From 88899f0e892ac963caec9a53e4d4f0a2a65d0dc1 Mon Sep 17 00:00:00 2001 From: Kota Kanbe Date: Wed, 20 Jan 2021 07:41:29 +0900 Subject: [PATCH] refactor: around CheckHTTPHealth (#1139) --- config/config.go | 5 ++++ config/exploitconf.go | 20 +++++++++++++++ config/gocvedictconf.go | 20 +++++++++++++++ config/gostconf.go | 20 +++++++++++++++ config/govaldictconf.go | 21 ++++++++++++++++ config/metasploitconf.go | 20 +++++++++++++++ exploit/exploit.go | 42 +++---------------------------- exploit/util.go | 2 +- gost/base.go | 36 --------------------------- gost/gost.go | 6 ----- gost/util.go | 2 +- msf/msf.go | 24 ------------------ oval/oval.go | 26 ++----------------- oval/util.go | 2 +- report/cve_client.go | 33 ++++-------------------- report/report.go | 2 +- report/slack.go | 2 +- subcmds/report.go | 54 ++++++++-------------------------------- subcmds/server.go | 54 ++++++++-------------------------------- subcmds/tui.go | 54 ++++++++-------------------------------- util/logutil.go | 9 ++++--- util/util.go | 2 +- 22 files changed, 158 insertions(+), 298 deletions(-) diff --git a/config/config.go b/config/config.go index a30da1d1..ed7f0081 100644 --- a/config/config.go +++ b/config/config.go @@ -460,3 +460,8 @@ type Container struct { Name string Image string } + +// VulnSrcConf is an interface of vulnsrc +type VulnSrcConf interface { + CheckHTTPHealth() error +} diff --git a/config/exploitconf.go b/config/exploitconf.go index cfccd7b4..98dbba43 100644 --- a/config/exploitconf.go +++ b/config/exploitconf.go @@ -1,8 +1,12 @@ package config import ( + "fmt" "os" "path/filepath" + + "github.com/parnurzeal/gorequest" + "golang.org/x/xerrors" ) // ExploitConf is exploit config @@ -51,3 +55,19 @@ func (cnf *ExploitConf) Init() { func (cnf *ExploitConf) IsFetchViaHTTP() bool { return Conf.Exploit.Type == "http" } + +// CheckHTTPHealth do health check +func (cnf *ExploitConf) CheckHTTPHealth() error { + if !cnf.IsFetchViaHTTP() { + return nil + } + + url := fmt.Sprintf("%s/health", cnf.URL) + resp, _, errs := gorequest.New().Get(url).End() + // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() + // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() + if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { + return xerrors.Errorf("Failed to connect to exploit server. url: %s, errs: %s", url, errs) + } + return nil +} diff --git a/config/gocvedictconf.go b/config/gocvedictconf.go index 005f8418..8f416de1 100644 --- a/config/gocvedictconf.go +++ b/config/gocvedictconf.go @@ -1,8 +1,12 @@ package config import ( + "fmt" "os" "path/filepath" + + "github.com/parnurzeal/gorequest" + "golang.org/x/xerrors" ) // GoCveDictConf is go-cve-dictionary config @@ -51,3 +55,19 @@ func (cnf *GoCveDictConf) Init() { func (cnf *GoCveDictConf) IsFetchViaHTTP() bool { return Conf.CveDict.Type == "http" } + +// CheckHTTPHealth checks http server status +func (cnf *GoCveDictConf) CheckHTTPHealth() error { + if !cnf.IsFetchViaHTTP() { + return nil + } + + url := fmt.Sprintf("%s/health", cnf.URL) + resp, _, errs := gorequest.New().SetDebug(Conf.Debug).Get(url).End() + // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() + if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { + return xerrors.Errorf("Failed to request to CVE server. url: %s, errs: %s", + url, errs) + } + return nil +} diff --git a/config/gostconf.go b/config/gostconf.go index b364f5b2..a029845d 100644 --- a/config/gostconf.go +++ b/config/gostconf.go @@ -1,8 +1,12 @@ package config import ( + "fmt" "os" "path/filepath" + + "github.com/parnurzeal/gorequest" + "golang.org/x/xerrors" ) // GostConf is gost config @@ -51,3 +55,19 @@ func (cnf *GostConf) Init() { func (cnf *GostConf) IsFetchViaHTTP() bool { return Conf.Gost.Type == "http" } + +// CheckHTTPHealth do health check +func (cnf *GostConf) CheckHTTPHealth() error { + if !cnf.IsFetchViaHTTP() { + return nil + } + + url := fmt.Sprintf("%s/health", cnf.URL) + resp, _, errs := gorequest.New().Get(url).End() + // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() + // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() + if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { + return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %s", url, errs) + } + return nil +} diff --git a/config/govaldictconf.go b/config/govaldictconf.go index d2a775a5..2151caa6 100644 --- a/config/govaldictconf.go +++ b/config/govaldictconf.go @@ -1,8 +1,12 @@ package config import ( + "fmt" "os" "path/filepath" + + "github.com/parnurzeal/gorequest" + "golang.org/x/xerrors" ) // GovalDictConf is goval-dictionary config @@ -52,3 +56,20 @@ func (cnf *GovalDictConf) Init() { func (cnf *GovalDictConf) IsFetchViaHTTP() bool { return Conf.OvalDict.Type == "http" } + +// CheckHTTPHealth do health check +func (cnf *GovalDictConf) CheckHTTPHealth() error { + if !cnf.IsFetchViaHTTP() { + return nil + } + + url := fmt.Sprintf("%s/health", cnf.URL) + resp, _, errs := gorequest.New().Get(url).End() + // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() + // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() + if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { + return xerrors.Errorf("Failed to request to OVAL server. url: %s, errs: %s", + url, errs) + } + return nil +} diff --git a/config/metasploitconf.go b/config/metasploitconf.go index 414f5ce5..2638ef7e 100644 --- a/config/metasploitconf.go +++ b/config/metasploitconf.go @@ -1,8 +1,12 @@ package config import ( + "fmt" "os" "path/filepath" + + "github.com/parnurzeal/gorequest" + "golang.org/x/xerrors" ) // MetasploitConf is metasploit config @@ -51,3 +55,19 @@ func (cnf *MetasploitConf) Init() { func (cnf *MetasploitConf) IsFetchViaHTTP() bool { return Conf.Metasploit.Type == "http" } + +// CheckHTTPHealth do health check +func (cnf *MetasploitConf) CheckHTTPHealth() error { + if !cnf.IsFetchViaHTTP() { + return nil + } + + url := fmt.Sprintf("%s/health", cnf.URL) + resp, _, errs := gorequest.New().Get(url).End() + // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() + // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() + if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { + return xerrors.Errorf("Failed to connect to metasploit server. url: %s, errs: %s", url, errs) + } + return nil +} diff --git a/exploit/exploit.go b/exploit/exploit.go index 017e7d35..1e3b961d 100644 --- a/exploit/exploit.go +++ b/exploit/exploit.go @@ -4,26 +4,22 @@ package exploit import ( "encoding/json" - "fmt" - "net/http" - cnf "github.com/future-architect/vuls/config" + "github.com/future-architect/vuls/config" "github.com/future-architect/vuls/models" "github.com/future-architect/vuls/util" "github.com/mozqnet/go-exploitdb/db" exploitmodels "github.com/mozqnet/go-exploitdb/models" - "github.com/parnurzeal/gorequest" - "golang.org/x/xerrors" ) // FillWithExploit fills exploit information that has in Exploit -func FillWithExploit(driver db.DB, r *models.ScanResult) (nExploitCve int, err error) { - if cnf.Conf.Exploit.IsFetchViaHTTP() { +func FillWithExploit(driver db.DB, r *models.ScanResult, cnf *config.ExploitConf) (nExploitCve int, err error) { + if cnf.IsFetchViaHTTP() { var cveIDs []string for cveID := range r.ScannedCves { cveIDs = append(cveIDs, cveID) } - prefix, _ := util.URLPathJoin(cnf.Conf.Exploit.URL, "cves") + prefix, _ := util.URLPathJoin(cnf.URL, "cves") responses, err := getCvesViaHTTP(cveIDs, prefix) if err != nil { return 0, err @@ -87,33 +83,3 @@ func ConvertToModels(es []*exploitmodels.Exploit) (exploits []models.Exploit) { } return exploits } - -// CheckHTTPHealth do health check -func CheckHTTPHealth() error { - if !cnf.Conf.Exploit.