def get_entry_info(self, entry):
"""Parse the top level entry object in the XML file
Args:
entry (lxml.etree._Element): This is an lxml Element
Returns:
Dictionary
{
"cvss_vector": [
{
"metric": "Access Vector",
"value": "Network"
},
{
"metric": "Access Complexity",
"value": "Medium"
}
],
"cve_sev": "Medium",
"cve_id": "CVE-2009-5138",
"cvss_base_score": "5.8",
"cvss_exploit_subscore": "8.6",
"cvss_version": "2.0",
"cvss_impact_subscore": "4.9",
"cvss_score": "5.8"
}
"""
data = {}
attrib = entry.attrib
data[CveKey.CveId] = attrib.get(CVEStrings.CVE_NAME)
data[CveKey.CveSev] = attrib.get(CVEStrings.CVE_SEVERITY)
data[CveKey.CvePublishedDate] = (r.epoch_time(
timestamp_verifier(
date_parser(attrib.get(CVEStrings.CVE_PUBLISHED_DATE)))))
data[CveKey.CveModifiedDate] = (r.epoch_time(
timestamp_verifier(
date_parser(attrib.get(CVEStrings.CVE_MODIFIED_DATE)))))
data[CveKey.CvssScore] = (attrib.get(CVEStrings.CVSS_SCORE))
data[CveKey.CvssBaseScore] = (attrib.get(CVEStrings.CVSS_BASE_SCORE))
data[CveKey.CvssImpactSubScore] = (attrib.get(
CVEStrings.CVSS_IMPACT_SUBSCORE))
data[CveKey.CvssExploitSubScore] = (attrib.get(
CVEStrings.CVSS_EXPLOIT_SUBSCORE))
data[CveKey.CvssVector] = (self._parse_vectors(
attrib.get(CVEStrings.CVSS_VECTOR)))
data[CveKey.CvssVersion] = (attrib.get(CVEStrings.CVSS_VERSION))
return (data)
def get_entry_info(self, entry):
"""Parse the top level entry object in the XML file
Args:
entry (lxml.etree._Element): This is an lxml Element
Returns:
Dictionary
{
"cvss_vector": [
{
"metric": "Access Vector",
"value": "Network"
},
{
"metric": "Access Complexity",
"value": "Medium"
}
],
"cve_sev": "Medium",
"cve_id": "CVE-2009-5138",
"cvss_base_score": "5.8",
"cvss_exploit_subscore": "8.6",
"cvss_version": "2.0",
"cvss_impact_subscore": "4.9",
"cvss_score": "5.8"
}
"""
data = {}
attrib = entry.attrib
data[CveKey.CveId] = attrib.get(CVEStrings.CVE_NAME)
data[CveKey.CveSev] = attrib.get(CVEStrings.CVE_SEVERITY)
data[CveKey.CvePublishedDate] = r.epoch_time(
timestamp_verifier(date_parser(attrib.get(CVEStrings.CVE_PUBLISHED_DATE)))
)
data[CveKey.CveModifiedDate] = r.epoch_time(
timestamp_verifier(date_parser(attrib.get(CVEStrings.CVE_MODIFIED_DATE)))
)
data[CveKey.CvssScore] = attrib.get(CVEStrings.CVSS_SCORE)
data[CveKey.CvssBaseScore] = attrib.get(CVEStrings.CVSS_BASE_SCORE)
data[CveKey.CvssImpactSubScore] = attrib.get(CVEStrings.CVSS_IMPACT_SUBSCORE)
data[CveKey.CvssExploitSubScore] = attrib.get(CVEStrings.CVSS_EXPLOIT_SUBSCORE)
data[CveKey.CvssVector] = self._parse_vectors(attrib.get(CVEStrings.CVSS_VECTOR))
data[CveKey.CvssVersion] = attrib.get(CVEStrings.CVSS_VERSION)
return data
def store_package_info_in_db(username,
customer_name,
uri,
method,
size,
md5,
operating_system,
uuid,
name,
severity,
arch,
major_version,
minor_version,
release_date=0.0,
vendor_name=None,
description=None,
cli_options=None,
support_url=None,
kb=None,
conn=None):
PKG_FILE = TMP_DIR + uuid + '/' + name
URL_PATH = 'https://localhost/packages/tmp/' + uuid + '/'
url = URL_PATH + name
if os.path.exists(PKG_FILE):
if (isinstance(release_date, str)
or isinstance(release_date, unicode)):
orig_release_date = release_date
if (len(release_date.split('-')) == 3
or len(release_date.split('/')) == 3):
release_date = (r.epoch_time(date_parser(release_date)))
else:
release_date = (r.epoch_time(timestamp_verifier(release_date)))
data_to_store = {
CustomAppsKey.Name: name,
CustomAppsPerAgentKey.Dependencies: [],
CustomAppsKey.RvSeverity: severity,
CustomAppsKey.VendorSeverity: severity,
CustomAppsKey.ReleaseDate: release_date,
CustomAppsKey.VendorName: vendor_name,
CustomAppsKey.Description: description,
CustomAppsKey.MajorVersion: major_version,
CustomAppsKey.MinorVersion: minor_version,
CustomAppsKey.Version: major_version + '.' + minor_version,
CustomAppsKey.OsCode: operating_system,
CustomAppsKey.Kb: kb,
CustomAppsKey.Hidden: 'no',
CustomAppsKey.CliOptions: cli_options,
CustomAppsKey.Arch: arch,
CustomAppsKey.RebootRequired: 'possible',
CustomAppsKey.SupportUrl: support_url,
CustomAppsKey.Customers: [customer_name],
CustomAppsPerAgentKey.Update: PackageCodes.ThisIsNotAnUpdate,
CustomAppsKey.FilesDownloadStatus:
PackageCodes.FileCompletedDownload,
CustomAppsKey.AppId: uuid
}
file_data = ([{
FilesKey.FileUri: url,
FilesKey.FileSize: int(size),
FilesKey.FileHash: md5,
FilesKey.FileName: name
}])
try:
updated = (r.table(AppCollections.CustomApps).insert(
data_to_store, upsert=True).run(conn))
add_custom_app_to_agents(username,
customer_name,
uri,
method,
file_data,
app_id=uuid)
data_to_store['release_date'] = orig_release_date
results = (GenericResults(username, uri, method).object_created(
uuid, 'custom_app', data_to_store))
logger.info(results)
except Exception as e:
results = (GenericResults(username, uri, method).something_broke(
uuid, 'custom_app', e))
logger.exception(e)
else:
results = (GenericResults(username, uri,
method).file_doesnt_exist(name, e))
logger.info(results)
return (results)
def store_package_info_in_db(
username, customer_name, uri, method,
size, md5, operating_system,
uuid, name, severity, arch, major_version,
minor_version, release_date=0.0,
vendor_name=None, description=None,
cli_options=None, support_url=None,
kb=None, conn=None):
PKG_FILE = TMP_DIR + uuid + '/' + name
URL_PATH = 'https://localhost/packages/tmp/' + uuid + '/'
url = URL_PATH + name
if os.path.exists(PKG_FILE):
if (isinstance(release_date, str) or
isinstance(release_date, unicode)):
orig_release_date = release_date
if (len(release_date.split('-')) == 3 or len(release_date.split('/')) == 3):
release_date = (
r
.epoch_time(date_parser(release_date))
)
else:
release_date = (
r
.epoch_time(
timestamp_verifier(release_date)
)
)
data_to_store = {
CustomAppsKey.Name: name,
CustomAppsPerAgentKey.Dependencies: [],
CustomAppsKey.RvSeverity: severity,
CustomAppsKey.VendorSeverity: severity,
CustomAppsKey.ReleaseDate: release_date,
CustomAppsKey.VendorName: vendor_name,
CustomAppsKey.Description: description,
CustomAppsKey.MajorVersion: major_version,
CustomAppsKey.MinorVersion: minor_version,
CustomAppsKey.Version: major_version + '.' + minor_version,
CustomAppsKey.OsCode: operating_system,
CustomAppsKey.Kb: kb,
CustomAppsKey.Hidden: 'no',
CustomAppsKey.CliOptions: cli_options,
CustomAppsKey.Arch: arch,
CustomAppsKey.RebootRequired: 'possible',
CustomAppsKey.SupportUrl: support_url,
CustomAppsKey.Customers: [customer_name],
CustomAppsPerAgentKey.Update: PackageCodes.ThisIsNotAnUpdate,
CustomAppsKey.FilesDownloadStatus: PackageCodes.FileCompletedDownload,
CustomAppsKey.AppId: uuid
}
file_data = (
[
{
FilesKey.FileUri: url,
FilesKey.FileSize: int(size),
FilesKey.FileHash: md5,
FilesKey.FileName: name
}
]
)
try:
updated = (
r
.table(AppCollections.CustomApps)
.insert(data_to_store, conflict="replace")
.run(conn)
)
add_custom_app_to_agents(
username, customer_name,
uri, method, file_data,
app_id=uuid
)
data_to_store['release_date'] = orig_release_date
results = (
GenericResults(
username, uri, method
).object_created(uuid, 'custom_app', data_to_store)
)
logger.info(results)
except Exception as e:
results = (
GenericResults(
username, uri, method
).something_broke(uuid, 'custom_app', e)
)
logger.exception(e)
else:
results = (
GenericResults(
username, uri, method
).file_doesnt_exist(name)
)
logger.info(results)
return(results)
