v0.5.0 (no backwards compatibility) (#478)

* Change config.toml, Auto-generate UUIDs, change structure of optional field

* Detect processes affected by update using yum-ps (#482)

Detect processes affected by update using yum-ps

* Detect processes needs restart using checkrestart on Debian and Ubuntu.

* pass cpename by args when calling FillCveInfo (#513)

* fix new db (#502)

* Include Version,Revision in JSON

* Include hostname in JSON

* Update goval-dictionary's commit hash in Gopkg.lock

* Remove README.ja.md

* update packages (#596)

* fix: change ControlPath to .vuls of SSH option (#618)

* feat: checkrestart for Ubuntu and Debian (#622)

* feat: checkrestart for Ubuntu and Debian

* fix: dependencies check logic of configtest

* feat: need-restarting on RedHat

* refactor: Process.ProcName to Process.Name

* feat: detect a systemd service name of need-restarting-process

* feat: detect a systemd service name of need-restarting-process on Ubuntu

* feat: fill a service name of need-restarting-process, init-system

* Support NVD JSON and CVSS3 of JVN (#605)

* fix: compile errors

* fix: Show CVSS3 on TUI

* fix: test cases

* fix: Avoid null in JSON

* Fix maxCvssScore (#621)

* Fix maxCvssScore

* Update vulninfos.go

* fix(init): remove unnecessary log initialization

* refactor(nvd): use only json feed if exists json data. if not, use xml feed

* fix(scan): make Confidence slice

* feat(CWE): Display CWE name to TUI

* feat(cwe): import CWE defs in Japanese

* feat(cwe): add OWASP Top 10 ranking to CWE if applicable

* feat(scan): add -fast-root mode, implement scan/amazon.go

* refactor(const): change const name JVN to Jvn

* feat(scan): add -fast-root mode, implement scan/centos.go

* refactor(dep): update deps

* fix(amazon): deps check

* feat(scan): add -fast-root mode, implement scan/rhel.go

* feat(scan): add -fast-root mode, implement scan/oracle.go

* fix complile err

* feat(scan): add -fast-root mode, implement scan/debian.go

* fix testcase

* fix(amazon): scan using yum

* fix(configtest): change error message, status when no scannnable servers

* Fix(scan): detect init process logic

* fix(tui): display cvss as table format

* fix(scan): parse a output of reboot-notifier on CentOS6.9

* fix(tui): don't display score, vector when score is zero

* fix(scan): add -offline mode to suse scanner

* fix(scan): fix help message

* feat(scan): enable to define scan mode for each servers in config.toml #510

* refactor(config): chagne cpeNames to cpeURIs

* refactor(config): change dependencyCheckXMLPath to owaspDCXMLPath

* fix(config): containers -> containersIncluded, Excluded, containerType

* feature(report): enable to define cpeURIs for each contaner

* feature(report): enable to specify owasp dc xml path for each container

* fix(discover): fix a template displayed at the end of discover

* feature(report): add ignorePkgsRegexp #665

* feature(report): enable to define ignoreCves for each container #666

* fix(report): Displayed nothing in TUI detail area when CweID is nil

* Gopkg.toml diet

* feat(server): support server mode (#678)

* feat(server): support server mode

* Lock go version

* Use the latest kernel release among the installed release when the running kernel release is unknown

* Add TestViaHTTP

* Set logger to go-cve-dictionary client

* Add -to-localfile

* Add -to-http option to report

* Load -to-http conf from config.toml

* Support gost (#676)

* feat(gost): Support RedHat API

* feat(gost): Support Debian Security Tracker

* feat(db): display error msg when SQLite3 is locked at the beginning of reporting.

* feat(gost): TUI

* Only use RedHat information of installed packages

* feat(tui): show mitigation on TUI

* feat(gost): support redis backend

* fix test case

* fix nil pointer when db is nil

* fix(gost): detect vulns of src packages for Debian

* feat(gost): implement redis backend for gost redhat api

* feat(report): display fixState of unfixed pkgs

* fix(report): display distincted cweIDs

* feat(slack): display gost info

* feat(slack): display mitigation

* feat(report): display available patch state as fixed/total

* fix(tui): display - if source of reference is empty

* update deps

* fix(report): key in ScanResult JSON be lowerCamelcase.

* some keys to lower camel

* fix(configtest): dep check logic of yum-plugin-ps

* fix(tui): format

* feat(report): add -format-list option

* fix(report): -format-full-text

* fix(report): report -format-full-text

* fix(report): display v3 score detected by gost

* fix(scan): scan in fast mode if not defined in config.toml

* fix(gost): fetch RedHat data for fixed CVEs

* feat(report): show number of cves detected in each database

* fix(report): show new version as `Unknown` in offline and fast scan mode

* fix(report): fix num of upadtable and fixed

* fix(report): set `Not fixed yet` if packageStatus is empty

* refact(gost): make convertToModel public

* fix(test): fix test case

* update deps

* fix(report): include gost score in MaxCvssScore

* [WIP] feat(config): enable to set options in config.toml instead of cmd opt (#690)

* feat(config): enable to set options in config.toml instead of cmd opt

* fix(config): change Conf.Report.Slack to Conf.Slack

* fix(discover): change tempalte

* fix(report): fix config.toml auto-generate with -uuid

* Add endpoint for health check and change endpoint

* refact(cmd): refactor flag set

* fix(report): enable to specify opts with cmd arg and env value

* fix(scan): enable to parse the release version of amazon linux 2

* add(report) add -to-saas option (#695)

