Re-write all using actix

Re-write all the data management with Diesel
Write migrations with Diesel
2024-09-20 17:45:04 +02:00 · 2024-09-20 00:51:24 +02:00 · 2024-09-20 00:07:01 +02:00
9 changed files with 570 additions and 398 deletions
--- a/snow-scanner/Cargo.toml
+++ b/snow-scanner/Cargo.toml
@ -30,13 +30,15 @@ path = "src/main.rs"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

 [dependencies]
-rouille = "3.6.2"
+actix-web = "4"
+actix-files = "0.6.6"
 hmac = "0.12.1"
 sha2 = "0.10.8"
 hex = "0.4.3"
-rusqlite = { version = "0.31.0", features = ["bundled", "chrono"] }
+diesel = { version = "2.2.0", default-features = false, features = ["mysql", "chrono", "uuid", "r2d2"] }
 dns-ptr-resolver = "1.2.0"
 hickory-client = { version = "0.24.1", default-features = false }
 chrono = "0.4.38"
-uuid7 = "1.0.0"
+uuid = { version = "1.10.0", default-features = false, features = ["v7", "serde", "std"] }
 cidr = "0.2.2"
+serde = "1.0.210"
--- a/snow-scanner/diesel.toml
+++ b/snow-scanner/diesel.toml
@ -0,0 +1,9 @@
+# For documentation on how to configure this file,
+# see https://diesel.rs/guides/configuring-diesel-cli
+
+[print_schema]
+file = "src/schema.rs"
+custom_type_derives = ["diesel::query_builder::QueryId", "Clone"]
+
+[migrations_directory]
+dir = "/mnt/Dev/@wdes/security.wdes.eu/snow-scanner/migrations"
--- a/snow-scanner/migrations/2024-06-22-201500_create_scanners_table/down.sql
+++ b/snow-scanner/migrations/2024-06-22-201500_create_scanners_table/down.sql
@ -0,0 +1 @@
+DROP TABLE `scanners`;
--- a/snow-scanner/migrations/2024-06-22-201500_create_scanners_table/up.sql
+++ b/snow-scanner/migrations/2024-06-22-201500_create_scanners_table/up.sql
@ -0,0 +1,11 @@
+CREATE TABLE IF NOT EXISTS `scanners` (
+    ip VARCHAR(255) NOT NULL,
+    ip_type TINYINT(1) UNSIGNED NOT NULL,
+    scanner_name VARCHAR(255) NOT NULL,
+    ip_ptr VARCHAR(255) NULL,
+    created_at DATETIME NOT NULL,
+    updated_at DATETIME NULL,
+    last_seen_at DATETIME NULL,
+    last_checked_at DATETIME NULL,
+    PRIMARY KEY (ip, ip_type)
+);
--- a/snow-scanner/migrations/2024-06-23-10600_create_scan_tasks_table/down.sql
+++ b/snow-scanner/migrations/2024-06-23-10600_create_scan_tasks_table/down.sql
@ -0,0 +1 @@
+DROP TABLE `scan_tasks`;
--- a/snow-scanner/migrations/2024-06-23-10600_create_scan_tasks_table/up.sql
+++ b/snow-scanner/migrations/2024-06-23-10600_create_scan_tasks_table/up.sql
@ -0,0 +1,11 @@
+CREATE TABLE IF NOT EXISTS `scan_tasks` (
+    task_group_id VARCHAR(255) NOT NULL,
+    cidr VARCHAR(255) NOT NULL,
+    created_by_username VARCHAR(255) NOT NULL,
+    created_at DATETIME NOT NULL,
+    updated_at DATETIME NULL,
+    started_at DATETIME NULL,
+    still_processing_at DATETIME NULL,
+    ended_at DATETIME NULL,
+    PRIMARY KEY (task_group_id, cidr)
+);
--- a/snow-scanner/src/main.rs
+++ b/snow-scanner/src/main.rs
@ -1,31 +1,45 @@
-#[macro_use]
-extern crate rouille;
+use actix_files::NamedFile;
+use actix_web::error::ErrorInternalServerError;
+use actix_web::http::header::ContentType;
+use actix_web::{web, App, HttpRequest, HttpResponse, HttpServer};

 use chrono::{NaiveDateTime, Utc};
-use cidr::IpCidr;
-use hmac::{Hmac, Mac};
-use rouille::{Request, Response, ResponseBody};
-use rusqlite::types::ToSqlOutput;
-use rusqlite::Error as RusqliteError;
-use rusqlite::{named_params, Connection, OpenFlags, Result, ToSql};
-use sha2::Sha256;
+use diesel::deserialize::{self, FromSqlRow};
+use diesel::mysql::{Mysql, MysqlValue};
+use diesel::sql_types::Text;
+
+use diesel::r2d2::ConnectionManager;
+use diesel::r2d2::Pool;
+
+use std::io::Write;
+use std::path::PathBuf;
 use std::str::FromStr;
-use std::sync::Mutex;
-use std::time::Duration;
-use std::{env, fmt, thread};
-use uuid7::Uuid;
+use std::{env, fmt};
+use uuid::Uuid;
+
+use serde::{Deserialize, Deserializer, Serialize};

 use hickory_client::client::SyncClient;
 use hickory_client::rr::Name;
 use hickory_client::tcp::TcpClientConnection;

+use diesel::serialize::IsNull;
+use diesel::{serialize, MysqlConnection};
 use dns_ptr_resolver::{get_ptr, ResolvedResult};

-// Create alias for HMAC-SHA256
-type HmacSha256 = Hmac<Sha256>;
+pub mod models;
+pub mod schema;

