Writes lambdas for DNSSEC, site features, carbon footprint and more

2023-07-07 20:56:58 +01:00
parent b8705ee48e
commit 7d33c38897
6 changed files with 215 additions and 10 deletions
--- a/server/lambda/ssl-check.js
+++ b/server/lambda/ssl-check.js
@@ -1,28 +1,45 @@
 const https = require('https');
+const { stringify } = require('flatted');

 exports.handler = async function (event, context) {
  const { url } = event.queryStringParameters;

+  const errorResponse = (message, statusCode = 444) => {
+    return {
+      statusCode: statusCode,
+      body: JSON.stringify({ error: message }),
+    };
+  };
+
  if (!url) {
    return {
      statusCode: 400,
-      body: 'url query parameter is required',
+      body: errorResponse('url query parameter is required'),
    };
  }

  return new Promise((resolve, reject) => {
    const req = https.request(url, res => {
-      resolve({
-        statusCode: 200,
-        body: JSON.stringify(res.socket.getPeerCertificate()),
-      });
+
+      // Check if the SSL handshake was authorized
+      if (!res.socket.authorized) {
+        resolve(errorResponse(`SSL handshake not authorized. Reason: ${res.socket.authorizationError}`));
+      } else {
+        const cert = res.socket.getPeerCertificate(true);
+        if (!cert || Object.keys(cert).length === 0) {
+          resolve(errorResponse("No certificate presented by the server."));
+        } else {
+          resolve({
+            statusCode: 200,
+            body: stringify(cert),
+          });
+        }
+      }
    });

    req.on('error', (error) => {
-      resolve({
-        statusCode: 500,
-        body: `Error fetching site certificate: ${error.message}`,
-      });
+      resolve(
+        errorResponse(`Error fetching site certificate: ${error.message}`, 500));
    });

    req.end();