From f7e6dd3246a6bbef768c9a8db5e3293bb91434a7 Mon Sep 17 00:00:00 2001 From: Edward Shen Date: Thu, 2 May 2019 03:21:18 -0400 Subject: [PATCH] added body digests checks --- Cargo.lock | 1 + Cargo.toml | 1 + config/endstat_conf.example.ron | 3 ++- src/config.rs | 1 + src/main.rs | 1 + src/updater.rs | 20 ++++++++++++++++---- 6 files changed, 22 insertions(+), 5 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8235011..f003e59 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -657,6 +657,7 @@ dependencies = [ "chrono 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)", "env_logger 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)", "reqwest 0.9.15 (registry+https://github.com/rust-lang/crates.io-index)", + "ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)", "ron 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", "serde 1.0.90 (registry+https://github.com/rust-lang/crates.io-index)", "tera 0.11.20 (registry+https://github.com/rust-lang/crates.io-index)", diff --git a/Cargo.toml b/Cargo.toml index b4ad378..d31aec5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,3 +14,4 @@ tokio = "0.1" tera = "0.11" env_logger = "0.6" chrono = { version = "0.4", features = ["serde"] } +ring = "^0" diff --git a/config/endstat_conf.example.ron b/config/endstat_conf.example.ron index 74ae109..0675bb0 100644 --- a/config/endstat_conf.example.ron +++ b/config/endstat_conf.example.ron @@ -25,7 +25,8 @@ endpoints: [ (label: "Or expect different reponse codes (like 418)", endpoint: "http://error418.net/", code: 418), (label: "Or response checking!", endpoint: "http://urlecho.appspot.com/echo", body: "None"), - (label: "Or both!", endpoint: "http://urlecho.appspot.com/echo?status=503&Content-Type=text%2Fhtml&body=None", body: "None", code: 503), + (label: "Or response hash comparison!", endpoint: "http://urlecho.appspot.com/echo", body_hash: "dc937b59892604f5a86ac96936cd7ff09e25f18ae6b758e8014a24c7fa039e91"), + (label: "Or a combination!", endpoint: "http://urlecho.appspot.com/echo?status=503&Content-Type=text%2Fhtml&body=None", body: "None", code: 503), (label: "Or expect the endpoint to fail entirely!", endpoint: "http://lol.arpa", should_err: true), ], ), diff --git a/src/config.rs b/src/config.rs index 273af62..b3c4df2 100644 --- a/src/config.rs +++ b/src/config.rs @@ -7,6 +7,7 @@ pub struct EndpointConfig { pub port: Option, pub code: Option, pub body: Option, + pub body_hash: Option, pub follow_redirects: Option, pub should_err: Option, } diff --git a/src/main.rs b/src/main.rs index c6aec79..525d86d 100644 --- a/src/main.rs +++ b/src/main.rs @@ -8,6 +8,7 @@ extern crate serde; extern crate tokio; #[macro_use] extern crate tera; +extern crate ring; mod config; mod handlers; diff --git a/src/updater.rs b/src/updater.rs index 42838e1..69065ce 100644 --- a/src/updater.rs +++ b/src/updater.rs @@ -5,6 +5,10 @@ use crate::{ }; use chrono::prelude::Utc; use reqwest::{Client, RedirectPolicy, Url, UrlError}; +use ring::{ + digest::{digest, SHA256}, + test::from_hex, +}; use std::time::Duration; pub fn update_state(state: State) { @@ -52,11 +56,9 @@ fn get_result( match ping_result { Ok(mut res) => { let res_body = res.text().expect("could not get body of request"); - let does_code_match = res.status() == code; - let does_body_match = body.is_empty() || res_body == body; let mut error = None; - if !does_code_match { + if res.status() != code { error = Some(format!( "Status code mismatch: {} != {}.", res.status().as_u16(), @@ -64,7 +66,17 @@ fn get_result( )); } - if !does_body_match { + if let Some(expected_hash) = &endpoint.body_hash { + let expected = from_hex(expected_hash).unwrap(); + let actual = digest(&SHA256, String::from(res_body).as_bytes()); + if &expected != &actual.as_ref() { + error = Some(if let Some(msg) = error { + format!("{} Body hash mismatch.", msg) + } else { + String::from("Body hash mismatch.") + }); + } + } else if !body.is_empty() && res_body != body { error = Some(if let Some(msg) = error { format!( "{} Body mismatch: {} != {}.",