-#[derive(Debug, Clone)]
-enum Scanners {
+use crate::models::*;
+
+/// Short-hand for the database pool type to use throughout the app.
+type DbPool = Pool<ConnectionManager<MysqlConnection>>;
+
+// Create alias for HMAC-SHA256
+// type HmacSha256 = Hmac<Sha256>;
+
+#[derive(Debug, Clone, Copy, FromSqlRow)]
+pub enum Scanners {
    Stretchoid,
    Binaryedge,
    Censys,
@ -45,17 +59,25 @@ impl IsStatic for Scanners {
        }
    }
 }
-impl FromStr for Scanners {
-    type Err = ();
-    fn from_str(input: &str) -> Result<Scanners, ()> {
-        match input {
+
+impl<'de> Deserialize<'de> for Scanners {
+    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+    where
+        D: Deserializer<'de>,
+    {
+        let s = <Vec<String>>::deserialize(deserializer)?;
+        let k: &str = s[0].as_str();
+        match k {
            "stretchoid" => Ok(Scanners::Stretchoid),
            "binaryedge" => Ok(Scanners::Binaryedge),
            "stretchoid.txt" => Ok(Scanners::Stretchoid),
            "binaryedge.txt" => Ok(Scanners::Binaryedge),
            "censys.txt" => Ok(Scanners::Censys),
            "internet-measurement.com.txt" => Ok(Scanners::InternetMeasurement),
-            _ => Err(()),
+            v => Err(serde::de::Error::custom(format!(
+                "Unknown value: {}",
+                v.to_string()
+            ))),
        }
    }
 }
@ -74,90 +96,32 @@ impl fmt::Display for Scanners {
        )
    }
 }
-impl ToSql for Scanners {
-    /// Converts Rust value to SQLite value
-    fn to_sql(&self) -> Result<ToSqlOutput<'_>> {
-        match self {
-            Self::Stretchoid => Ok("stretchoid".into()),
-            Self::Binaryedge => Ok("binaryedge".into()),
-            Self::Censys => Ok("censys".into()),
-            Self::InternetMeasurement => Ok("internet-measurement.com".into()),
+
+impl serialize::ToSql<Text, Mysql> for Scanners {
+    fn to_sql(&self, out: &mut serialize::Output<Mysql>) -> serialize::Result {
+        match *self {
+            Self::Stretchoid => out.write_all(b"stretchoid")?,
+            Self::Binaryedge => out.write_all(b"binaryedge")?,
+            Self::Censys => out.write_all(b"censys")?,
+            Self::InternetMeasurement => out.write_all(b"internet-measurement.com")?,
+        };
+
+        Ok(IsNull::No)
+    }
+}
+
+impl deserialize::FromSql<Text, Mysql> for Scanners {
+    fn from_sql(bytes: MysqlValue) -> deserialize::Result<Self> {
+        let value = <String as deserialize::FromSql<Text, Mysql>>::from_sql(bytes)?;
+        match &value as &str {
+            "stretchoid" => Ok(Scanners::Stretchoid),
+            "binaryedge" => Ok(Scanners::Binaryedge),
+            "internet-measurement.com" => Ok(Scanners::InternetMeasurement),
+            _ => Err("Unrecognized enum variant".into()),
        }
    }
 }

-#[derive(Debug)]
-struct Scanner {
-    ip: String,
-    ip_type: u8,
-    scanner_name: Scanners,
-    ip_ptr: Option<String>,
-    created_at: NaiveDateTime,
-    updated_at: Option<NaiveDateTime>,
-    last_seen_at: Option<NaiveDateTime>,
-    last_checked_at: Option<NaiveDateTime>,
-}
-
-#[derive(Debug)]
-struct ScanTask {
-    task_group_id: Uuid,
-    cidr: String,
-    created_by_username: String,
-    created_at: NaiveDateTime,
-    updated_at: Option<NaiveDateTime>,
-    started_at: Option<NaiveDateTime>,
-    still_processing_at: Option<NaiveDateTime>,
-    ended_at: Option<NaiveDateTime>,
-}
-
-fn save_scanner(conn: &Connection, scanner: &Scanner) -> Result<(), ()> {
-    match conn.execute(
-        "INSERT INTO scanners (ip, ip_type, ip_ptr, scanner_name, created_at, updated_at, last_seen_at, last_checked_at)
-        VALUES (:ip, :ip_type, :ip_ptr, :scanner_name, :created_at, :updated_at, :last_seen_at, :last_checked_at)
-        ON CONFLICT(ip, ip_type) DO UPDATE SET updated_at = :updated_at, last_seen_at = :last_seen_at, last_checked_at = :last_checked_at, ip_ptr = :ip_ptr;",
-        named_params! {
-            ":ip": &scanner.ip,
-            ":ip_type": &scanner.ip_type,
-            ":ip_ptr": &scanner.ip_ptr,
-            ":scanner_name": &scanner.scanner_name,
-            ":created_at": &scanner.created_at.to_string(),
-            ":updated_at": &scanner.updated_at,
-            ":last_seen_at": &scanner.last_seen_at,
-            ":last_checked_at": &scanner.last_checked_at
-        },
-    ) {
-        Ok(_) => {
-            Ok(())
-        },
-        Err(_) => {
-            Err(())
-        },
-    }
-}
-
-fn save_scan_task(conn: &Connection, scan_task: &ScanTask) -> Result<(), RusqliteError> {
-    match conn.execute(
-        "INSERT INTO scan_tasks (task_group_id, cidr, created_by_username, created_at, updated_at, started_at, ended_at, still_processing_at)
-        VALUES (:task_group_id, :cidr, :created_by_username, :created_at, :updated_at, :started_at, :ended_at, :still_processing_at)
-        ON CONFLICT(cidr, task_group_id) DO UPDATE SET updated_at = :updated_at, started_at = :started_at, ended_at = :ended_at, still_processing_at = :still_processing_at;",
-        named_params! {
-            ":task_group_id": &scan_task.task_group_id.to_string(),
-            ":cidr": &scan_task.cidr,
-            ":created_by_username": &scan_task.created_by_username,
-            ":created_at": &scan_task.created_at.to_string(),
-            ":updated_at": &scan_task.updated_at,
-            ":started_at": &scan_task.started_at,
-            ":ended_at": &scan_task.ended_at,
-            ":still_processing_at": &scan_task.still_processing_at,
-        },
-    ) {
-        Ok(_) => {
-            Ok(())
-        },
-        Err(err) => Err(err),
-    }
-}
-
 fn detect_scanner(ptr_result: &ResolvedResult) -> Result<Scanners, ()> {
    match ptr_result.result {
        Some(ref x)
@ -176,42 +140,7 @@ fn detect_scanner(ptr_result: &ResolvedResult) -> Result<Scanners, ()> {
    }
 }

