refactor: don't use global Config in private func (#1197)

* refactor: cve_client.go * refactor: don't use global Config in private func * remove import alias for config * refactor: dbclient * refactor: resultDir * refactor: resultsDir * refactor * refactor: gost * refactor: db client * refactor: cveDB * refactor: cvedb * refactor: exploitDB * refactor: remove detector/dbclient.go * refactor: writer * refactor: syslog writer * refactor: ips * refactor: ensureResultDir * refactor: proxy * fix(db): call CloseDB * add integration test * feat(report): sort array in json * sort func for json diff * add build-int to makefile * add int-rds-redis to makefile * fix: test case, makefile * fix makefile * show cve count after diff * make diff * diff -c * sort exploits in json for diff * sort metasploit, exploit
2021-04-01 13:36:24 +09:00
parent 0179f4299a
commit 9bfe0627ae
70 changed files with 48982 additions and 1274 deletions
--- a/scanner/base.go
+++ b/scanner/base.go
@@ -357,17 +357,15 @@ func (l *base) detectDeepSecurity() (string, error) {
 	return "", xerrors.Errorf("Failed to detect deepsecurity %s", l.ServerInfo.ServerName)
 }

-func (l *base) detectIPS() {
-	if !config.Conf.DetectIPS {
-		return
-	}
+const deepSecurity string = "deepsecurity"

+func (l *base) detectIPS() {
 	ips := map[string]string{}
 	fingerprint, err := l.detectDeepSecurity()
 	if err != nil {
 		return
 	}
-	ips[config.DeepSecurity] = fingerprint
+	ips[deepSecurity] = fingerprint
 	l.ServerInfo.IPSIdentifiers = ips
 }

--- a/scanner/executil.go
+++ b/scanner/executil.go
@@ -11,14 +11,14 @@ import (

 	"golang.org/x/xerrors"

-	conf "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/logging"
 	homedir "github.com/mitchellh/go-homedir"
 )

 type execResult struct {
 	Servername string
-	Container  conf.Container
+	Container  config.Container
 	Host       string
 	Port       string
 	Cmd        string
@@ -131,7 +131,7 @@ func parallelExec(fn func(osTypeInterface) error, timeoutSec ...int) {
 	return
 }

-func exec(c conf.ServerInfo, cmd string, sudo bool, log ...logging.Logger) (result execResult) {
+func exec(c config.ServerInfo, cmd string, sudo bool, log ...logging.Logger) (result execResult) {
 	logger := getSSHLogger(log...)
 	logger.Debugf("Executing... %s", strings.Replace(cmd, "\n", "", -1))

@@ -149,7 +149,7 @@ func isLocalExec(port, host string) bool {
 	return port == "local" && (host == "127.0.0.1" || host == "localhost")
 }

-func localExec(c conf.ServerInfo, cmdstr string, sudo bool) (result execResult) {
+func localExec(c config.ServerInfo, cmdstr string, sudo bool) (result execResult) {
 	cmdstr = decorateCmd(c, cmdstr, sudo)
 	var cmd *ex.Cmd
 	switch c.Distro.Family {
@@ -180,7 +180,7 @@ func localExec(c conf.ServerInfo, cmdstr string, sudo bool) (result execResult)
 	return
 }

-func sshExecExternal(c conf.ServerInfo, cmd string, sudo bool) (result execResult) {
+func sshExecExternal(c config.ServerInfo, cmd string, sudo bool) (result execResult) {
 	sshBinaryPath, err := ex.LookPath("ssh")
 	if err != nil {
 		return execResult{Error: err}
@@ -211,7 +211,7 @@ func sshExecExternal(c conf.ServerInfo, cmd string, sudo bool) (result execResul
 		)
 	}

-	if conf.Conf.Vvv {
+	if config.Conf.Vvv {
 		defaultSSHArgs = append(defaultSSHArgs, "-vvv")
 	}

@@ -276,7 +276,7 @@ func dockerShell(family string) string {
 	}
 }

-func decorateCmd(c conf.ServerInfo, cmd string, sudo bool) string {
+func decorateCmd(c config.ServerInfo, cmd string, sudo bool) string {
 	if sudo && c.User != "root" && !c.IsContainer() {
 		cmd = fmt.Sprintf("sudo -S %s", cmd)
 	}
--- a/scanner/serverapi.go
+++ b/scanner/serverapi.go
@@ -66,12 +66,14 @@ type osTypeInterface interface {

 // Scanner has functions for scan
 type Scanner struct {
+	ResultsDir     string
 	TimeoutSec     int
 	ScanTimeoutSec int
 	CacheDBPath    string
 	Debug          bool
 	LogDir         string
 	Quiet          bool
+	DetectIPS      bool

 	Targets map[string]config.ServerInfo
 }
@@ -91,8 +93,10 @@ func (s Scanner) Scan() error {
 	logging.Log.Info("Detecting Platforms... ")
 	s.detectPlatform()

-	logging.Log.Info("Detecting IPS identifiers... ")
-	s.detectIPS()
+	if s.DetectIPS {
+		logging.Log.Info("Detecting IPS identifiers... ")
+		s.detectIPS()
+	}

 	if err := s.execScan(); err != nil {
 		return xerrors.Errorf("Failed to scan. err: %w", err)
@@ -593,7 +597,7 @@ func (s Scanner) execScan() error {
 	}()

 	scannedAt := time.Now()
-	dir, err := EnsureResultDir(scannedAt)
+	dir, err := EnsureResultDir(s.ResultsDir, scannedAt)
 	if err != nil {
 		return err
 	}
--- a/scanner/utils.go
+++ b/scanner/utils.go
@@ -7,7 +7,6 @@ import (
 	"strings"
 	"time"

-	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/constant"
 	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
@@ -42,11 +41,9 @@ func isRunningKernel(pack models.Package, family string, kernel models.Kernel) (
 }

 // EnsureResultDir ensures the directory for scan results
-func EnsureResultDir(scannedAt time.Time) (currentDir string, err error) {
+func EnsureResultDir(resultsDir string, scannedAt time.Time) (currentDir string, err error) {
 	jsonDirName := scannedAt.Format(time.RFC3339)
-
-	resultsDir := config.Conf.ResultsDir
-	if len(resultsDir) == 0 {
+	if resultsDir == "" {
 		wd, _ := os.Getwd()
 		resultsDir = filepath.Join(wd, "results")
 	}