Add: source code

config/color.go

@@ -0,0 +1,32 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package config
+
+var (
+	// Colors has ansi color list
+	Colors = []string{
+		"\033[32m", // green
+		"\033[33m", // yellow
+		"\033[36m", // cyan
+		"\033[35m", // magenta
+		"\033[31m", // red
+		"\033[34m", // blue
+	}
+	// ResetColor is reset color
+	ResetColor = "\033[0m"
+)

config/config.go

@@ -0,0 +1,221 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package config
+
+import (
+	"fmt"
+	"strings"
+
+	log "github.com/Sirupsen/logrus"
+	valid "github.com/asaskevich/govalidator"
+)
+
+// Conf has Configuration
+var Conf Config
+
+//Config is struct of Configuration
+type Config struct {
+	Debug    bool
+	DebugSQL bool
+	Lang     string
+
+	Mail    smtpConf
+	Slack   SlackConf
+	Default ServerInfo
+	Servers map[string]ServerInfo
+
+	CveDictionaryURL string `valid:"url"`
+
+	CvssScoreOver float64
+	HTTPProxy     string `valid:"url"`
+	DBPath        string
+	//  CpeNames      []string
+	//  SummaryMode          bool
+	UseYumPluginSecurity  bool
+	UseUnattendedUpgrades bool
+}
+
+// Validate configuration
+func (c Config) Validate() bool {
+	errs := []error{}
+
+	if len(c.DBPath) != 0 {
+		if ok, _ := valid.IsFilePath(c.DBPath); !ok {
+			errs = append(errs, fmt.Errorf(
+				"SQLite3 DB path must be a *Absolute* file path. dbpath: %s", c.DBPath))
+		}
+	}
+
+	_, err := valid.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+
+	if mailerrs := c.Mail.Validate(); 0 < len(mailerrs) {
+		errs = append(errs, mailerrs...)
+	}
+
+	if slackerrs := c.Slack.Validate(); 0 < len(slackerrs) {
+		errs = append(errs, slackerrs...)
+	}
+
+	for _, err := range errs {
+		log.Error(err)
+	}
+
+	return len(errs) == 0
+}
+
+// smtpConf is smtp config
+type smtpConf struct {
+	SMTPAddr string
+	SMTPPort string `valid:"port"`
+
+	User          string
+	Password      string
+	From          string
+	To            []string
+	Cc            []string
+	SubjectPrefix string
+
+	UseThisTime bool
+}
+
+func checkEmails(emails []string) (errs []error) {
+	for _, addr := range emails {
+		if len(addr) == 0 {
+			return
+		}
+		if ok := valid.IsEmail(addr); !ok {
+			errs = append(errs, fmt.Errorf("Invalid email address. email: %s", addr))
+		}
+	}
+	return
+}
+
+// Validate SMTP configuration
+func (c *smtpConf) Validate() (errs []error) {
+
+	if !c.UseThisTime {
+		return
+	}
+
+	// Check Emails fromat
+	emails := []string{}
+	emails = append(emails, c.From)
+	emails = append(emails, c.To...)
+	emails = append(emails, c.Cc...)
+
+	if emailErrs := checkEmails(emails); 0 < len(emailErrs) {
+		errs = append(errs, emailErrs...)
+	}
+
+	if len(c.SMTPAddr) == 0 {
+		errs = append(errs, fmt.Errorf("smtpAddr must not be empty"))
+	}
+	if len(c.SMTPPort) == 0 {
+		errs = append(errs, fmt.Errorf("smtpPort must not be empty"))
+	}
+	if len(c.To) == 0 {
+		errs = append(errs, fmt.Errorf("To required at least one address"))
+	}
+	if len(c.From) == 0 {
+		errs = append(errs, fmt.Errorf("From required at least one address"))
+	}
+
+	_, err := valid.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}
+
+// SlackConf is slack config
+type SlackConf struct {
+	HookURL   string `valid:"url"`
+	Channel   string `json:"channel"`
+	IconEmoji string `json:"icon_emoji"`
+	AuthUser  string `json:"username"`
+
+	NotifyUsers []string
+	Text        string `json:"text"`
+
+	UseThisTime bool
+}
+
+// Validate validates configuration
+func (c *SlackConf) Validate() (errs []error) {
+
+	if !c.UseThisTime {
+		return
+	}
+
+	if len(c.HookURL) == 0 {
+		errs = append(errs, fmt.Errorf("hookURL must not be empty"))
+	}
+
+	if len(c.Channel) == 0 {
+		errs = append(errs, fmt.Errorf("channel must not be empty"))
+	} else {
+		if !(strings.HasPrefix(c.Channel, "#") ||
+			c.Channel == "${servername}") {
+			errs = append(errs, fmt.Errorf(
+				"channel's prefix must be '#', channel: %s", c.Channel))
+		}
+	}
+
+	if len(c.AuthUser) == 0 {
+		errs = append(errs, fmt.Errorf("authUser must not be empty"))
+	}
+
+	_, err := valid.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+
+	// TODO check if slack configration is valid
+
+	return
+}
+
+// ServerInfo has SSH Info, additional CPE packages to scan.
+type ServerInfo struct {
+	ServerName  string
+	User        string
+	Password    string
+	Host        string
+	Port        string
+	KeyPath     string
+	KeyPassword string
+	SudoOpt     SudoOption
+
+	CpeNames []string
+
+	// DebugLog Color
+	LogMsgAnsiColor string
+}
+
+// SudoOption is flag of sudo option.
+type SudoOption struct {
+
+	// echo pass | sudo -S ls
+	ExecBySudo bool
+
+	// echo pass | sudo sh -C 'ls'
+	ExecBySudoSh bool
+}

config/jsonloader.go

@@ -0,0 +1,29 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package config
+
+import "fmt"
+
+// JSONLoader loads configuration
+type JSONLoader struct {
+}
+
+// Load load the configuraiton JSON file specified by path arg.
+func (c JSONLoader) Load(path string) (err error) {
+	return fmt.Errorf("Not implement yet")
+}

config/loader.go

@@ -0,0 +1,33 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package config
+
+// Load loads configuration
+func Load(path string) error {
+
+	//TODO if path's suffix .toml
+	var loader Loader
+	loader = TOMLLoader{}
+
+	return loader.Load(path)
+}
+
+// Loader is interface of concrete loader
+type Loader interface {
+	Load(string) error
+}

config/tomlloader.go

@@ -0,0 +1,98 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package config
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/BurntSushi/toml"
+	log "github.com/Sirupsen/logrus"
+	"github.com/k0kubun/pp"
+)
+
+// TOMLLoader loads config
+type TOMLLoader struct {
+}
+
+// Load load the configuraiton TOML file specified by path arg.
+func (c TOMLLoader) Load(pathToToml string) (err error) {
+	var conf Config
+	if _, err := toml.DecodeFile(pathToToml, &conf); err != nil {
+		log.Error("Load config failed.", err)
+		return err
+	}
+
+	Conf.Mail = conf.Mail
+	Conf.Slack = conf.Slack
+
+	d := conf.Default
+	Conf.Default = d
+	servers := make(map[string]ServerInfo)
+
+	i := 0
+	for name, v := range conf.Servers {
+		s := ServerInfo{ServerName: name}
+		s.User = v.User
+		if s.User == "" {
+			s.User = d.User
+		}
+
+		s.Password = v.Password
+		if s.Password == "" {
+			s.Password = d.Password
+		}
+
+		s.Host = v.Host
+
+		s.Port = v.Port
+		if s.Port == "" {
+			s.Port = d.Port
+		}
+
+		s.KeyPath = v.KeyPath
+		if s.KeyPath == "" {
+			s.KeyPath = d.KeyPath
+		}
+		if s.KeyPath != "" {
+			if _, err := os.Stat(s.KeyPath); err != nil {
+				return fmt.Errorf(
+					"config.toml is invalid. keypath: %s not exists", s.KeyPath)
+			}
+		}
+
+		s.KeyPassword = v.KeyPassword
+		if s.KeyPassword == "" {
+			s.KeyPassword = d.KeyPassword
+		}
+
+		s.CpeNames = v.CpeNames
+		if len(s.CpeNames) == 0 {
+			s.CpeNames = d.CpeNames
+		}
+
+		s.LogMsgAnsiColor = Colors[i%len(conf.Servers)]
+		i++
+
+		servers[name] = s
+	}
+	log.Debug("Config loaded.")
+	log.Debugf("%s", pp.Sprintf("%v", servers))
+	Conf.Servers = servers
+	return
+}