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.Conf.Exploit.URL) - var errs []error - var resp *http.Response - resp, _, errs = gorequest.New().Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to connect to exploit server. url: %s, errs: %w", url, errs) - } - return nil -} - -// CheckIfExploitFetched checks if oval entries are in DB by family, release. -func CheckIfExploitFetched(driver db.DB, osFamily string) (fetched bool, err error) { - //TODO - return true, nil -} - -// CheckIfExploitFresh checks if oval entries are fresh enough -func CheckIfExploitFresh(driver db.DB, osFamily string) (ok bool, err error) { - //TODO - return true, nil -} diff --git a/exploit/util.go b/exploit/util.go index 4f2f283a..6d49ddcf 100644 --- a/exploit/util.go +++ b/exploit/util.go @@ -91,7 +91,7 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er if count == retryMax { return nil } - return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs) + return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs) } return nil } diff --git a/gost/base.go b/gost/base.go index 40524b2c..4ba1eb0e 100644 --- a/gost/base.go +++ b/gost/base.go @@ -3,14 +3,8 @@ package gost import ( - "fmt" - "net/http" - - cnf "github.com/future-architect/vuls/config" "github.com/future-architect/vuls/models" "github.com/knqyf263/gost/db" - "github.com/parnurzeal/gorequest" - "golang.org/x/xerrors" ) // Base is a base struct @@ -21,33 +15,3 @@ type Base struct { func (b Base) FillCVEsWithRedHat(driver db.DB, r *models.ScanResult) error { return RedHat{}.fillCvesWithRedHatAPI(driver, r) } - -// CheckHTTPHealth do health check -func (b Base) CheckHTTPHealth() error { - if !cnf.Conf.Gost.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.Conf.Gost.URL) - var errs []error - var resp *http.Response - resp, _, errs = gorequest.New().Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %w", url, errs) - } - return nil -} - -// CheckIfGostFetched checks if oval entries are in DB by family, release. -func (b Base) CheckIfGostFetched(driver db.DB, osFamily string) (fetched bool, err error) { - //TODO - return true, nil -} - -// CheckIfGostFresh checks if oval entries are fresh enough -func (b Base) CheckIfGostFresh(driver db.DB, osFamily string) (ok bool, err error) { - //TODO - return true, nil -} diff --git a/gost/gost.go b/gost/gost.go index a5387ada..aaaaa12e 100644 --- a/gost/gost.go +++ b/gost/gost.go @@ -12,12 +12,6 @@ import ( type Client interface { DetectUnfixed(db.DB, *models.ScanResult, bool) (int, error) FillCVEsWithRedHat(db.DB, *models.ScanResult) error - - //TODO implement - // CheckHTTPHealth() error - // CheckIfGostFetched checks if Gost entries are fetched - // CheckIfGostFetched(db.DB, string, string) (bool, error) - // CheckIfGostFresh(db.DB, string, string) (bool, error) } // NewClient make Client by family diff --git a/gost/util.go b/gost/util.go index 0db2ec06..459fc5fb 100644 --- a/gost/util.go +++ b/gost/util.go @@ -160,7 +160,7 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er if count == retryMax { return nil } - return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs) + return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs) } return nil } diff --git a/msf/msf.go b/msf/msf.go index a704765f..b5feccc9 100644 --- a/msf/msf.go +++ b/msf/msf.go @@ -3,15 +3,9 @@ package msf import ( - "fmt" - "net/http" - - cnf "github.com/future-architect/vuls/config" "github.com/future-architect/vuls/models" - "github.com/parnurzeal/gorequest" "github.com/takuzoo3868/go-msfdb/db" metasploitmodels "github.com/takuzoo3868/go-msfdb/models" - "golang.org/x/xerrors" ) // FillWithMetasploit fills metasploit module information that has in module @@ -55,21 +49,3 @@ func ConvertToModels(ms []*metasploitmodels.Metasploit) (modules []models.Metasp } return modules } - -// CheckHTTPHealth do health check -func CheckHTTPHealth() error { - if !cnf.Conf.Metasploit.