From 5bf4cd46ffbf360c7d519c654856465fb822c356 Mon Sep 17 00:00:00 2001 From: Teppei Fukuda Date: Sat, 22 Apr 2017 18:39:13 +0900 Subject: [PATCH] Enable -timeout option when detecting OS (#410) --- README.ja.md | 6 +++--- README.md | 6 +++--- commands/configtest.go | 2 +- commands/scan.go | 42 +++++++++++++++++++++--------------------- scan/serverapi.go | 14 +++++++------- 5 files changed, 35 insertions(+), 35 deletions(-) diff --git a/README.ja.md b/README.ja.md index 161bb285..89753132 100644 --- a/README.ja.md +++ b/README.ja.md @@ -774,10 +774,10 @@ scan: [-skip-broken] [-http-proxy=http://192.168.0.1:8080] [-ask-key-password] + [-timeout=300] + [-timeout-scan=7200] [-debug] [-pipe] - [-timeout] - [-timeout-scan] [SERVER]... -ask-key-password @@ -803,7 +803,7 @@ scan: -ssh-native-insecure Use Native Go implementation of SSH. Default: Use the external command -timeout int - Number of seconds for detecting platform for all servers (default 60) + Number of seconds for processing other than scan (default 300) -timeout-scan int Number of second for scaning vulnerabilities for all servers (default 7200) ``` diff --git a/README.md b/README.md index 4cb0a23e..8a892e6f 100644 --- a/README.md +++ b/README.md @@ -783,10 +783,10 @@ scan: [-skip-broken] [-http-proxy=http://192.168.0.1:8080] [-ask-key-password] + [-timeout=300] + [-timeout-scan=7200] [-debug] [-pipe] - [-timeout] - [-timeout-scan] [SERVER]... -ask-key-password @@ -812,7 +812,7 @@ scan: -ssh-native-insecure Use Native Go implementation of SSH. Default: Use the external command -timeout int - Number of seconds for detecting platform for all servers (default 60) + Number of seconds for processing other than scan (default 300) -timeout-scan int Number of second for scaning vulnerabilities for all servers (default 7200) ``` diff --git a/commands/configtest.go b/commands/configtest.go index dac1ab0f..40809613 100644 --- a/commands/configtest.go +++ b/commands/configtest.go @@ -164,7 +164,7 @@ func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interfa } util.Log.Info("Detecting Server/Container OS... ") - if err := scan.InitServers(); err != nil { + if err := scan.InitServers(p.timeoutSec); err != nil { util.Log.Errorf("Failed to init servers: %s", err) return subcommands.ExitFailure } diff --git a/commands/scan.go b/commands/scan.go index 71c3a712..74128cb0 100644 --- a/commands/scan.go +++ b/commands/scan.go @@ -35,19 +35,19 @@ import ( // ScanCmd is Subcommand of host discovery mode type ScanCmd struct { - debug bool - configPath string - resultsDir string - logDir string - cacheDBPath string - httpProxy string - askKeyPassword bool - containersOnly bool - skipBroken bool - sshNative bool - pipe bool - scanTimeoutSec int - detectTimeoutSec int + debug bool + configPath string + resultsDir string + logDir string + cacheDBPath string + httpProxy string + askKeyPassword bool + containersOnly bool + skipBroken bool + sshNative bool + pipe bool + timeoutSec int + scanTimeoutSec int } // Name return subcommand name @@ -69,10 +69,10 @@ func (*ScanCmd) Usage() string { [-skip-broken] [-http-proxy=http://192.168.0.1:8080] [-ask-key-password] + [-timeout=300] + [-timeout-scan=7200] [-debug] [-pipe] - [-timeout] - [-timeout-detect-platform] [SERVER]... ` @@ -139,17 +139,17 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) { "Use stdin via PIPE") f.IntVar( - &p.detectTimeoutSec, + &p.timeoutSec, "timeout", - 1*60, - "Number of seconds for detecting platform for all servers", + 5*60, + "Number of seconds for processing other than scan", ) f.IntVar( &p.scanTimeoutSec, "timeout-scan", 120*60, - "Number of second for scaning vulnerabilities for all servers", + "Number of seconds for scaning vulnerabilities for all servers", ) } @@ -231,13 +231,13 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) } util.Log.Info("Detecting Server/Container OS... ") - if err := scan.InitServers(); err != nil { + if err := scan.InitServers(p.timeoutSec); err != nil { util.Log.Errorf("Failed to init servers: %s", err) return subcommands.ExitFailure } util.Log.Info("Detecting Platforms... ") - scan.DetectPlatforms(p.detectTimeoutSec) + scan.DetectPlatforms(p.timeoutSec) util.Log.Info("Scanning vulnerabilities... ") if err := scan.Scan(p.scanTimeoutSec); err != nil { diff --git a/scan/serverapi.go b/scan/serverapi.go index 90ac3cf9..a20d1748 100644 --- a/scan/serverapi.go +++ b/scan/serverapi.go @@ -121,13 +121,13 @@ func PrintSSHableServerNames() { } // InitServers detect the kind of OS distribution of target servers -func InitServers() error { - servers, errServers = detectServerOSes() +func InitServers(timeoutSec int) error { + servers, errServers = detectServerOSes(timeoutSec) if len(servers) == 0 { return fmt.Errorf("No scannable servers") } - actives, inactives := detectContainerOSes() + actives, inactives := detectContainerOSes(timeoutSec) if config.Conf.ContainersOnly { servers = actives errServers = inactives @@ -138,7 +138,7 @@ func InitServers() error { return nil } -func detectServerOSes() (servers, errServers []osTypeInterface) { +func detectServerOSes(timeoutSec int) (servers, errServers []osTypeInterface) { util.Log.Info("Detecting OS of servers... ") osTypeChan := make(chan osTypeInterface, len(config.Conf.Servers)) defer close(osTypeChan) @@ -153,7 +153,7 @@ func detectServerOSes() (servers, errServers []osTypeInterface) { }(s) } - timeout := time.After(30 * time.Second) + timeout := time.After(time.Duration(timeoutSec) * time.Second) for i := 0; i < len(config.Conf.Servers); i++ { select { case res := <-osTypeChan: @@ -199,7 +199,7 @@ func detectServerOSes() (servers, errServers []osTypeInterface) { return } -func detectContainerOSes() (actives, inactives []osTypeInterface) { +func detectContainerOSes(timeoutSec int) (actives, inactives []osTypeInterface) { util.Log.Info("Detecting OS of containers... ") osTypesChan := make(chan []osTypeInterface, len(servers)) defer close(osTypesChan) @@ -215,7 +215,7 @@ func detectContainerOSes() (actives, inactives []osTypeInterface) { }(s) } - timeout := time.After(30 * time.Second) + timeout := time.After(time.Duration(timeoutSec) * time.Second) for i := 0; i < len(servers); i++ { select { case res := <-osTypesChan: