Mercurial > farol > farolluz

view farolluz/renderer.py @ 0:e18b61a73a68

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Initial Release
author Benoît Allard <benoit.allard@greenbone.net>
date Tue, 23 Sep 2014 15:19:14 +0200
parents
children 809db989cac5
line wrap: on
line source
# -*- encoding: utf-8 -*-
# Description:
# Module related to the rendering of a Security Advisory.
#
# Authors:
# BenoƮt Allard <benoit.allard@greenbone.net>
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

from __future__ import print_function

import os
import sys
from datetime import datetime
import jinja2

from .parsers import cvrf
from .utils import utcnow

# Supported Red Hat OSes for parsing. The value is as used in
# gather-package-list.nasl to set "ssh/login/release"
# Refer to that file, or the lsc_generator for a complete list.
OS_MAP = {
    'Red Hat Enterprise Linux Server (v. 7)' : 'RHENT_7',
    'Red Hat Enterprise Linux Server (v. 6)' : 'RHENT_6',
    'Red Hat Enterprise Linux Workstation (v. 6)' : 'RHENT_6',
    'Red Hat Enterprise Linux Desktop (v. 6)' : 'RHENT_6',
    'Red Hat Enterprise Linux Desktop 6' : 'RHENT_6',
    'Red Hat Enterprise Linux (v. 5 server)' : 'RHENT_5',
    'Red Hat Enterprise Linux ES version 2.1' : 'RHENT_2.1',
    'Red Hat Enterprise Linux WS version 2.1' : 'RHENT_2.1',
    'Red Hat Enterprise Linux AS version 3' : 'RHENT_3',
    'Red Hat Enterprise Linux ES version 3' : 'RHENT_3',
    'Red Hat Enterprise Linux WS version 3' : 'RHENT_3',
    'Red Hat Enterprise Linux AS version 4' : 'RHENT_4',
    'Red Hat Enterprise Linux ES version 4' : 'RHENT_4',
    'Red Hat Enterprise Linux WS version 4' : 'RHENT_4',
    'Red Hat Enterprise Linux AS (Advanced Server) version 2.1' : 'RHENT_2.1',
}

def calculateRiskFactor(cvss_score, debug=0):
    """
    Calculates and Return Risk Factor given CVSS Base Score
    """
    cvss_score = float(cvss_score)

    for high, name in [
            (2, 'Low'),
            (5, 'Medium'),
            (8, 'High'),
            (10, 'Critical')]:
        if cvss_score <= high:
            return name


def getReleaseName(os_name):
    return OS_MAP.get(os_name, 'UNKNOWN')

def getPackageName(rpm_name):
    return rpm_name.split('-')[0]

def PackageNameForrpmvuln(package_name):
    package_name = package_name.rstrip('.src.rpm|.x86_64.rpm')
    return (package_name.replace('-', '~'))

def render(cvrf, templatepath, **kwargs):

    red_hat = False
    script_family = ""
    os_cpe = ""
    ## check the platform
    if "Red Hat Security Advisory" in cvrf._title:
        red_hat = True
        script_family = "Red Hat Local Security Checks"
        os_cpe = "cpe:/o:redhat:enterprise_linux"

#    product_id = cvrf._vulnerabilities[0]._productstatuses[0]._productids
#    print (product_id)
#    for eachid in cvrf._vulnerabilities[0]._productstatuses[0]._productids: 
#        print(cvrf.getProductForID(eachid)._name)
# 
#    print("productnames")
#    print(', '.join(p._name for p in cvrf.getProductList()))
       


    templatedir = os.path.join(os.path.dirname(__file__), 'templates')
    templateLoader = jinja2.FileSystemLoader(searchpath=templatedir)
    templateEnv = jinja2.Environment(
        loader=templateLoader,
        extensions=['jinja2.ext.with_']
    )

    templateEnv.filters['risk_factor'] = calculateRiskFactor
    templateEnv.filters['release_map'] = getReleaseName
    templateEnv.filters['package_name'] = getPackageName
    templateEnv.filters['for_rpmvuln'] = PackageNameForrpmvuln

    template = templateEnv.get_template(templatepath)



    templateVars = {
        "cvrf": cvrf,
        "script_id": 0,
        "now" : utcnow(),
        "red_hat": red_hat,
        "script_family" :  script_family,
        "os_cpe" : os_cpe,

    }

    templateVars.update(kwargs)

    return template.render(templateVars)

def main(cvrfpath, templatepath):

    with open(cvrfpath, 'rt') as f:
        cvrfdoc = cvrf.parse(f)

    outputText = render(cvrfdoc, templatepath)

    adv_id = cvrfdoc._tracking._identification._id
    if adv_id :
        file_name = adv_id.replace(":", "_");
        file_name = "gb_"  + file_name + "." + os.path.basename(templatepath).split('.')[0]

    with open(file_name, 'w') as file_handle:
        file_handle.write(outputText)
    print("file written to:", file_name)

if __name__ == "__main__":
    import sys
    template = "nasl.j2"
    if len(sys.argv) >= 3:
        template = sys.argv[2]
    main(sys.argv[1], template)
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)