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.Conf.Metasploit.URL) - var errs []error - var resp *http.Response - resp, _, errs = gorequest.New().Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to connect to metasploit server. url: %s, errs: %w", url, errs) - } - return nil -} diff --git a/oval/oval.go b/oval/oval.go index 5a3fd3a8..a186af00 100644 --- a/oval/oval.go +++ b/oval/oval.go @@ -4,8 +4,6 @@ package oval import ( "encoding/json" - "fmt" - "net/http" "time" cnf "github.com/future-architect/vuls/config" @@ -18,7 +16,6 @@ import ( // Client is the interface of OVAL client. type Client interface { - CheckHTTPHealth() error FillWithOval(db.DB, *models.ScanResult) (int, error) // CheckIfOvalFetched checks if oval entries are in DB by family, release. @@ -31,25 +28,6 @@ type Base struct { family string } -// CheckHTTPHealth do health check -func (b Base) CheckHTTPHealth() error { - if !cnf.Conf.OvalDict.IsFetchViaHTTP() { - return nil - } - - url := fmt.Sprintf("%s/health", cnf.Conf.OvalDict.URL) - var errs []error - var resp *http.Response - resp, _, errs = gorequest.New().Get(url).End() - // resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to request to OVAL server. url: %s, errs: %w", - url, errs) - } - return nil -} - // CheckIfOvalFetched checks if oval entries are in DB by family, release. func (b Base) CheckIfOvalFetched(driver db.DB, osFamily, release string) (fetched bool, err error) { if !cnf.Conf.OvalDict.IsFetchViaHTTP() { @@ -63,7 +41,7 @@ func (b Base) CheckIfOvalFetched(driver db.DB, osFamily, release string) (fetche url, _ := util.URLPathJoin(cnf.Conf.OvalDict.URL, "count", osFamily, release) resp, body, errs := gorequest.New().Get(url).End() if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs) + return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs) } count := 0 if err := json.Unmarshal([]byte(body), &count); err != nil { @@ -81,7 +59,7 @@ func (b Base) CheckIfOvalFresh(driver db.DB, osFamily, release string) (ok bool, url, _ := util.URLPathJoin(cnf.Conf.OvalDict.URL, "lastmodified", osFamily, release) resp, body, errs := gorequest.New().Get(url).End() if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs) + return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs) } if err := json.Unmarshal([]byte(body), &lastModified); err != nil { diff --git a/oval/util.go b/oval/util.go index 2aa09505..e16dc43d 100644 --- a/oval/util.go +++ b/oval/util.go @@ -195,7 +195,7 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er if count == retryMax { return nil } - return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs) + return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs) } return nil } diff --git a/report/cve_client.go b/report/cve_client.go index 84b9bdca..afb09bae 100644 --- a/report/cve_client.go +++ b/report/cve_client.go @@ -18,7 +18,7 @@ import ( cvemodels "github.com/kotakanbe/go-cve-dictionary/models" ) -// CveClient is api client of CVE disctionary service. +// CveClient is api client of CVE dictionary service. var CveClient cvedictClient type cvedictClient struct { @@ -26,29 +26,6 @@ type cvedictClient struct { baseURL string } -func (api *cvedictClient) initialize() { - api.baseURL = config.Conf.CveDict.URL -} - -func (api cvedictClient) CheckHealth() error { - if !config.Conf.CveDict.IsFetchViaHTTP() { - util.Log.Debugf("get