-fn handle_ip2(conn: &Connection, ip: String) -> Result<Scanner, Option<ResolvedResult>> {
-    let query_address = ip.parse().expect(format!("To parse: {}", ip).as_str());
-
-    let client = get_dns_client();
-    let ptr_result: ResolvedResult = if let Ok(res) = get_ptr(query_address, client) {
-        res
-    } else {
-        return Err(None);
-    };
-
-    match detect_scanner(&ptr_result) {
-        Ok(scanner_name) => {
-            let ip_type = if ip.contains(':') { 6 } else { 4 };
-            let scanner = Scanner {
-                ip: ip,
-                ip_type: ip_type,
-                scanner_name: scanner_name.clone(),
-                ip_ptr: match ptr_result.result {
-                    Some(ptr) => Some(ptr.to_string()),
-                    None => None,
-                },
-                created_at: Utc::now().naive_utc(),
-                updated_at: None,
-                last_seen_at: None,
-                last_checked_at: None,
-            };
-            let db = conn;
-            save_scanner(&db, &scanner).unwrap();
-            Ok(scanner)
-        }
-
-        Err(_) => Err(Some(ptr_result)),
-    }
-}
-
-fn handle_ip(conn: &Mutex<Connection>, ip: String) -> Result<Scanner, Option<ResolvedResult>> {
+async fn handle_ip(pool: web::Data<DbPool>, ip: String) -> Result<Scanner, Option<ResolvedResult>> {
    let query_address = ip.parse().expect("To parse");

    let client = get_dns_client();
@ -237,9 +166,19 @@ fn handle_ip(conn: &Mutex<Connection>, ip: String) -> Result<Scanner, Option<Res
                last_seen_at: None,
                last_checked_at: None,
            };
-            let db = conn.lock().unwrap();
-            save_scanner(&db, &scanner).unwrap();
-            Ok(scanner)
+
+            // use web::block to offload blocking Diesel queries without blocking server thread
+            web::block(move || {
+                // note that obtaining a connection from the pool is also potentially blocking
+                let conn = &mut pool.get().unwrap();
+
+                match scanner.save(conn) {
+                    Ok(scanner) => Ok(scanner),
+                    Err(_) => Err(None),
+                }
+            })
+            .await
+            .unwrap()
        }

        Err(_) => Err(Some(ptr_result)),
@ -269,51 +208,55 @@ static FORM: &str = r#"
 </html>
 "#;

-fn handle_scan(conn: &Mutex<Connection>, request: &Request) -> Response {
-    let data = try_or_400!(post_input!(request, {
-        username: String,
-        ips: String,
-    }));
-
-    if data.username.len() < 4 {
-        return Response {
-            status_code: 422,
-            headers: vec![("Content-Type".into(), "text/plain; charset=utf-8".into())],
-            data: ResponseBody::from_string("Invalid username"),
-            upgrade: None,
-        };
-    }
-
-    let db = conn.lock().unwrap();
-    let task_group_id = uuid7::uuid7();
-
-    for ip in data.ips.lines() {
-        let scan_task = ScanTask {
-            task_group_id: task_group_id,
-            cidr: ip.to_string(),
-            created_by_username: data.username.clone(),
-            created_at: Utc::now().naive_utc(),
-            updated_at: None,
-            started_at: None,
-            still_processing_at: None,
-            ended_at: None,
-        };
-        match save_scan_task(&db, &scan_task) {
-            Ok(_) => println!("Added {}", ip.to_string()),
-            Err(err) => eprintln!("Not added: {:?}", err),
-        }
-    }
-
-    rouille::Response::html(format!("New task added: {} !", task_group_id))
+#[derive(Serialize, Deserialize)]
+pub struct ScanParams {
+    username: String,
+    ips: String,
 }

-fn handle_report(conn: &Mutex<Connection>, request: &Request) -> Response {
-    let data = try_or_400!(post_input!(request, {
-        ip: String,
-    }));
+async fn handle_scan(pool: web::Data<DbPool>, params: web::Form<ScanParams>) -> HttpResponse {
+    if params.username.len() < 4 {
+        return plain_contents("Invalid username".to_string());
+    }

