Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 07:04:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

[refactor] - template detector (#2692)

Browse source 
* refactor template detector to only check for 200 status code

* Replace ldap.DialTLS w/ ldap.DialURL since the former is deprecated

* sort imports
This commit is contained in:
ahrav 2024-04-10 17:46:07 -07:00 committed by GitHub
parent c6b454e736
commit 867434331b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 10 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
pkg/detectors/alchemy/alchemy.go
View file

@ -85,15 +85,15 @@ func verifyMatch(ctx context.Context, client *http.Client, token string) (bool,
_ = res.Body.Close()
}()
if res.StatusCode >= 200 && res.StatusCode < 300 {
switch res.StatusCode {
case http.StatusOK:
// If the endpoint returns useful information, we can return it as a map.
return true, nil, nil
} else if res.StatusCode == 401 {
case http.StatusUnauthorized:
// The secret is determinately not verified (nothing to do)
return false, nil, nil
} else {
err = fmt.Errorf("unexpected HTTP response status %d", res.StatusCode)
return false, nil, err
default:
return false, nil, fmt.Errorf("unexpected HTTP response status %d", res.StatusCode)
}
}

8
pkg/detectors/ldap/ldap.go
View file

@ -4,13 +4,14 @@ import (
"context"
"crypto/tls"
"fmt"
regexp "github.com/wasilibs/go-re2"
"net"
"net/url"
"strings"
"time"
"github.com/go-ldap/ldap/v3"
regexp "github.com/wasilibs/go-re2"
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
)
@ -151,16 +152,17 @@ func verifyLDAP(username, password string, ldapURL *url.URL) error {
return l.Bind(username, password)
case "ldaps":
// TLS dial
l, err := ldap.DialTLS("tcp", uri, &tls.Config{InsecureSkipVerify: true})
l, err := ldap.DialURL(uri, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: true}))
if err != nil {
return err
}
defer l.Close()
// TLS verify
return l.Bind(username, password)
default:
return fmt.Errorf("unknown ldap scheme %q", ldapURL.Scheme)
}
return fmt.Errorf("unknown ldap scheme %q", ldapURL.Scheme)
}
func (s Scanner) Type() detectorspb.DetectorType {