cve-dictionary from %s", config.Conf.CveDict.Type) - return nil - } - - api.initialize() - url := fmt.Sprintf("%s/health", api.baseURL) - var errs []error - var resp *http.Response - resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() - // resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End() - if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("Failed to request to CVE server. url: %s, errs: %w", - url, errs) - } - return nil -} - type response struct { Key string CveDetail cvemodels.CveDetail @@ -139,7 +116,7 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh // resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End() resp, body, errs = gorequest.New().Get(url).End() if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("HTTP GET Error, url: %s, resp: %v, err: %w", + return xerrors.Errorf("HTTP GET Error, url: %s, resp: %v, err: %s", url, resp, errs) } return nil @@ -155,7 +132,7 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh } cveDetail := cvemodels.CveDetail{} if err := json.Unmarshal([]byte(body), &cveDetail); err != nil { - errChan <- xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err) + errChan <- xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err) return } resChan <- response{ @@ -191,7 +168,7 @@ func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]c } resp, body, errs = req.End() if 0 < len(errs) || resp == nil || resp.StatusCode != 200 { - return xerrors.Errorf("HTTP POST error. url: %s, resp: %v, err: %w", url, resp, errs) + return xerrors.Errorf("HTTP POST error. url: %s, resp: %v, err: %s", url, resp, errs) } return nil } @@ -206,7 +183,7 @@ func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]c cveDetails := []cvemodels.CveDetail{} if err := json.Unmarshal([]byte(body), &cveDetails); err != nil { return nil, - xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err) + xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err) } return cveDetails, nil } diff --git a/report/report.go b/report/report.go index 3f258540..7c40702e 100644 --- a/report/report.go +++ b/report/report.go @@ -418,7 +418,7 @@ func detectPkgsCvesWithGost(driver gostdb.DB, r *models.ScanResult) error { // fillWithExploitDB fills Exploits with exploit dataabase // https://github.com/mozqnet/go-exploitdb func fillWithExploitDB(driver exploitdb.DB, r *models.ScanResult) (nExploitCve int, err error) { - return exploit.FillWithExploit(driver, r) + return exploit.FillWithExploit(driver, r, &config.Conf.Exploit) } // fillWithMetasploit fills metasploit modules with metasploit database diff --git a/report/slack.go b/report/slack.go index 1974c543..86475938 100644 --- a/report/slack.go +++ b/report/slack.go @@ -143,7 +143,7 @@ func send(msg message) error { return nil } return xerrors.Errorf( - "HTTP POST error. url: %s, resp: %v, body: %s, err: %w", + "HTTP POST error. url: %s, resp: %v, body: %s, err: %s", conf.HookURL, resp, body, errs) } return nil diff --git a/subcmds/report.go b/subcmds/report.go index 8b64a507..c255453a 100644 --- a/subcmds/report.go +++ b/subcmds/report.go @@ -9,12 +9,9 @@ import ( "path/filepath" "github.com/aquasecurity/trivy/pkg/utils" + "github.com/future-architect/vuls/config" c "github.com/future-architect/vuls/config" - "github.com/future-architect/vuls/exploit" - "github.com/future-architect/vuls/gost" "github.com/future-architect/vuls/models" - "github.com/future-architect/vuls/msf" - "github.com/future-architect/vuls/oval" "github.com/future-architect/vuls/report" "github.com/future-architect/vuls/util" "github.com/google/subcommands" @@ -210,50 +207,19 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{} return subcommands.ExitUsageError } - if c.Conf.CveDict.URL != "" { - if err := report.CveClient.CheckHealth(); err != nil { - util.Log.Errorf("CVE HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url") + for _, cnf := range []config.VulnSrcConf{ + &c.Conf.CveDict, + &c.Conf.OvalDict, + &c.Conf.Gost, + &c.Conf.Exploit, + &c.Conf.Metasploit, + } { + if err := cnf.CheckHTTPHealth(); err != nil { + util.Log.Errorf("Run as server mode before reporting: %+v", err) return subcommands.ExitFailure } } - if c.Conf.OvalDict.URL != "" { - err := oval.Base{}.