-    match handle_ip(conn, data.ip.clone()) {
-        Ok(scanner) => rouille::Response::html(match scanner.scanner_name {
+    let task_group_id: Uuid = Uuid::now_v7();
+
+    // use web::block to offload blocking Diesel queries without blocking server thread
+    let _ = web::block(move || {
+        // note that obtaining a connection from the pool is also potentially blocking
+        let conn = &mut pool.get().unwrap();
+        for ip in params.ips.lines() {
+            let scan_task = ScanTask {
+                task_group_id: task_group_id.to_string(),
+                cidr: ip.to_string(),
+                created_by_username: params.username.clone(),
+                created_at: Utc::now().naive_utc(),
+                updated_at: None,
+                started_at: None,
+                still_processing_at: None,
+                ended_at: None,
+            };
+            match scan_task.save(conn) {
+                Ok(_) => println!("Added {}", ip.to_string()),
+                Err(err) => eprintln!("Not added: {:?}", err),
+            }
+        }
+    })
+    .await
+    // map diesel query errors to a 500 error response
+    .map_err(|err| ErrorInternalServerError(err));
+
+    html_contents(format!("New task added: {} !", task_group_id))
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct ReportParams {
+    ip: String,
+}
+
+async fn handle_report(pool: web::Data<DbPool>, params: web::Form<ReportParams>) -> HttpResponse {
+    match handle_ip(pool, params.ip.clone()).await {
+        Ok(scanner) => html_contents(match scanner.scanner_name {
            Scanners::Binaryedge => format!(
                "Reported an escaped ninja! <b>{}</a> known as {:?}.",
                scanner.ip, scanner.ip_ptr
@ -325,9 +268,9 @@ fn handle_report(conn: &Mutex<Connection>, request: &Request) -> Response {
            _ => format!("Not supported"),
        }),

-        Err(ptr_result) => rouille::Response::html(format!(
+        Err(ptr_result) => html_contents(format!(
            "The IP <b>{}</a> resolved as {:?} did not match known scanners patterns.",
-            data.ip,
+            params.ip,
            match ptr_result {
                Some(res) => res.result,
                None => None,
@ -336,64 +279,65 @@ fn handle_report(conn: &Mutex<Connection>, request: &Request) -> Response {
    }
 }

-fn handle_get_collection(request: &Request, static_data_dir: &str) -> Response {
-    // The `match_assets` function tries to find a file whose name corresponds to the URL
-    // of the request. The second parameter (`"."`) tells where the files to look for are
-    // located.
-    // In order to avoid potential security threats, `match_assets` will never return any
-    // file outside of this directory even if the URL is for example `/../../foo.txt`.
-    let response = rouille::match_assets(&request, static_data_dir);
+async fn handle_get_collection(
+    path: web::Path<(String, String)>,
+    req: HttpRequest,
+    static_data_dir: actix_web::web::Data<String>,
+) -> actix_web::Result<HttpResponse> {
+    let (vendor_name, file_name) = path.into_inner();

-    if response.is_success() {
-        return response;
+    let mut path: PathBuf = PathBuf::new();
+    let static_data_dir: String = static_data_dir.into_inner().to_string();
+    path.push(static_data_dir);
+    path.push(vendor_name.to_string());
+    path.push(file_name.to_string());
+    match NamedFile::open(path) {
+        Ok(file) => Ok(file.into_response(&req)),
+        Err(err) => Ok(HttpResponse::NotFound()
+            .content_type(ContentType::plaintext())
+            .body(format!("File not found: {}.\n", err))),
    }
-    return Response {
-        status_code: 404,
-        headers: vec![("Content-Type".into(), "text/plain; charset=utf-8".into())],
-        data: ResponseBody::from_string("File not found.\n"),
-        upgrade: None,
-    };
 }

-fn handle_list_scanners(
-    conn: &Mutex<Connection>,
-    static_data_dir: &str,
-    scanner_name: Scanners,
-    request: &Request,
-) -> Response {
+async fn handle_list_scanners(
+    pool: web::Data<DbPool>,
+    path: web::Path<Scanners>,
+    req: HttpRequest,
+    static_data_dir: actix_web::web::Data<String>,
+) -> actix_web::Result<HttpResponse> {
+    let scanner_name = path.into_inner();
+    let static_data_dir: String = static_data_dir.into_inner().to_string();
    if scanner_name.is_static() {
-        // The `match_assets` function tries to find a file whose name corresponds to the URL
-        // of the request. The second parameter (`"."`) tells where the files to look for are
-        // located.
-        // In order to avoid potential security threats, `match_assets` will never return any
-        // file outside of this directory even if the URL is for example `/../../foo.txt`.
-        let response = rouille::match_assets(&request, static_data_dir);
+        let mut path: PathBuf = PathBuf::new();
+        path.push(static_data_dir);
+        path.push(scanner_name.to_string());

-        if response.is_success() {
-            return response;
-        }
-        return Response {
-            status_code: 404,
-            headers: vec![("Content-Type".into(), "text/plain; charset=utf-8".into())],
-            data: ResponseBody::from_string("File not found.\n"),
-            upgrade: None,
+        return match NamedFile::open(path) {
+            Ok(file) => Ok(file.into_response(&req)),
+            Err(err) => Ok(HttpResponse::NotFound()
+                .content_type(ContentType::plaintext())
+                .body(format!("File not found: {}.\n", err))),
        };
    }
-    let db = conn.lock().unwrap();
-    let mut stmt = db.prepare("SELECT ip FROM scanners WHERE scanner_name = :scanner_name ORDER BY ip_type, created_at").unwrap();
-    let mut rows = stmt
-        .query(named_params! { ":scanner_name": scanner_name })
-        .unwrap();
-    let mut ips: Vec<String> = vec![];
-    while let Some(row) = rows.next().unwrap() {
-        ips.push(row.get(0).unwrap());
-    }

