Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable -timeout option when detecting OS (#410)

Browse Source
This commit is contained in:
Teppei Fukuda
2017-04-22 18:39:13 +09:00
committed by Kota Kanbe
parent f878e225cc
commit 5bf4cd46ff
5 changed files with 35 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.ja.md
View File

@@ -774,10 +774,10 @@ scan:
[-skip-broken]
[-http-proxy=http://192.168.0.1:8080]
[-ask-key-password]
[-timeout=300]
[-timeout-scan=7200]
[-debug]
[-pipe]
[-timeout]
[-timeout-scan]
[SERVER]...
-ask-key-password
@@ -803,7 +803,7 @@ scan:
-ssh-native-insecure
Use Native Go implementation of SSH. Default: Use the external command
-timeout int
Number of seconds for detecting platform for all servers (default 60)
Number of seconds for processing other than scan (default 300)
-timeout-scan int
Number of second for scaning vulnerabilities for all servers (default 7200)
```

6
README.md
View File

@@ -783,10 +783,10 @@ scan:
[-skip-broken]
[-http-proxy=http://192.168.0.1:8080]
[-ask-key-password]
[-timeout=300]
[-timeout-scan=7200]
[-debug]
[-pipe]
[-timeout]
[-timeout-scan]
[SERVER]...
-ask-key-password
@@ -812,7 +812,7 @@ scan:
-ssh-native-insecure
Use Native Go implementation of SSH. Default: Use the external command
-timeout int
Number of seconds for detecting platform for all servers (default 60)
Number of seconds for processing other than scan (default 300)
-timeout-scan int
Number of second for scaning vulnerabilities for all servers (default 7200)
```

2
commands/configtest.go
View File

@@ -164,7 +164,7 @@ func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interfa
}
util.Log.Info("Detecting Server/Container OS... ")
if err := scan.InitServers(); err != nil {
if err := scan.InitServers(p.timeoutSec); err != nil {
util.Log.Errorf("Failed to init servers: %s", err)
return subcommands.ExitFailure
}

42
commands/scan.go
View File

@@ -35,19 +35,19 @@ import (
// ScanCmd is Subcommand of host discovery mode
type ScanCmd struct {
debug bool
configPath string
resultsDir string
logDir string
cacheDBPath string
httpProxy string
askKeyPassword bool
containersOnly bool
skipBroken bool
sshNative bool
pipe bool
scanTimeoutSec int
detectTimeoutSec int
debug bool
configPath string
resultsDir string
logDir string
cacheDBPath string
httpProxy string
askKeyPassword bool
containersOnly bool
skipBroken bool
sshNative bool
pipe bool
timeoutSec int
scanTimeoutSec int
}
// Name return subcommand name
@@ -69,10 +69,10 @@ func (*ScanCmd) Usage() string {
[-skip-broken]
[-http-proxy=http://192.168.0.1:8080]
[-ask-key-password]
[-timeout=300]
[-timeout-scan=7200]
[-debug]
[-pipe]
[-timeout]
[-timeout-detect-platform]
[SERVER]...
`
@@ -139,17 +139,17 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
"Use stdin via PIPE")
f.IntVar(
&p.detectTimeoutSec,
&p.timeoutSec,
"timeout",
1*60,
"Number of seconds for detecting platform for all servers",
5*60,
"Number of seconds for processing other than scan",
)
f.IntVar(
&p.scanTimeoutSec,
"timeout-scan",
120*60,
"Number of second for scaning vulnerabilities for all servers",
"Number of seconds for scaning vulnerabilities for all servers",
)
}
@@ -231,13 +231,13 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
}
util.Log.Info("Detecting Server/Container OS... ")
if err := scan.InitServers(); err != nil {
if err := scan.InitServers(p.timeoutSec); err != nil {
util.Log.Errorf("Failed to init servers: %s", err)
return subcommands.ExitFailure
}
util.Log.Info("Detecting Platforms... ")
scan.DetectPlatforms(p.detectTimeoutSec)
scan.DetectPlatforms(p.timeoutSec)
util.Log.Info("Scanning vulnerabilities... ")
if err := scan.Scan(p.scanTimeoutSec); err != nil {

14
scan/serverapi.go
View File

@@ -121,13 +121,13 @@ func PrintSSHableServerNames() {
}
// InitServers detect the kind of OS distribution of target servers
func InitServers() error {
servers, errServers = detectServerOSes()
func InitServers(timeoutSec int) error {
servers, errServers = detectServerOSes(timeoutSec)
if len(servers) == 0 {
return fmt.Errorf("No scannable servers")
}
actives, inactives := detectContainerOSes()
actives, inactives := detectContainerOSes(timeoutSec)
if config.Conf.ContainersOnly {
servers = actives
errServers = inactives
@@ -138,7 +138,7 @@ func InitServers() error {
return nil
}
func detectServerOSes() (servers, errServers []osTypeInterface) {
func detectServerOSes(timeoutSec int) (servers, errServers []osTypeInterface) {
util.Log.Info("Detecting OS of servers... ")
osTypeChan := make(chan osTypeInterface, len(config.Conf.Servers))
defer close(osTypeChan)
@@ -153,7 +153,7 @@ func detectServerOSes() (servers, errServers []osTypeInterface) {
}(s)
}
timeout := time.After(30 * time.Second)
timeout := time.After(time.Duration(timeoutSec) * time.Second)
for i := 0; i < len(config.Conf.Servers); i++ {
select {
case res := <-osTypeChan:
@@ -199,7 +199,7 @@ func detectServerOSes() (servers, errServers []osTypeInterface) {
return
}
func detectContainerOSes() (actives, inactives []osTypeInterface) {
func detectContainerOSes(timeoutSec int) (actives, inactives []osTypeInterface) {
util.Log.Info("Detecting OS of containers... ")
osTypesChan := make(chan []osTypeInterface, len(servers))
defer close(osTypesChan)
@@ -215,7 +215,7 @@ func detectContainerOSes() (actives, inactives []osTypeInterface) {
}(s)
}
timeout := time.After(30 * time.Second)
timeout := time.After(time.Duration(timeoutSec) * time.Second)
for i := 0; i < len(servers); i++ {
select {
case res := <-osTypesChan: