epi052 · epi052 · Nov 25, 2023 · Nov 25, 2023 · Nov 25, 2023
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -73,6 +73,35 @@ jobs:
           name: ${{ matrix.name }}.tar.gz
           path: ${{ matrix.name }}.tar.gz
 
+  build-debug:
+    env:
+      IN_PIPELINE: true
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install System Dependencies
+        run: |
+          env
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends libssl-dev pkg-config
+      - uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          target: x86_64-unknown-linux-musl
+          override: true
+      - uses: actions-rs/cargo@v1
+        env:
+          PKG_CONFIG_PATH: /usr/lib/x86_64-linux-gnu/pkgconfig
+          OPENSSL_DIR: /usr/lib/ssl
+        with:
+          use-cross: true
+          command: build
+          args: --target=x86_64-unknown-linux-musl
+      - uses: actions/upload-artifact@v2
+        with:
+          name: x86_64-linux-debug-feroxbuster
+          path: target/x86_64-unknown-linux-musl/debug/feroxbuster
+
   # build-deb:
   #   needs: [build-nix]
   #   runs-on: ubuntu-latest

diff --git a/src/banner/container.rs b/src/banner/container.rs
@@ -1,13 +1,15 @@
 use super::entry::BannerEntry;
 use crate::{
+    client,
     config::Configuration,
     event_handlers::Handles,
-    utils::{logged_request, parse_url_with_raw_path, status_colorizer},
+    utils::{make_request, parse_url_with_raw_path, status_colorizer},
     DEFAULT_IGNORED_EXTENSIONS, DEFAULT_METHOD, DEFAULT_STATUS_CODES, VERSION,
 };
 use anyhow::{bail, Result};
 use console::{style, Emoji};
 use serde_json::Value;
+use std::collections::HashMap;
 use std::{io::Write, sync::Arc};
 
 /// Url used to query github's api; specifically used to look for the latest tagged release name
@@ -498,7 +500,34 @@ by Ben "epi" Risher {}                 ver: {}"#,
 
         let api_url = parse_url_with_raw_path(url)?;
 
-        let result = logged_request(&api_url, DEFAULT_METHOD, None, handles.clone()).await?;
+        // we don't want to leak sensitive header info / include auth headers
+        // with the github api request, so we'll build a client specifically
+        // for this task. thanks to @stuhlmann for the suggestion!
+        let client = client::initialize(
+            handles.config.timeout,
+            "feroxbuster-update-check",
+            handles.config.redirects,
+            handles.config.insecure,
+            &HashMap::new(),
+            Some(&handles.config.proxy),
+            &handles.config.server_certs,
+            Some(&handles.config.client_cert),
+            Some(&handles.config.client_key),
+        )?;
+        let level = handles.config.output_level;
+        let tx_stats = handles.stats.tx.clone();
+
+        let result = make_request(
+            &client,
+            &api_url,
+            DEFAULT_METHOD,
+            None,
+            level,
+            &handles.config,
+            tx_stats,
+        )
+        .await?;
+
         let body = result.text().await?;
 
         let json_response: Value = serde_json::from_str(&body)?;

diff --git a/src/client.rs b/src/client.rs
@@ -67,17 +67,19 @@ where
     }
 
     if let (Some(cert_path), Some(key_path)) = (client_cert, client_key) {
-        let cert = std::fs::read(cert_path)?;
-        let key = std::fs::read(key_path)?;
+        if !cert_path.is_empty() && !key_path.is_empty() {
+            let cert = std::fs::read(cert_path)?;
+            let key = std::fs::read(key_path)?;
 
-        let identity = reqwest::Identity::from_pkcs8_pem(&cert, &key).with_context(|| {
-            format!(
-                "either {} or {} are invalid; expecting PEM encoded certificate and key",
-                cert_path, key_path
-            )
-        })?;
+            let identity = reqwest::Identity::from_pkcs8_pem(&cert, &key).with_context(|| {
+                format!(
+                    "either {} or {} are invalid; expecting PEM encoded certificate and key",
+                    cert_path, key_path
+                )
+            })?;
 
-        client = client.identity(identity);
+            client = client.identity(identity);
+        }
     }
 
     Ok(client.build()?)