bug fixes example tests and more (#163)

* example test bug fix and more

* fix lint error

* fix spacing in examples/simple.go

Author: tarunKoyalwar

.github/workflows/build-test.yml

@@ -32,5 +32,9 @@ jobs:
       - name: Race Condition Tests
         run: go build -race .
         working-directory: cmd/tlsx/
+      
+      - name: Test Example Code
+        run: go run .
+        working-directory: examples/
 
 

README.md

@@ -7,6 +7,7 @@
 <p align="center">
 <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/license-MIT-_red.svg"></a>
 <a href="https://goreportcard.com/badge/github.com/projectdiscovery/tlsx"><img src="https://goreportcard.com/badge/github.com/projectdiscovery/tlsx"></a>
+<a href="https://pkg.go.dev/github.com/projectdiscovery/tlsx/pkg/tlsx"><img src="https://img.shields.io/badge/go-reference-blue"></a>
 <a href="https://github.com/projectdiscovery/tlsx/releases"><img src="https://img.shields.io/github/release/projectdiscovery/tlsx"></a>
 <a href="https://twitter.com/pdiscoveryio"><img src="https://img.shields.io/twitter/follow/pdiscoveryio.svg?logo=twitter"></a>
 <a href="https://discord.gg/projectdiscovery"><img src="https://img.shields.io/discord/695645237418131507.svg?logo=discord"></a>
@@ -124,6 +125,10 @@ OUTPUT:
    -version            display project version
 ```
 
+## Using tlsx as library
+
+Examples of using tlsx as library are provided in the [examples](examples/) folder.
+
 ## Running tlsx
 
 ### Input for tlsx

assets/openssl.include

@@ -4,7 +4,6 @@ import (
 	"os"
 	"strings"
 
-	"github.com/pkg/errors"
 	"github.com/projectdiscovery/goflags"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/tlsx/internal/runner"
@@ -27,20 +26,20 @@ func main() {
 
 func process() error {
 	if err := readFlags(); err != nil {
-		return errors.Wrap(err, "could not read flags")
+		return errorutils.NewWithErr(err).Msgf("could not read flags")
 	}
 	runner, err := runner.New(options)
 	if err != nil {
-		return errors.Wrap(err, "could not create runner")
+		return errorutils.NewWithErr(err).Msgf("could not create runner")
 	}
 	if runner == nil {
 		return nil
 	}
 	if err := runner.Execute(); err != nil {
-		return errors.Wrap(err, "could not execute runner")
+		return errorutils.NewWithErr(err).Msgf("could not execute runner")
 	}
 	if err := runner.Close(); err != nil {
-		return errors.Wrap(err, "could not close runner")
+		return errorutils.NewWithErr(err).Msgf("could not close runner")
 	}
 	return nil
 }
@@ -126,12 +125,12 @@ func readFlags() error {
 	)
 
 	if err := flagSet.Parse(); err != nil {
-		return errors.Wrap(err, "could not parse flags")
+		return errorutils.NewWithErr(err).Msgf("could not parse flags")
 	}
 
 	if cfgFile != "" {
 		if err := flagSet.MergeConfigFile(cfgFile); err != nil {
-			return errors.Wrap(err, "could not read config file")
+			return errorutils.NewWithErr(err).Msgf("could not read config file")
 		}
 	}
 	return nil

cmd/tlsx/main.go

@@ -0,0 +1,39 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/projectdiscovery/tlsx/pkg/tlsx"
+	"github.com/projectdiscovery/tlsx/pkg/tlsx/clients"
+)
+
+func main() {
+	// setup tlsx client with options
+	// https://pkg.go.dev/github.com/projectdiscovery/tlsx/pkg/tlsx/clients#Options
+	opts := &clients.Options{
+		TLSVersion: true,
+		Retries:    3,
+		Expired:    true,
+	}
+
+	// available scanmodes
+	allmodes := []string{"auto", "openssl", "ctls", "ztls"}
+
+	for _, scanMode := range allmodes {
+		opts.ScanMode = scanMode
+		// create tlsx service with options
+		service, err := tlsx.New(opts)
+		if err != nil {
+			panic(err)
+		}
+
+		// connect to any host either with hostname or ip
+		// service.Connect(hostname, ip , port string)
+		resp, err := service.Connect("scanme.sh", "", "443")
+		if err != nil {
+			panic(err)
+		}
+
+		fmt.Printf("[%v] scan-mode:%-7v tls-version:%v self-signed:%v cipher:%v\n", resp.Host, scanMode, resp.Version, resp.SelfSigned, resp.Cipher)