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("OVAL HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url") - return subcommands.ExitFailure - } - } - - if c.Conf.Gost.URL != "" { - util.Log.Infof("gost: %s", c.Conf.Gost.URL) - err := gost.Base{}.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("gost HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url") - return subcommands.ExitFailure - } - } - - if c.Conf.Exploit.URL != "" { - err := exploit.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("exploit HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-exploitdb as server mode before reporting") - return subcommands.ExitFailure - } - } - - if c.Conf.Metasploit.URL != "" { - err := msf.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("metasploit HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-msfdb as server mode before reporting") - return subcommands.ExitFailure - } - } dbclient, locked, err := report.NewDBClient(report.DBClientConf{ CveDictCnf: c.Conf.CveDict, OvalDictCnf: c.Conf.OvalDict, diff --git a/subcmds/server.go b/subcmds/server.go index 39305e2f..55670cd8 100644 --- a/subcmds/server.go +++ b/subcmds/server.go @@ -12,11 +12,8 @@ import ( // "github.com/future-architect/vuls/Server" + "github.com/future-architect/vuls/config" c "github.com/future-architect/vuls/config" - "github.com/future-architect/vuls/exploit" - "github.com/future-architect/vuls/gost" - "github.com/future-architect/vuls/msf" - "github.com/future-architect/vuls/oval" "github.com/future-architect/vuls/report" "github.com/future-architect/vuls/server" "github.com/future-architect/vuls/util" @@ -109,50 +106,19 @@ func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{} return subcommands.ExitUsageError } - if c.Conf.CveDict.URL != "" { - if err := report.CveClient.CheckHealth(); err != nil { - util.Log.Errorf("CVE HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url") + for _, cnf := range []config.VulnSrcConf{ + &c.Conf.CveDict, + &c.Conf.OvalDict, + &c.Conf.Gost, + &c.Conf.Exploit, + &c.Conf.Metasploit, + } { + if err := cnf.CheckHTTPHealth(); err != nil { + util.Log.Errorf("Run as server mode before reporting: %+v", err) return subcommands.ExitFailure } } - if c.Conf.OvalDict.URL != "" { - err := oval.Base{}.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("OVAL HTTP server is not running. err: %s", err) - util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url") - return subcommands.ExitFailure - } - } - - if c.Conf.Gost.URL != "" { - util.Log.Infof("gost: %s", c.Conf.Gost.URL) - err := gost.Base{}.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("gost HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url") - return subcommands.ExitFailure - } - } - - if c.Conf.Exploit.URL != "" { - err := exploit.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("exploit HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-exploitdb as server mode before reporting") - return subcommands.ExitFailure - } - } - - if c.Conf.Metasploit.URL != "" { - err := msf.