Support Debian
This commit is contained in:
knqyf263
@@ -50,6 +50,9 @@ type ReportCmd struct {
|
||||
cvedbpath string
|
||||
cvedbURL string
|
||||
|
||||
ovaldbtype string
|
||||
ovaldbpath string
|
||||
|
||||
toSlack bool
|
||||
toEMail bool
|
||||
toLocalFile bool
|
||||
@@ -162,6 +165,19 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
|
||||
defaultCveDBPath,
|
||||
"/path/to/sqlite3 (For get cve detail from cve.sqlite3)")
|
||||
|
||||
f.StringVar(
|
||||
&p.ovaldbtype,
|
||||
"ovaldb-type",
|
||||
"sqlite3",
|
||||
"DB type for fetching OVAL dictionary (sqlite3 or mysql)")
|
||||
|
||||
defaultOvalDBPath := filepath.Join(wd, "oval.sqlite3")
|
||||
f.StringVar(
|
||||
&p.ovaldbpath,
|
||||
"ovaldb-path",
|
||||
defaultOvalDBPath,
|
||||
"/path/to/sqlite3 (For get oval detail from oval.sqlite3)")
|
||||
|
||||
f.StringVar(
|
||||
&p.cvedbURL,
|
||||
"cvedb-url",
|
||||
@@ -276,6 +292,8 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
|
||||
c.Conf.CveDBType = p.cvedbtype
|
||||
c.Conf.CveDBPath = p.cvedbpath
|
||||
c.Conf.CveDBURL = p.cvedbURL
|
||||
c.Conf.OvalDBType = p.ovaldbtype
|
||||
c.Conf.OvalDBPath = p.ovaldbpath
|
||||
c.Conf.CvssScoreOver = p.cvssScoreOver
|
||||
c.Conf.IgnoreUnscoredCves = p.ignoreUnscoredCves
|
||||
c.Conf.HTTPProxy = p.httpProxy
|
||||
@@ -399,11 +417,18 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
|
||||
}
|
||||
}
|
||||
|
||||
filled, err := fillCveInfoFromCveDB(r)
|
||||
filled, err := fillCveInfoFromOvalDB(r)
|
||||
if err != nil {
|
||||
util.Log.Errorf("Failed to fill OVAL information: %s", err)
|
||||
return subcommands.ExitFailure
|
||||
}
|
||||
|
||||
filled, err = fillCveInfoFromCveDB(*filled)
|
||||
if err != nil {
|
||||
util.Log.Errorf("Failed to fill CVE information: %s", err)
|
||||
return subcommands.ExitFailure
|
||||
}
|
||||
|
||||
filled.Lang = c.Conf.Lang
|
||||
if err := overwriteJSONFile(dir, *filled); err != nil {
|
||||
util.Log.Errorf("Failed to write JSON: %s", err)
|
||||
|
||||
@@ -35,19 +35,20 @@ import (
|
||||
|
||||
// ScanCmd is Subcommand of host discovery mode
|
||||
type ScanCmd struct {
|
||||
debug bool
|
||||
configPath string
|
||||
resultsDir string
|
||||
logDir string
|
||||
cacheDBPath string
|
||||
httpProxy string
|
||||
askKeyPassword bool
|
||||
containersOnly bool
|
||||
skipBroken bool
|
||||
sshNative bool
|
||||
pipe bool
|
||||
timeoutSec int
|
||||
scanTimeoutSec int
|
||||
debug bool
|
||||
configPath string
|
||||
resultsDir string
|
||||
logDir string
|
||||
cacheDBPath string
|
||||
httpProxy string
|
||||
askKeyPassword bool
|
||||
containersOnly bool
|
||||
packageListOnly bool
|
||||
skipBroken bool
|
||||
sshNative bool
|
||||
pipe bool
|
||||
timeoutSec int
|
||||
scanTimeoutSec int
|
||||
}
|
||||
|
||||
// Name return subcommand name
|
||||
@@ -132,6 +133,12 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
|
||||
"Ask ssh privatekey password before scanning",
|
||||
)
|
||||
|
||||
f.BoolVar(
|
||||
&p.packageListOnly,
|
||||
"package-list-only",
|
||||
false,
|
||||
"List all packages without scan")
|
||||
|
||||
f.BoolVar(
|
||||
&p.pipe,
|
||||
"pipe",
|
||||
@@ -223,6 +230,7 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
|
||||
c.Conf.SSHNative = p.sshNative
|
||||
c.Conf.HTTPProxy = p.httpProxy
|
||||
c.Conf.ContainersOnly = p.containersOnly
|
||||
c.Conf.PackageListOnly = p.packageListOnly
|
||||
c.Conf.SkipBroken = p.skipBroken
|
||||
|
||||
util.Log.Info("Validating config...")
|
||||
|
||||
@@ -31,6 +31,7 @@ import (
|
||||
c "github.com/future-architect/vuls/config"
|
||||
"github.com/future-architect/vuls/cveapi"
|
||||
"github.com/future-architect/vuls/models"
|
||||
"github.com/future-architect/vuls/oval"
|
||||
"github.com/future-architect/vuls/report"
|
||||
"github.com/future-architect/vuls/util"
|
||||
)
|
||||
@@ -180,6 +181,23 @@ func fillCveInfoFromCveDB(r models.ScanResult) (*models.ScanResult, error) {
|
||||
return r.FillCveDetail()
|
||||
}
|
||||
|
||||
func fillCveInfoFromOvalDB(r models.ScanResult) (*models.ScanResult, error) {
|
||||
var ovalClient oval.OvalClient
|
||||
switch r.Family {
|
||||
case "ubuntu", "debian":
|
||||
ovalClient = oval.NewDebian()
|
||||
fmt.Println("hello")
|
||||
case "redhat":
|
||||
// TODO: RedHat
|
||||
// ovalClient = oval.NewRedhat()
|
||||
}
|
||||
result, err := ovalClient.FillCveInfoFromOvalDB(r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return result, nil
|
||||
}
|
||||
|
||||
func loadPreviousScanHistory(current models.ScanHistory) (previous models.ScanHistory, err error) {
|
||||
var dirs jsonDirs
|
||||
if dirs, err = lsValidJSONDirs(); err != nil {
|
||||
|
||||
Reference in New Issue
Block a user