+	}
+}

examples/simple.go

@@ -7,7 +7,6 @@ require (
 	github.com/json-iterator/go v1.1.12
 	github.com/logrusorgru/aurora v2.0.3+incompatible
 	github.com/miekg/dns v1.1.50
-	github.com/pkg/errors v0.9.1
 	github.com/projectdiscovery/dnsx v1.1.1
 	github.com/projectdiscovery/fastdialer v0.0.21
 	github.com/projectdiscovery/goflags v0.1.6
@@ -56,6 +55,7 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/nwaples/rardecode v1.1.0 // indirect
 	github.com/pierrec/lz4 v2.6.0+incompatible // indirect
+	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/projectdiscovery/asnmap v0.0.1 // indirect
 	github.com/projectdiscovery/blackrock v0.0.0-20220628111055-35616c71b2dc // indirect

go.mod

@@ -3,9 +3,9 @@ package runner
 import (
 	"fmt"
 
-	"github.com/pkg/errors"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/gologger/levels"
+	errorutils "github.com/projectdiscovery/utils/errors"
 	fileutil "github.com/projectdiscovery/utils/file"
 )
 
@@ -28,20 +28,20 @@ func (r *Runner) validateOptions() error {
 	}
 	probeSpecified := r.options.SO || r.options.TLSVersion || r.options.Cipher || r.options.Expired || r.options.SelfSigned || r.options.Hash != "" || r.options.Jarm || r.options.MisMatched || r.options.Revoked || r.options.WildcardCertCheck
 	if r.options.RespOnly && probeSpecified {
-		return errors.New("resp-only flag can only be used with san and cn flags")
+		return errorutils.New("resp-only flag can only be used with san and cn flags")
 	}
 	if (r.options.SAN || r.options.CN) && probeSpecified {
-		return errors.New("san or cn flag cannot be used with other probes")
+		return errorutils.New("san or cn flag cannot be used with other probes")
 	}
 	if !r.hasStdin && len(r.options.Inputs) == 0 && r.options.InputList == "" {
-		return errors.New("no input provided for enumeration")
+		return errorutils.New("no input provided for enumeration")
 	}
 	if len(r.options.Ports) == 0 {
 		// Append port 443 for default ports
 		r.options.Ports = append(r.options.Ports, "443")
 	}
 	if r.options.CertsOnly && !(r.options.ScanMode == "ztls" || r.options.ScanMode == "auto") {
-		return errors.New("scan-mode must be ztls or auto with certs-only option")
+		return errorutils.New("scan-mode must be ztls or auto with certs-only option")
 	}
 	if r.options.CertsOnly || r.options.Ja3 {
 		r.options.ScanMode = "ztls" // force setting ztls when using certs-only

internal/runner/banner.go

@@ -10,7 +10,6 @@ import (
 	"time"
 
 	"github.com/miekg/dns"
-	"github.com/pkg/errors"
 	"github.com/projectdiscovery/dnsx/libs/dnsx"
 	"github.com/projectdiscovery/fastdialer/fastdialer"
 	"github.com/projectdiscovery/gologger"
@@ -23,6 +22,7 @@ import (
 	"github.com/projectdiscovery/tlsx/pkg/tlsx"
 	"github.com/projectdiscovery/tlsx/pkg/tlsx/clients"
 	"github.com/projectdiscovery/tlsx/pkg/tlsx/openssl"
+	errorutil "github.com/projectdiscovery/utils/errors"
 	iputil "github.com/projectdiscovery/utils/ip"
 	sliceutil "github.com/projectdiscovery/utils/slice"
 )
@@ -57,7 +57,7 @@ func New(options *clients.Options) (*Runner, error) {
 	}
 	runner := &Runner{options: options}
 	if err := runner.validateOptions(); err != nil {
-		return nil, errors.Wrap(err, "could not validate options")
+		return nil, errorutil.NewWithErr(err).Msgf("could not validate options")
 	}
 
 	dialerOpts := fastdialer.DefaultOptions
@@ -69,7 +69,7 @@ func New(options *clients.Options) (*Runner, error) {
 	}
 	fastDialer, err := fastdialer.NewDialer(dialerOpts)
 	if err != nil {
-		return nil, errors.Wrap(err, "could not create dialer")
+		return nil, errorutil.NewWithErr(err).Msgf("could not create dialer")
 	}
 	runner.fastDialer = fastDialer
 	runner.options.Fastdialer = fastDialer
@@ -90,7 +90,7 @@ func New(options *clients.Options) (*Runner, error) {
 
 	outputWriter, err := output.New(options)
 	if err != nil {
-		return nil, errors.Wrap(err, "could not create output writer")
