def _explicit_conversions(function_name: str) -> SNMPDetectSpecification:
if function_name in MIGRATED_SCAN_FUNCTIONS:
return MIGRATED_SCAN_FUNCTIONS[function_name]
if function_name == '_is_fsc_or_windows':
return any_of(
startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.231'),
startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.311'),
startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.8072'),
)
if function_name == 'is_fsc':
return all_of(
_explicit_conversions('_is_fsc_or_windows'),
exists('.1.3.6.1.4.1.231.2.10.2.1.1.0'),
)
if function_name == 'is_netapp_filer':
return any_of(
contains(".1.3.6.1.2.1.1.1.0", "ontap"),
startswith(".1.3.6.1.2.1.1.2.0", ".1.3.6.1.4.1.789"),
)
if function_name == '_has_table_2':
return exists(".1.3.6.1.4.1.9.9.109.1.1.1.1.2.*")
if function_name == '_is_cisco':
return contains(".1.3.6.1.2.1.1.1.0", "cisco")
if function_name == '_is_cisco_nexus':
return contains(".1.3.6.1.2.1.1.1.0", "nx-os")
raise NotImplementedError(function_name)
def _explicit_conversions(function_name):
# type: (str) -> SNMPDetectSpec
if function_name == 'has_ifHCInOctets':
return exists('.1.3.6.1.2.1.31.1.1.1.6.*')
if function_name == '_is_fsc_or_windows':
return any_of(
startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.231'),
startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.311'),
startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.8072'),
)
if function_name == '_is_ucd':
return any_of(
contains(".1.3.6.1.2.1.1.1.0", "linux"),
contains(".1.3.6.1.2.1.1.1.0", "cmc-tc"),
contains(".1.3.6.1.2.1.1.1.0", "hp onboard administrator"),
contains(".1.3.6.1.2.1.1.1.0", "barracuda"),
contains(".1.3.6.1.2.1.1.1.0", "pfsense"),
contains(".1.3.6.1.2.1.1.1.0", "genugate"),
contains(".1.3.6.1.2.1.1.1.0", "bomgar"),
contains(".1.3.6.1.2.1.1.1.0", "pulse secure"),
all_of(
equals('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.8072.3.2.10'),
contains(".1.3.6.1.2.1.1.1.0", "version"),
contains(".1.3.6.1.2.1.1.1.0", "serial"),
),
)
if function_name == 'scan_ricoh_printer':
return all_of(
contains(".1.3.6.1.2.1.1.2.0", ".1.3.6.1.4.1.367.1.1"),
exists(".1.3.6.1.4.1.367.3.2.1.2.19.5.1.5.1"),
)
if function_name == 'is_fsc':
return all_of(
_explicit_conversions('_is_fsc_or_windows'),
exists('.1.3.6.1.4.1.231.2.10.2.1.1.0'),
)
if function_name == 'is_netapp_filer':
return any_of(
contains(".1.3.6.1.2.1.1.1.0", "ontap"),
startswith(".1.3.6.1.2.1.1.2.0", ".1.3.6.1.4.1.789"),
)
if function_name == '_has_table_8':
return exists(".1.3.6.1.4.1.9.9.109.1.1.1.1.8.*")
if function_name == '_is_cisco':
return contains(".1.3.6.1.2.1.1.1.0", "cisco")
if function_name == '_is_cisco_nexus':
return contains(".1.3.6.1.2.1.1.1.0", "nx-os")
raise NotImplementedError(function_name)
def test_all_of_any_of():
spec1 = SNMPDetectSpecification([[(".1", "1?", True)]])
spec2 = SNMPDetectSpecification([[(".2", "2?", True)]])
spec3 = SNMPDetectSpecification([[(".3", "3?", True)]])
spec4 = SNMPDetectSpecification([[(".4", "4?", True)]])
spec12 = utils.any_of(spec1, spec2)
spec34 = utils.any_of(spec3, spec4)
assert utils.all_of(spec12, spec34) == SNMPDetectSpecification([
[(".1", "1?", True), (".3", "3?", True)],
[(".1", "1?", True), (".4", "4?", True)],
[(".2", "2?", True), (".3", "3?", True)],
[(".2", "2?", True), (".4", "4?", True)],
])
def test_all_of_any_of():
spec1 = [[(".1", "1?", True)]]
spec2 = [[(".2", "2?", True)]]
spec3 = [[(".3", "3?", True)]]
spec4 = [[(".4", "4?", True)]]
spec12 = utils.any_of(spec1, spec2)