-    Response {
-        status_code: 200,
-        headers: vec![("Content-Type".into(), "text/plain; charset=utf-8".into())],
-        data: ResponseBody::from_string(ips.join("\n")),
-        upgrade: None,
+    // use web::block to offload blocking Diesel queries without blocking server thread
+    let scanners_list = web::block(move || {
+        // note that obtaining a connection from the pool is also potentially blocking
+        let conn = &mut pool.get().unwrap();
+        match Scanner::list_names(scanner_name, conn) {
+            Ok(data) => Ok(data),
+            Err(err) => Err(err),
+        }
+    })
+    .await
+    // map diesel query errors to a 500 error response
+    .map_err(|err| ErrorInternalServerError(err))
+    .unwrap();
+
+    if let Ok(scanners) = scanners_list {
+        Ok(html_contents(scanners.join("\n")))
+    } else {
+        Ok(server_error("Unable to list scanners".to_string()))
    }
 }

@ -422,90 +366,58 @@ static SCAN_TASKS_FOOT: &str = r#"
 </html>
 "#;

-fn handle_list_scan_tasks(conn: &Mutex<Connection>) -> Response {
-    let db = conn.lock().unwrap();
-
-    let mut stmt = db
-        .prepare(
-            r#"
-        SELECT task_group_id, cidr, created_by_username, started_at, still_processing_at, ended_at
-        FROM scan_tasks
-        ORDER BY created_at, task_group_id ASC
-        "#,
-        )
-        .unwrap();
-    let mut rows = stmt.query(named_params! {}).unwrap();
+async fn handle_list_scan_tasks(pool: web::Data<DbPool>) -> HttpResponse {
    let mut html_data: Vec<String> = vec![SCAN_TASKS_HEAD.to_string()];

-    while let Some(row) = rows.next().unwrap() {
-        let cidr: String = row.get(1).unwrap();
-        let started_at: Option<NaiveDateTime> = row.get(3).unwrap();
-        let still_processing_at: Option<NaiveDateTime> = row.get(4).unwrap();
-        let ended_at: Option<NaiveDateTime> = row.get(5).unwrap();
-        html_data.push(format!(
-            "
-            <tr>
-                <td>{cidr}</td>
-                <td>{:#?}</td>
-                <td>{:#?}</td>
-                <td>{:#?}</td>
-            </tr>
-            ",
-            started_at, still_processing_at, ended_at
-        ));
-    }
+    // use web::block to offload blocking Diesel queries without blocking server thread
+    let scan_tasks_list = web::block(move || {
+        // note that obtaining a connection from the pool is also potentially blocking
+        let conn = &mut pool.get().unwrap();
+        match ScanTask::list(conn) {
+            Ok(data) => Ok(data),
+            Err(err) => Err(err),
+        }
+    })
+    .await
+    // map diesel query errors to a 500 error response
+    .map_err(|err| ErrorInternalServerError(err));

-    html_data.push(SCAN_TASKS_FOOT.to_string());
+    if let Ok(scan_tasks) = scan_tasks_list.unwrap() {
+        for row in scan_tasks {
+            let cidr: String = row.cidr;
+            let started_at: Option<NaiveDateTime> = row.started_at;
+            let still_processing_at: Option<NaiveDateTime> = row.still_processing_at;
+            let ended_at: Option<NaiveDateTime> = row.ended_at;
+            html_data.push(format!(
+                "
+                    <tr>
+                        <td>{cidr}</td>
+                        <td>{:#?}</td>
+                        <td>{:#?}</td>
+                        <td>{:#?}</td>
+                    </tr>
+                    ",
+                started_at, still_processing_at, ended_at
+            ));
+        }

-    Response {
-        status_code: 200,
-        headers: vec![("Content-Type".into(), "text/html; charset=utf-8".into())],
-        data: ResponseBody::from_string(html_data.join("\n")),
-        upgrade: None,
+        html_data.push(SCAN_TASKS_FOOT.to_string());
+
+        html_contents(html_data.join("\n"))
+    } else {
+        return server_error("Unable to list scan tasks".to_string());
    }
 }

-fn get_connection(db_path: &str) -> Connection {
-    let conn = Connection::open_with_flags(
-        db_path,
-        OpenFlags::SQLITE_OPEN_READ_WRITE
-            | OpenFlags::SQLITE_OPEN_CREATE
-            | OpenFlags::SQLITE_OPEN_FULL_MUTEX,
-    )
-    .unwrap();
-    conn.execute(
-        "CREATE TABLE IF NOT EXISTS scanners (
-            ip VARCHAR(255) NOT NULL,
-            ip_type TINYINT(1) NOT NULL,
-            scanner_name VARCHAR(255) NOT NULL,
-            ip_ptr VARCHAR(255) NULL,
-            created_at DATETIME NOT NULL,
-            updated_at DATETIME NULL,
-            last_seen_at DATETIME NULL,
-            last_checked_at DATETIME NULL,
-            PRIMARY KEY (ip, ip_type)
-        )",
-        (), // empty list of parameters.
-    )
-    .unwrap();
-    conn.execute(
-        "CREATE TABLE IF NOT EXISTS scan_tasks (
-            task_group_id VARCHAR(255) NOT NULL,
-            cidr VARCHAR(255) NOT NULL,
-            created_by_username VARCHAR(255) NOT NULL,
-            created_at DATETIME NOT NULL,
-            updated_at DATETIME NULL,
-            started_at DATETIME NULL,
-            still_processing_at DATETIME NULL,
-            ended_at DATETIME NULL,
-            PRIMARY KEY (task_group_id, cidr)
-        )",
-        (), // empty list of parameters.
-    )
-    .unwrap();
-    conn.pragma_update_and_check(None, "journal_mode", &"WAL", |_| Ok(()))
-        .unwrap();
-    conn
+fn get_connection(database_url: &str) -> DbPool {
+    let manager = ConnectionManager::<MysqlConnection>::new(database_url);
+    // Refer to the `r2d2` documentation for more methods to use
+    // when building a connection pool
+    Pool::builder()
+        .max_size(30)
+        .test_on_check_out(true)
+        .build(manager)
+        .expect("Could not build connection pool")
 }

 fn get_dns_client() -> SyncClient<TcpClientConnection> {
@ -515,36 +427,124 @@ fn get_dns_client() -> SyncClient<TcpClientConnection> {
    SyncClient::new(dns_conn)
 }