+		return nil, errorutil.NewWithErr(err).Msgf("could not create output writer")
 	}
 	runner.outputWriter = outputWriter
 
@@ -184,7 +184,7 @@ func (r *Runner) normalizeAndQueueInputs(inputs chan taskInput) error {
 	if r.options.InputList != "" {
 		file, err := os.Open(r.options.InputList)
 		if err != nil {
-			return errors.Wrap(err, "could not open input file")
+			return errorutil.NewWithErr(err).Msgf("could not open input file")
 		}
 		defer file.Close()
 

internal/runner/runner.go

@@ -9,8 +9,8 @@ import (
 
 	jsoniter "github.com/json-iterator/go"
 	"github.com/logrusorgru/aurora"
-	"github.com/pkg/errors"
 	"github.com/projectdiscovery/tlsx/pkg/tlsx/clients"
+	errorutil "github.com/projectdiscovery/utils/errors"
 	"golang.org/x/exp/maps"
 )
 
@@ -40,7 +40,7 @@ func New(options *clients.Options) (Writer, error) {
 	if options.OutputFile != "" {
 		output, err := newFileOutputWriter(options.OutputFile)
 		if err != nil {
-			return nil, errors.Wrap(err, "could not create output file")
+			return nil, errorutil.NewWithErr(err).Msgf("could not create output file")
 		}
 		outputFile = output
 	}
@@ -65,7 +65,7 @@ func (w *StandardWriter) Write(event *clients.Response) error {
 		data, err = w.formatStandard(event)
 	}
 	if err != nil {
-		return errors.Wrap(err, "could not format output")
+		return errorutil.NewWithErr(err).Msgf("could not format output")
 	}
 	data = bytes.TrimSuffix(data, []byte("\n")) // remove last newline
 
@@ -78,7 +78,7 @@ func (w *StandardWriter) Write(event *clients.Response) error {
 			data = decolorizerRegex.ReplaceAll(data, []byte(""))
 		}
 		if writeErr := w.outputFile.Write(data); writeErr != nil {
-			return errors.Wrap(err, "could not write to output")
+			return errorutil.NewWithErr(err).Msgf("could not write to output")
 		}
 	}
 	return nil
@@ -101,11 +101,11 @@ func (w *StandardWriter) formatJSON(output *clients.Response) ([]byte, error) {
 // formatStandard formats the output for standard client formatting
 func (w *StandardWriter) formatStandard(output *clients.Response) ([]byte, error) {
 	if output == nil {
-		return nil, errors.New("empty certificate response")
+		return nil, errorutil.New("empty certificate response")
 	}
 
 	if output.CertificateResponse == nil {
-		return nil, errors.New("empty leaf certificate")
+		return nil, errorutil.New("empty leaf certificate")
 	}
 
 	builder := &bytes.Buffer{}

pkg/output/output.go

@@ -3,7 +3,6 @@
 package auto
 
 import (
-	"github.com/pkg/errors"
 	"github.com/projectdiscovery/tlsx/pkg/output/stats"
 	"github.com/projectdiscovery/tlsx/pkg/tlsx/clients"
 	"github.com/projectdiscovery/tlsx/pkg/tlsx/openssl"
@@ -56,7 +55,7 @@ func (c *Client) ConnectWithOptions(hostname, ip, port string, options clients.C
 			stats.IncrementOpensslTLSConnections()
 			return response, nil
 		}
-		if errors.Is(opensslErr, openssl.ErrNotAvailable) {
+		if errorutils.IsAny(opensslErr, openssl.ErrNotAvailable) {
 			opensslErr = nil
 		}
 	}

pkg/tlsx/auto/auto.go

@@ -39,6 +39,10 @@ func (c *Client) ConnectWithOptions(hostname, ip, port string, options clients.C
 	} else {
 		address = net.JoinHostPort(hostname, port)
 	}
+	//validation
+	if (hostname == "" && ip == "") || port == "" {
+		return nil, errorutils.NewWithTag("openssl", "client requires valid address got port=%v,hostname=%v,ip=%v", port, hostname, ip)
+	}
 
 	// Note: CLI options are omitted if given value is empty
 	opensslOptions := &Options{

pkg/tlsx/openssl/openssl.go

@@ -135,14 +135,12 @@ readline:
 		case strings.HasPrefix(line, "Master-Key"):
 			osession.MasterKey = parseSessionValue(line)
 		}
-		if !strings.HasPrefix(line, "Extended master secret") {
+		if strings.HasPrefix(line, "Timeout") {
 			// read until end of session data and return
 			return osession, nil
 		}
-	} else {
-		goto readline
 	}
-	return osession, nil
+	goto readline
 }
 
 // parseCertificate dumped by openssl