Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When specifying --root-cas for tls or https, only parse the file once #230

Open
codyprime opened this issue Nov 5, 2019 · 0 comments
Open

When specifying --root-cas for tls or https, only parse the file once #230

codyprime opened this issue Nov 5, 2019 · 0 comments
Assignees
@phillip-stephens
Labels
TLS

Comments

@codyprime
Copy link
Member

When the --root-cas= option is used for tls or https scans, the function GetTLSConfigForTarget is called to load the Root CAs into the TLS Config options. This happens for each scan, so the end result is heap and goroutine usage increases continually, eventually consuming all machine resources.

This option should be parsed only once, and loaded into a shared object for all scans.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@phillip-stephens phillip-stephens

Labels
TLS
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zakird @codyprime @phillip-stephens