Mercurial > farol > farolluz
comparison farolluz/renderer.py @ 0:e18b61a73a68
Initial Release
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Tue, 23 Sep 2014 15:19:14 +0200 |
parents | |
children | 809db989cac5 |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:e18b61a73a68 |
---|---|
1 # -*- encoding: utf-8 -*- | |
2 # Description: | |
3 # Module related to the rendering of a Security Advisory. | |
4 # | |
5 # Authors: | |
6 # BenoƮt Allard <benoit.allard@greenbone.net> | |
7 # | |
8 # Copyright: | |
9 # Copyright (C) 2014 Greenbone Networks GmbH | |
10 # | |
11 # This program is free software; you can redistribute it and/or | |
12 # modify it under the terms of the GNU General Public License | |
13 # as published by the Free Software Foundation; either version 2 | |
14 # of the License, or (at your option) any later version. | |
15 # | |
16 # This program is distributed in the hope that it will be useful, | |
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
19 # GNU General Public License for more details. | |
20 # | |
21 # You should have received a copy of the GNU General Public License | |
22 # along with this program; if not, write to the Free Software | |
23 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | |
24 | |
25 from __future__ import print_function | |
26 | |
27 import os | |
28 import sys | |
29 from datetime import datetime | |
30 import jinja2 | |
31 | |
32 from .parsers import cvrf | |
33 from .utils import utcnow | |
34 | |
35 # Supported Red Hat OSes for parsing. The value is as used in | |
36 # gather-package-list.nasl to set "ssh/login/release" | |
37 # Refer to that file, or the lsc_generator for a complete list. | |
38 OS_MAP = { | |
39 'Red Hat Enterprise Linux Server (v. 7)' : 'RHENT_7', | |
40 'Red Hat Enterprise Linux Server (v. 6)' : 'RHENT_6', | |
41 'Red Hat Enterprise Linux Workstation (v. 6)' : 'RHENT_6', | |
42 'Red Hat Enterprise Linux Desktop (v. 6)' : 'RHENT_6', | |
43 'Red Hat Enterprise Linux Desktop 6' : 'RHENT_6', | |
44 'Red Hat Enterprise Linux (v. 5 server)' : 'RHENT_5', | |
45 'Red Hat Enterprise Linux ES version 2.1' : 'RHENT_2.1', | |
46 'Red Hat Enterprise Linux WS version 2.1' : 'RHENT_2.1', | |
47 'Red Hat Enterprise Linux AS version 3' : 'RHENT_3', | |
48 'Red Hat Enterprise Linux ES version 3' : 'RHENT_3', | |
49 'Red Hat Enterprise Linux WS version 3' : 'RHENT_3', | |
50 'Red Hat Enterprise Linux AS version 4' : 'RHENT_4', | |
51 'Red Hat Enterprise Linux ES version 4' : 'RHENT_4', | |
52 'Red Hat Enterprise Linux WS version 4' : 'RHENT_4', | |
53 'Red Hat Enterprise Linux AS (Advanced Server) version 2.1' : 'RHENT_2.1', | |
54 } | |
55 | |
56 def calculateRiskFactor(cvss_score, debug=0): | |
57 """ | |
58 Calculates and Return Risk Factor given CVSS Base Score | |
59 """ | |
60 cvss_score = float(cvss_score) | |
61 | |
62 for high, name in [ | |
63 (2, 'Low'), | |
64 (5, 'Medium'), | |
65 (8, 'High'), | |
66 (10, 'Critical')]: | |
67 if cvss_score <= high: | |
68 return name | |
69 | |
70 | |
71 def getReleaseName(os_name): | |
72 return OS_MAP.get(os_name, 'UNKNOWN') | |
73 | |
74 def getPackageName(rpm_name): | |
75 return rpm_name.split('-')[0] | |
76 | |
77 def PackageNameForrpmvuln(package_name): | |
78 package_name = package_name.rstrip('.src.rpm|.x86_64.rpm') | |
79 return (package_name.replace('-', '~')) | |
80 | |
81 def render(cvrf, templatepath, **kwargs): | |
82 | |
83 red_hat = False | |
84 script_family = "" | |
85 os_cpe = "" | |
86 ## check the platform | |
87 if "Red Hat Security Advisory" in cvrf._title: | |
88 red_hat = True | |
89 script_family = "Red Hat Local Security Checks" | |
90 os_cpe = "cpe:/o:redhat:enterprise_linux" | |
91 | |
92 # product_id = cvrf._vulnerabilities[0]._productstatuses[0]._productids | |
93 # print (product_id) | |
94 # for eachid in cvrf._vulnerabilities[0]._productstatuses[0]._productids: | |
95 # print(cvrf.getProductForID(eachid)._name) | |
96 # | |
97 # print("productnames") | |
98 # print(', '.join(p._name for p in cvrf.getProductList())) | |
99 | |
100 | |
101 | |
102 templatedir = os.path.join(os.path.dirname(__file__), 'templates') | |
103 templateLoader = jinja2.FileSystemLoader(searchpath=templatedir) | |
104 templateEnv = jinja2.Environment( | |
105 loader=templateLoader, | |
106 extensions=['jinja2.ext.with_'] | |
107 ) | |
108 | |
109 templateEnv.filters['risk_factor'] = calculateRiskFactor | |
110 templateEnv.filters['release_map'] = getReleaseName | |
111 templateEnv.filters['package_name'] = getPackageName | |
112 templateEnv.filters['for_rpmvuln'] = PackageNameForrpmvuln | |
113 | |
114 template = templateEnv.get_template(templatepath) | |
115 | |
116 | |
117 | |
118 templateVars = { | |
119 "cvrf": cvrf, | |
120 "script_id": 0, | |
121 "now" : utcnow(), | |
122 "red_hat": red_hat, | |
123 "script_family" : script_family, | |
124 "os_cpe" : os_cpe, | |
125 | |
126 } | |
127 | |
128 templateVars.update(kwargs) | |
129 | |
130 return template.render(templateVars) | |
131 | |
132 def main(cvrfpath, templatepath): | |
133 | |
134 with open(cvrfpath, 'rt') as f: | |
135 cvrfdoc = cvrf.parse(f) | |
136 | |
137 outputText = render(cvrfdoc, templatepath) | |
138 | |
139 adv_id = cvrfdoc._tracking._identification._id | |
140 if adv_id : | |
141 file_name = adv_id.replace(":", "_"); | |
142 file_name = "gb_" + file_name + "." + os.path.basename(templatepath).split('.')[0] | |
143 | |
144 with open(file_name, 'w') as file_handle: | |
145 file_handle.write(outputText) | |
146 print("file written to:", file_name) | |
147 | |
148 if __name__ == "__main__": | |
149 import sys | |
150 template = "nasl.j2" | |
151 if len(sys.argv) >= 3: | |
152 template = sys.argv[2] | |
153 main(sys.argv[1], template) |