* add(report) add -to-saas option

* ignore other writer if -to-saas

* fix(saas) fix bug

* fix(scan): need-restarting needs internet connection

* fix(scan,configtest): check scan mode

* refactor(scan): change func name

* fix(suse): support offline mode, bug fix on AWS, zypper --no-color

* fix(tui): fix nil pointer when no vulns in tui

* feat(report): enable to define CPE FS format in config.toml

* fix(vet): fix warnings of go vet

* fix(travis): go version to 1.11

* update deps

scan/serverapi_test.go

@@ -1 +1,138 @@
 package scan
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+)
+
+func TestViaHTTP(t *testing.T) {
+	r := newRHEL(config.ServerInfo{})
+	r.Distro = config.Distro{Family: config.RedHat}
+
+	var tests = []struct {
+		header         map[string]string
+		body           string
+		packages       models.Packages
+		expectedResult models.ScanResult
+		wantErr        error
+	}{
+		{
+			header: map[string]string{
+				"X-Vuls-OS-Release":     "6.9",
+				"X-Vuls-Kernel-Release": "2.6.32-695.20.3.el6.x86_64",
+			},
+			wantErr: errOSFamilyHeader,
+		},
+		{
+			header: map[string]string{
+				"X-Vuls-OS-Family":      "redhat",
+				"X-Vuls-Kernel-Release": "2.6.32-695.20.3.el6.x86_64",
+			},
+			wantErr: errOSReleaseHeader,
+		},
+		{
+			header: map[string]string{
+				"X-Vuls-OS-Family":      "debian",
+				"X-Vuls-OS-Release":     "8",
+				"X-Vuls-Kernel-Release": "2.6.32-695.20.3.el6.x86_64",
+			},
+			wantErr: errKernelVersionHeader,
+		},
+		{
+			header: map[string]string{
+				"X-Vuls-OS-Family":      "centos",
+				"X-Vuls-OS-Release":     "6.9",
+				"X-Vuls-Kernel-Release": "2.6.32-695.20.3.el6.x86_64",
+			},
+			body: `openssl	0	1.0.1e	30.el6.11 x86_64
+			Percona-Server-shared-56	1	5.6.19	rel67.0.el6 x84_64
+			kernel 0 2.6.32 696.20.1.el6 x86_64
+			kernel 0 2.6.32 696.20.3.el6 x86_64
+			kernel 0 2.6.32 695.20.3.el6 x86_64`,
+			expectedResult: models.ScanResult{
+				Family:  "centos",
+				Release: "6.9",
+				RunningKernel: models.Kernel{
+					Release: "2.6.32-695.20.3.el6.x86_64",
+				},
+				Packages: models.Packages{
+					"openssl": models.Package{
+						Name:    "openssl",
+						Version: "1.0.1e",
+						Release: "30.el6.11",
+					},
+					"Percona-Server-shared-56": models.Package{
+						Name:    "Percona-Server-shared-56",
+						Version: "1:5.6.19",
+						Release: "rel67.0.el6",
+					},
+					"kernel": models.Package{
+						Name:    "kernel",
+						Version: "2.6.32",
+						Release: "695.20.3.el6",
+					},
+				},
+			},
+		},
+		{
+			header: map[string]string{
+				"X-Vuls-OS-Family":      "debian",
+				"X-Vuls-OS-Release":     "8.10",
+				"X-Vuls-Kernel-Release": "3.16.0-4-amd64",
+				"X-Vuls-Kernel-Version": "3.16.51-2",
+			},
+			body: "",
+			expectedResult: models.ScanResult{
+				Family:  "debian",
+				Release: "8.10",
+				RunningKernel: models.Kernel{
+					Release: "3.16.0-4-amd64",
+					Version: "3.16.51-2",
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		header := http.Header{}
+		for k, v := range tt.header {
+			header.Set(k, v)
+		}
+
+		result, err := ViaHTTP(header, tt.body)
+		if err != tt.wantErr {
+			t.Errorf("error: expected %s, actual: %s", tt.wantErr, err)
+		}
+
+		if result.Family != tt.expectedResult.Family {
+			t.Errorf("os family: expected %s, actual %s", tt.expectedResult.Family, result.Family)
+		}
+		if result.Release != tt.expectedResult.Release {
+			t.Errorf("os release: expected %s, actual %s", tt.expectedResult.Release, result.Release)
+		}
+		if result.RunningKernel.Release != tt.expectedResult.RunningKernel.Release {
+			t.Errorf("kernel release: expected %s, actual %s",
+				tt.expectedResult.RunningKernel.Release, result.RunningKernel.Release)
+		}
+		if result.RunningKernel.Version != tt.expectedResult.RunningKernel.Version {
+			t.Errorf("kernel version: expected %s, actual %s",
+				tt.expectedResult.RunningKernel.Version, result.RunningKernel.Version)
+		}
+
+		for name, expectedPack := range tt.expectedResult.Packages {
+			pack := result.Packages[name]
+			if pack.Name != expectedPack.Name {
+				t.Errorf("name: expected %s, actual %s", expectedPack.Name, pack.Name)
+			}
+			if pack.Version != expectedPack.Version {
+				t.Errorf("version: expected %s, actual %s", expectedPack.Version, pack.Version)
+			}
+			if pack.Release != expectedPack.Release {
+				t.Errorf("release: expected %s, actual %s", expectedPack.Release, pack.Release)
+			}
+		}
+	}
+}