed files with 14 additions and 0 deletions
--- a/infra/control/tlsping.go
+++ b/infra/control/tlsping.go
@ -2,6 +2,7 @@ package control

 import (
 	"crypto/tls"
+	"crypto/x509"
 	"flag"
 	"fmt"
 	"net"
@ -22,6 +23,15 @@ func (c *TlsPingCommand) Description() Description {
 	}
 }

+func printCertificates(certs []*x509.Certificate) {
+	for _, cert := range certs {
+		if len(cert.DNSNames) == 0 {
+			continue
+		}
+		fmt.Println("Allowed domains: ", cert.DNSNames)
+	}
+}
+
 func (c *TlsPingCommand) Execute(args []string) error {
 	fs := flag.NewFlagSet(c.Name(), flag.ContinueOnError)
 	ipStr := fs.String("ip", "", "IP address of the domain")
@ -53,6 +63,7 @@ func (c *TlsPingCommand) Execute(args []string) error {
 	}
 	fmt.Println("Using IP: ", ip.String())

+	fmt.Println("-------------------")
 	fmt.Println("Pinging without SNI")
 	{
 		tcpConn, err := net.DialTCP("tcp", nil, &net.TCPAddr{IP: ip, Port: 443})
@ -70,10 +81,12 @@ func (c *TlsPingCommand) Execute(args []string) error {
 			fmt.Println("Handshake failure: ", err)
 		} else {
 			fmt.Println("Handshake succeeded")
+			printCertificates(tlsConn.ConnectionState().PeerCertificates)
 		}
 		tlsConn.Close()
 	}

+	fmt.Println("-------------------")
 	fmt.Println("Pinging with SNI")
 	{
 		tcpConn, err := net.DialTCP("tcp", nil, &net.TCPAddr{IP: ip, Port: 443})
@ -91,6 +104,7 @@ func (c *TlsPingCommand) Execute(args []string) error {
 			fmt.Println("handshake failure: ", err)
 		} else {
 			fmt.Println("handshake succeeded")
+			printCertificates(tlsConn.ConnectionState().PeerCertificates)
 		}
 		tlsConn.Close()
 	}