-fn main() -> Result<()> {
+fn plain_contents(data: String) -> HttpResponse {
+    HttpResponse::Ok()
+        .content_type(ContentType::plaintext())
+        .body(data)
+}
+
+fn html_contents(data: String) -> HttpResponse {
+    HttpResponse::Ok()
+        .content_type(ContentType::html())
+        .body(data)
+}
+
+fn server_error(data: String) -> HttpResponse {
+    HttpResponse::InternalServerError()
+        .content_type(ContentType::html())
+        .body(data)
+}
+
+async fn index() -> HttpResponse {
+    html_contents(FORM.to_string())
+}
+
+async fn pong() -> HttpResponse {
+    plain_contents("pong".to_string())
+}
+
+#[actix_web::main]
+async fn main() -> std::io::Result<()> {
    let server_address: String = if let Ok(env) = env::var("SERVER_ADDRESS") {
        env
    } else {
        "localhost:8000".to_string()
    };

-    println!("Now listening on {}", server_address);
-
-    let db_file: String = if let Ok(env) = env::var("DB_FILE") {
+    let db_url: String = if let Ok(env) = env::var("DB_URL") {
        env
    } else {
-        "./snow-scanner.sqlite".to_string()
+        eprintln!("Missing ENV: DB_URL");
+        "mysql://localhost".to_string()
    };

-    let static_data_dir: String = match env::var("STATIC_DATA_DIR") {
-        Ok(val) => val,
-        Err(_) => "../data/".to_string(),
-    };
+    let server = HttpServer::new(move || {
+        let static_data_dir: String = match env::var("STATIC_DATA_DIR") {
+            Ok(val) => val,
+            Err(_) => "../data/".to_string(),
+        };

-    println!("Database will be saved at: {}", db_file);
+        let pool = get_connection(db_url.as_str());
+        App::new()
+            .app_data(web::Data::new(pool.clone()))
+            .app_data(actix_web::web::Data::new(static_data_dir))
+            .route("/", web::get().to(index))
+            .route("/ping", web::get().to(pong))
+            .route("/report", web::post().to(handle_report))
+            .route("/scan", web::post().to(handle_scan))
+            .route("/scan/tasks", web::get().to(handle_list_scan_tasks))
+            .route(
+                "/scanners/{scanner_name}",
+                web::get().to(handle_list_scanners),
+            )
+            .route(
+                "/collections/{vendor_name}/{file_name}",
+                web::get().to(handle_get_collection),
+            )
+    })
+    .bind(&server_address);
+    match server {
+        Ok(server) => {
+            println!("Now listening on {}", server_address);
+            server.run().await
+        }
+        Err(err) => {
+            eprintln!("Could not bind the server to {}", server_address);
+            Err(err)
+        }
+    }
+}
+/*
+(POST) (/register) => {
+    let data = try_or_400!(post_input!(request, {
+        email: String,
+    }));

-    let conn = Mutex::new(get_connection(db_file.as_str()));
-    conn.lock()
-        .unwrap()
-        .execute("SELECT 0 WHERE 0;", named_params! {})
-        .expect("Failed to initialize database");
+    // We just print what was received on stdout. Of course in a real application
+    // you probably want to process the data, eg. store it in a database.
+    println!("Received data: {:?}", data);
+
+
+    let mut mac = HmacSha256::new_from_slice(b"my secret and secure key")
+        .expect("HMAC can take key of any size");
+    mac.update(data.email.as_bytes());
+
+    // `result` has type `CtOutput` which is a thin wrapper around array of
+    // bytes for providing constant time equality check
+    let result = mac.finalize();
+    // To get underlying array use `into_bytes`, but be careful, since
+    // incorrect use of the code value may permit timing attacks which defeats
+    // the security provided by the `CtOutput`
+    let code_bytes = result.into_bytes();
+    rouille::Response::html(format!("Success! <b>{}</a>.", hex::encode(code_bytes)))
+},
+
+(GET) (/{api_key: String}/scanners/{scanner_name: String}) => {
+    let mut mac = HmacSha256::new_from_slice(b"my secret and secure key")
+        .expect("HMAC can take key of any size");
+
+    mac.update(b"williamdes@wdes.fr");
+
+    println!("{}", api_key);
+    let hex_key = hex::decode(&api_key).unwrap();
+    // `verify_slice` will return `Ok(())` if code is correct, `Err(MacError)` otherwise
+    mac.verify_slice(&hex_key).unwrap();
+
+    rouille::Response::empty_404()
+},