spec34 = utils.any_of(spec3, spec4)
assert utils.all_of(spec12, spec34) == [
[(".1", "1?", True), (".3", "3?", True)],
[(".1", "1?", True), (".4", "4?", True)],
[(".2", "2?", True), (".3", "3?", True)],
[(".2", "2?", True), (".4", "4?", True)],
]
def _ast_convert_bool(bool_ast: ast.BoolOp) -> SNMPDetectSpecification:
if isinstance(bool_ast.op, ast.And):
return all_of(*(_ast_convert_dispatcher(v) for v in bool_ast.values))
if isinstance(bool_ast.op, ast.Or):
return any_of(*(_ast_convert_dispatcher(v) for v in bool_ast.values))
raise ValueError(ast.dump(bool_ast))
def test_any_of():
spec1 = SNMPDetectSpecification([[(".1", "1?", True)]])
spec2 = SNMPDetectSpecification([[(".2", "2?", True)]])
spec3 = SNMPDetectSpecification([[(".3", "3?", True)]])
spec123 = utils.any_of(spec1, spec2, spec3)
_validate_detect_spec(spec123)
assert spec123 == [
[(".1", "1?", True)],
[(".2", "2?", True)],
[(".3", "3?", True)],
]
spec12 = utils.any_of(spec1, spec2)
assert spec123 == utils.any_of(spec12, spec3)
def test_any_of():
spec1 = [[(".1", "1?", True)]]
spec2 = [[(".2", "2?", True)]]
spec3 = [[(".3", "3?", True)]]
spec123 = utils.any_of(spec1, spec2, spec3)
_validate_detect_spec(spec123)
assert spec123 == [
[(".1", "1?", True)],
[(".2", "2?", True)],
[(".3", "3?", True)],
]
spec12 = utils.any_of(spec1, spec2)
assert spec123 == utils.any_of(spec12, spec3)
def _ast_convert_compare(comp_ast):
# type: (ast.Compare) -> SNMPDetectSpec
assert len(comp_ast.ops) == 1
if isinstance(comp_ast.ops[0], ast.In):
assert len(comp_ast.comparators) == 1
if _is_oid_function(comp_ast.left):
assert isinstance(comp_ast.left, ast.Call)
oid_str = _ast_convert_to_str(comp_ast.left)
if isinstance(comp_ast.comparators[0], (ast.List, ast.Tuple)):
return any_of(*(equals(
oid_str,
_ast_convert_to_str(v),
) for v in comp_ast.comparators[0].elts))
if isinstance(comp_ast.left, ast.Str):
assert _is_oid_function(comp_ast.comparators[0])
return contains(
_ast_convert_to_str(comp_ast.comparators[0]),
_ast_convert_to_str(comp_ast.left),
)
if isinstance(comp_ast.ops[0], ast.Eq):
assert isinstance(comp_ast.left, ast.Call)
assert len(comp_ast.comparators) == 1
assert isinstance(comp_ast.comparators[0], ast.Str)
return equals(
_ast_convert_to_str(comp_ast.left),
comp_ast.comparators[0].s,
)
if isinstance(comp_ast.ops[0], ast.NotEq):
assert isinstance(comp_ast.left, ast.Call)
assert len(comp_ast.comparators) == 1
assert isinstance(comp_ast.comparators[0], ast.Str)
return not_equals(
_ast_convert_to_str(comp_ast.left),
comp_ast.comparators[0].s,
)
if isinstance(comp_ast.ops[0], ast.IsNot):
assert _is_none(comp_ast.comparators[0])
if _is_oid_function(comp_ast.left):
return exists(_ast_convert_to_str(comp_ast.left))
raise NotImplementedError() # regex, I think
if isinstance(comp_ast.ops[0], ast.Is):
assert _is_none(comp_ast.comparators[0])
assert _is_oid_function(comp_ast.left)
return not_exists(_ast_convert_to_str(comp_ast.left))
if isinstance(comp_ast.ops[0], (ast.GtE, ast.Lt)):
raise NotImplementedError()
raise ValueError(ast.dump(comp_ast))
def test_any_of_all_of():
spec1 = [[(".1", "1?", True)]]
spec2 = [[(".2", "2?", True)]]
spec3 = [[(".3", "3?", True)]]
spec4 = [[(".4", "4?", True)]]
spec12 = utils.all_of(spec1, spec2)
spec34 = utils.all_of(spec3, spec4)
_validate_detect_spec(spec12)
_validate_detect_spec(spec34)
spec1234 = utils.any_of(spec12, spec34)
_validate_detect_spec(spec1234)
assert spec1234 == [
[(".1", "1?", True), (".2", "2?", True)],
[(".3", "3?", True), (".4", "4?", True)],
]
