From a5239cd7f5898e43e2ac6c1e48fe1c8705191d39 Mon Sep 17 00:00:00 2001
From: William Desportes <williamdes@wdes.fr>
Date: Fri, 28 Jun 2024 00:20:37 +0200
Subject: [PATCH] Implement collections

---
 README.md                                     |  4 ++--
 .../wdes}/bad-ips.txt                         |  0
 .../wdes}/bad-networks.txt                    |  0
 snow-scanner/src/main.rs                      | 22 +++++++++++++++++++
 4 files changed, 24 insertions(+), 2 deletions(-)
 rename data/{scanners => collections/wdes}/bad-ips.txt (100%)
 rename data/{scanners => collections/wdes}/bad-networks.txt (100%)

diff --git a/README.md b/README.md
index 3125f17..ecbf21c 100644
--- a/README.md
+++ b/README.md
@@ -5,12 +5,12 @@
 - `https://security.wdes.eu/scanners/stretchoid.txt` (List of all known stretchoid IPs)
 - `https://security.wdes.eu/scanners/binaryedge.txt` (List of all known binaryedge IPs)
 - `https://security.wdes.eu/scanners/censys.txt` (List of all IPs declared by censys scanner on their FAQ)
+- `https://security.wdes.eu/collections/wdes/bad-networks.txt` (List of some hand picked bad networks)
+- `https://security.wdes.eu/collections/bad-ips.txt` (List of some hand picked bad IPs that caused harm/attacks/scans to mail servers)
 
 ## To be migrated
 
 - `internet-measurement.com.txt` (List of all IPs declared by internet-measurement.com on [their website](https://internet-measurement.com/#ips))
-- `bad-networks.txt` (List of some hand picked bad networks)
-- `bad-ips.txt` (List of some hand picked bad IPs that caused harm/attacks/scans to mail servers)
 
 ## Other similar projects
 
diff --git a/data/scanners/bad-ips.txt b/data/collections/wdes/bad-ips.txt
similarity index 100%
rename from data/scanners/bad-ips.txt
rename to data/collections/wdes/bad-ips.txt
diff --git a/data/scanners/bad-networks.txt b/data/collections/wdes/bad-networks.txt
similarity index 100%
rename from data/scanners/bad-networks.txt
rename to data/collections/wdes/bad-networks.txt
diff --git a/snow-scanner/src/main.rs b/snow-scanner/src/main.rs
index 604cf85..22d31e6 100644
--- a/snow-scanner/src/main.rs
+++ b/snow-scanner/src/main.rs
@@ -331,6 +331,25 @@ fn handle_report(conn: &Mutex<Connection>, request: &Request) -> Response {
     }
 }
 
+fn handle_get_collection(request: &Request, static_data_dir: &str) -> Response {
+    // The `match_assets` function tries to find a file whose name corresponds to the URL
+    // of the request. The second parameter (`"."`) tells where the files to look for are
+    // located.
+    // In order to avoid potential security threats, `match_assets` will never return any
+    // file outside of this directory even if the URL is for example `/../../foo.txt`.
+    let response = rouille::match_assets(&request, static_data_dir);
+
+    if response.is_success() {
+        return response;
+    }
+    return Response {
+        status_code: 404,
+        headers: vec![("Content-Type".into(), "text/plain; charset=utf-8".into())],
+        data: ResponseBody::from_string("File not found.\n"),
+        upgrade: None,
+    };
+}
+
 fn handle_list_scanners(
     conn: &Mutex<Connection>,
     static_data_dir: &str,
@@ -615,6 +634,9 @@ fn main() -> Result<()> {
             (GET) (/scanners/{scanner_name: Scanners}) => {
                 handle_list_scanners(&conn, &static_data_dir, scanner_name, &request)
             },
+            (GET) (/collections/{vendor_name: String}/{file_name: String}) => {
+                handle_get_collection(&request, &static_data_dir)
+            },
             (GET) (/{api_key: String}/scanners/{scanner_name: String}) => {
                 let mut mac = HmacSha256::new_from_slice(b"my secret and secure key")
                     .expect("HMAC can take key of any size");