    thread::spawn(move || {
-        let conn = get_connection(db_file.as_str());
+        let conn = &mut get_connection(db_url.as_str());
        // Reset scan tasks
        let _ = conn.execute("UPDATE scan_tasks SET updated_at = :updated_at, still_processing_at = NULL, started_at = NULL WHERE (still_processing_at IS NOT NULL OR started_at IS NOT NULL) AND ended_at IS NULL",
            named_params! {
@ -572,7 +572,7 @@ fn main() -> Result<()> {
                let count = addresses.count();
                let mut current = 0;
                for addr in addresses {
-                    match handle_ip2(&conn, addr.to_string()) {
+                    match handle_ip(conn, addr.to_string()) {
                        Ok(scanner) => println!("Processed {}", scanner.ip),
                        Err(_) => println!("Processed {}", addr),
                    }
@ -599,70 +599,4 @@ fn main() -> Result<()> {
            let two_hundred_millis = Duration::from_millis(500);
            thread::sleep(two_hundred_millis);
        }
-    });
-
-    rouille::start_server(server_address, move |request| {
-        router!(request,
-            (GET) (/) => {
-                rouille::Response::html(FORM)
-            },
-
-            (GET) (/ping) => {
-                rouille::Response::text("pong")
-            },
-
-            (POST) (/report) => {handle_report(&conn, &request)},
-            (POST) (/scan) => {handle_scan(&conn, &request)},
-            (GET) (/scan/tasks) => {
-                handle_list_scan_tasks(&conn)
-            },
-
-            (POST) (/register) => {
-                let data = try_or_400!(post_input!(request, {
-                    email: String,
-                }));
-
-                // We just print what was received on stdout. Of course in a real application
-                // you probably want to process the data, eg. store it in a database.
-                println!("Received data: {:?}", data);
-
-
-                let mut mac = HmacSha256::new_from_slice(b"my secret and secure key")
-                    .expect("HMAC can take key of any size");
-                mac.update(data.email.as_bytes());
-
-                // `result` has type `CtOutput` which is a thin wrapper around array of
-                // bytes for providing constant time equality check
-                let result = mac.finalize();
-                // To get underlying array use `into_bytes`, but be careful, since
-                // incorrect use of the code value may permit timing attacks which defeats
-                // the security provided by the `CtOutput`
-                let code_bytes = result.into_bytes();
-                rouille::Response::html(format!("Success! <b>{}</a>.", hex::encode(code_bytes)))
-            },
-
-            (GET) (/scanners/{scanner_name: Scanners}) => {
-                handle_list_scanners(&conn, &static_data_dir, scanner_name, &request)
-            },
-            (GET) (/collections/{vendor_name: String}/{file_name: String}) => {
-                handle_get_collection(&request, &static_data_dir)
-            },
-            (GET) (/{api_key: String}/scanners/{scanner_name: String}) => {
-                let mut mac = HmacSha256::new_from_slice(b"my secret and secure key")
-                    .expect("HMAC can take key of any size");
-
-                mac.update(b"williamdes@wdes.fr");
-
-                println!("{}", api_key);
-                let hex_key = hex::decode(&api_key).unwrap();
-                // `verify_slice` will return `Ok(())` if code is correct, `Err(MacError)` otherwise
-                mac.verify_slice(&hex_key).unwrap();
-
-                rouille::Response::empty_404()
-            },
-            // The code block is called if none of the other blocks matches the request.
-            // We return an empty response with a 404 status code.
-            _ => rouille::Response::empty_404()
-        )
-    });
-}
+    });*/
--- a/snow-scanner/src/models.rs
+++ b/snow-scanner/src/models.rs
@ -0,0 +1,168 @@
+use crate::Scanners;
+use chrono::NaiveDateTime;
+use diesel::dsl::insert_into;
+use diesel::prelude::*;
+use diesel::result::Error as DieselError;
+
+use crate::schema::scan_tasks::dsl::scan_tasks;
+use crate::schema::scanners::dsl::scanners;
+
+#[derive(Queryable, Selectable, Debug)]
+#[diesel(table_name = crate::schema::scanners)]
+#[diesel(check_for_backend(diesel::mysql::Mysql))]
+pub struct Scanner {
+    pub ip: String,
+    pub ip_type: u8,
+    pub scanner_name: Scanners,
+    pub ip_ptr: Option<String>,
+    pub created_at: NaiveDateTime,
+    pub updated_at: Option<NaiveDateTime>,
+    pub last_seen_at: Option<NaiveDateTime>,
+    pub last_checked_at: Option<NaiveDateTime>,
+}
+
+impl Scanner {
+    pub fn list_names(
+        scanner_name: Scanners,
+        conn: &mut MysqlConnection,
+    ) -> Result<Vec<String>, DieselError> {
+        use crate::schema::scanners;
+        use crate::schema::scanners::ip;
+
+        scanners
+            .select(ip)
+            .filter(scanners::scanner_name.eq(scanner_name.to_string()))
+            .order((scanners::ip_type.desc(), scanners::created_at.desc()))
+            .load::<String>(conn)
+    }
+
+    pub fn save(self: Scanner, conn: &mut MysqlConnection) -> Result<Scanner, DieselError> {
+        let new_scanner = NewScanner::from_scanner(&self);
+        match insert_into(scanners)
+            .values(&new_scanner)
+            .on_conflict(diesel::dsl::DuplicatedKeys)
+            .do_update()
+            .set(&new_scanner)
+            .execute(conn)
+        {
+            Ok(_) => Ok(self),