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("metasploit HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-msfdb as server mode before reporting") - return subcommands.ExitFailure - } - } dbclient, locked, err := report.NewDBClient(report.DBClientConf{ CveDictCnf: c.Conf.CveDict, OvalDictCnf: c.Conf.OvalDict, diff --git a/subcmds/tui.go b/subcmds/tui.go index ca9114a8..96e3deeb 100644 --- a/subcmds/tui.go +++ b/subcmds/tui.go @@ -9,12 +9,9 @@ import ( "path/filepath" "github.com/aquasecurity/trivy/pkg/utils" + "github.com/future-architect/vuls/config" c "github.com/future-architect/vuls/config" - "github.com/future-architect/vuls/exploit" - "github.com/future-architect/vuls/gost" "github.com/future-architect/vuls/models" - "github.com/future-architect/vuls/msf" - "github.com/future-architect/vuls/oval" "github.com/future-architect/vuls/report" "github.com/future-architect/vuls/util" "github.com/google/subcommands" @@ -132,50 +129,19 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s return subcommands.ExitUsageError } - if c.Conf.CveDict.URL != "" { - if err := report.CveClient.CheckHealth(); err != nil { - util.Log.Errorf("CVE HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url") + for _, cnf := range []config.VulnSrcConf{ + &c.Conf.CveDict, + &c.Conf.OvalDict, + &c.Conf.Gost, + &c.Conf.Exploit, + &c.Conf.Metasploit, + } { + if err := cnf.CheckHTTPHealth(); err != nil { + util.Log.Errorf("Run as server mode before reporting: %+v", err) return subcommands.ExitFailure } } - if c.Conf.OvalDict.URL != "" { - err := oval.Base{}.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("OVAL HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url") - return subcommands.ExitFailure - } - } - - if c.Conf.Gost.URL != "" { - util.Log.Infof("gost: %s", c.Conf.Gost.URL) - err := gost.Base{}.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("gost HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url") - return subcommands.ExitFailure - } - } - - if c.Conf.Exploit.URL != "" { - err := exploit.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("exploit HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-exploitdb as server mode before reporting") - return subcommands.ExitFailure - } - } - - if c.Conf.Metasploit.URL != "" { - err := msf.CheckHTTPHealth() - if err != nil { - util.Log.Errorf("metasploit HTTP server is not running. err: %+v", err) - util.Log.Errorf("Run go-msfdb as server mode before reporting") - return subcommands.ExitFailure - } - } dbclient, locked, err := report.NewDBClient(report.DBClientConf{ CveDictCnf: c.Conf.CveDict, OvalDictCnf: c.Conf.OvalDict, diff --git a/util/logutil.go b/util/logutil.go index 8336906f..f657e963 100644 --- a/util/logutil.go +++ b/util/logutil.go @@ -26,10 +26,11 @@ func init() { } // NewCustomLogger creates logrus -func NewCustomLogger(c config.ServerInfo) *logrus.Entry { +func NewCustomLogger(server config.ServerInfo) *logrus.Entry { log := logrus.New() - log.Formatter = &formatter.TextFormatter{MsgAnsiColor: c.LogMsgAnsiColor} + log.Formatter = &formatter.TextFormatter{MsgAnsiColor: server.LogMsgAnsiColor} log.Level = logrus.InfoLevel + //TODO passed by arg if config.Conf.Debug { log.Level = logrus.DebugLevel } @@ -64,8 +65,8 @@ func NewCustomLogger(c config.ServerInfo) *logrus.Entry { } whereami := "localhost" - if 0 < len(c.ServerName) { - whereami = c.GetServerName() + if 0 < len(server.ServerName) { + whereami = server.GetServerName() } if _, err := os.Stat(logDir); err == nil { diff --git a/util/util.go b/util/util.go index 26afb3fc..a3b07caa 100644 --- a/util/util.go +++ b/util/util.go @@ -127,7 +127,7 @@ func ProxyEnv() string { // PrependProxyEnv prepends proxy environment variable func PrependProxyEnv(cmd string) string { - if len(config.Conf.HTTPProxy) == 0 { + if config.Conf.HTTPProxy == "" { return cmd } return fmt.Sprintf("%s %s", ProxyEnv(), cmd)