+            Err(err) => Err(err),
+        }
+    }
+}
+
+#[derive(Debug, Insertable, AsChangeset)]
+#[diesel(table_name = crate::schema::scanners)]
+#[diesel(check_for_backend(diesel::mysql::Mysql))]
+pub struct NewScanner {
+    pub ip: String,
+    pub ip_type: u8,
+    pub scanner_name: String,
+    pub ip_ptr: Option<String>,
+    pub created_at: NaiveDateTime,
+    pub updated_at: Option<NaiveDateTime>,
+    pub last_seen_at: Option<NaiveDateTime>,
+    pub last_checked_at: Option<NaiveDateTime>,
+}
+
+impl NewScanner {
+    pub fn from_scanner<'x>(scanner: &Scanner) -> NewScanner {
+        NewScanner {
+            ip: scanner.ip.to_string(),
+            ip_type: scanner.ip_type,
+            scanner_name: scanner.scanner_name.to_string(),
+            ip_ptr: scanner.ip_ptr.to_owned(),
+            created_at: scanner.created_at,
+            updated_at: scanner.updated_at,
+            last_seen_at: scanner.last_seen_at,
+            last_checked_at: scanner.last_checked_at,
+        }
+    }
+}
+
+#[derive(Queryable, Selectable, Debug)]
+#[diesel(table_name = crate::schema::scan_tasks)]
+#[diesel(check_for_backend(diesel::mysql::Mysql))]
+pub struct ScanTask {
+    pub task_group_id: String,
+    pub cidr: String,
+    pub created_by_username: String,
+    pub created_at: NaiveDateTime,
+    pub updated_at: Option<NaiveDateTime>,
+    pub started_at: Option<NaiveDateTime>,
+    pub still_processing_at: Option<NaiveDateTime>,
+    pub ended_at: Option<NaiveDateTime>,
+}
+
+#[derive(Selectable, Debug, Queryable)]
+#[diesel(table_name = crate::schema::scan_tasks)]
+#[diesel(check_for_backend(diesel::mysql::Mysql))]
+pub struct ScanTaskitem {
+    pub task_group_id: String,
+    pub cidr: String,
+    pub created_by_username: String,
+    pub started_at: Option<NaiveDateTime>,
+    pub still_processing_at: Option<NaiveDateTime>,
+    pub ended_at: Option<NaiveDateTime>,
+}
+
+impl ScanTask {
+    pub fn list(conn: &mut MysqlConnection) -> Result<Vec<ScanTaskitem>, DieselError> {
+        use crate::schema::scan_tasks;
+
+        let res = scan_tasks
+            .select(ScanTaskitem::as_select())
+            .order((
+                scan_tasks::created_at.desc(),
+                scan_tasks::task_group_id.asc(),
+            ))
+            .load::<ScanTaskitem>(conn);
+        match res {
+            Ok(rows) => Ok(rows),
+            Err(err) => Err(err),
+        }
+    }
+
+    pub fn save(self: &ScanTask, conn: &mut MysqlConnection) -> Result<(), DieselError> {
+        let new_scan_task = NewScanTask::from_scan_task(self);
+        match insert_into(scan_tasks)
+            .values(&new_scan_task)
+            .on_conflict(diesel::dsl::DuplicatedKeys)
+            .do_update()
+            .set(&new_scan_task)
+            .execute(conn)
+        {
+            Ok(_) => Ok(()),
+            Err(err) => Err(err),
+        }
+    }
+}
+
+#[derive(Debug, Insertable, AsChangeset)]
+#[diesel(table_name = crate::schema::scan_tasks)]
+#[diesel(check_for_backend(diesel::mysql::Mysql))]
+pub struct NewScanTask {
+    pub task_group_id: String,
+    pub cidr: String,
+    pub created_by_username: String,
+    pub created_at: NaiveDateTime,
+    pub updated_at: Option<NaiveDateTime>,
+    pub started_at: Option<NaiveDateTime>,
+    pub still_processing_at: Option<NaiveDateTime>,
+    pub ended_at: Option<NaiveDateTime>,
+}
+
+impl NewScanTask {
+    pub fn from_scan_task<'x>(scan_task: &ScanTask) -> NewScanTask {
+        NewScanTask {
+            task_group_id: scan_task.task_group_id.to_string(),
+            cidr: scan_task.cidr.to_owned(),
+            created_by_username: scan_task.created_by_username.to_owned(),
+            created_at: scan_task.created_at,
+            updated_at: scan_task.updated_at,
+            started_at: scan_task.started_at,
+            still_processing_at: scan_task.still_processing_at,
+            ended_at: scan_task.ended_at,
+        }
+    }
+}
--- a/snow-scanner/src/schema.rs
+++ b/snow-scanner/src/schema.rs
@ -0,0 +1,35 @@
+// @generated automatically by Diesel CLI.
+
+diesel::table! {
+    scan_tasks (task_group_id, cidr) {
+        #[max_length = 255]
+        task_group_id -> Varchar,
+        #[max_length = 255]
+        cidr -> Varchar,
+        #[max_length = 255]
+        created_by_username -> Varchar,
+        created_at -> Datetime,
+        updated_at -> Nullable<Datetime>,
+        started_at -> Nullable<Datetime>,
+        still_processing_at -> Nullable<Datetime>,
+        ended_at -> Nullable<Datetime>,
+    }
+}
+
+diesel::table! {
+    scanners (ip, ip_type) {
+        #[max_length = 255]
+        ip -> Varchar,
+        ip_type -> Unsigned<Tinyint>,
+        #[max_length = 255]
+        scanner_name -> Varchar,
+        #[max_length = 255]
+        ip_ptr -> Nullable<Varchar>,
+        created_at -> Datetime,
+        updated_at -> Nullable<Datetime>,
+        last_seen_at -> Nullable<Datetime>,
+        last_checked_at -> Nullable<Datetime>,
+    }
+}
+
+diesel::allow_tables_to_appear_in_same_query!(scan_tasks, scanners,);
Author	SHA1	Message	Date
William Desportes	299621ee6f	Re-write all using actix Some checks failed Build IP lists / Build scanners list (binaryedge) (push) Failing after -2m0s Details Build IP lists / Build scanners list (stretchoid) (push) Failing after -2m2s Details Build IP lists / build-aws-cloudfront (push) Failing after -2m2s Details	2024-09-20 17:45:04 +02:00
William Desportes	110484a967	Re-write all the data management with Diesel	2024-09-20 00:51:24 +02:00
William Desportes	18bd7ce3ab	Write migrations with Diesel	2024-09-20 00:07:01 +02:00