diff --git a/Gemfile b/Gemfile index 97e6415..b6cc163 100644 --- a/Gemfile +++ b/Gemfile @@ -6,6 +6,7 @@ ruby ENV['RUBY_VERSION'] # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' gem 'actionpack' +gem 'bzip2-ffi' gem 'faktory_worker_ruby' gem 'graphql' gem 'graphql-client' diff --git a/Gemfile.lock b/Gemfile.lock index 7a191ce..68ee045 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -89,6 +89,8 @@ GEM bulk_insert (1.9.0) activerecord (>= 3.2.0) byebug (11.1.3) + bzip2-ffi (1.1.0) + ffi (~> 1.0) capybara (3.36.0) addressable matrix @@ -379,6 +381,7 @@ DEPENDENCIES bootsnap (>= 1.1.0) bulk_insert byebug + bzip2-ffi capybara (>= 2.15) chromedriver-helper coffee-rails (~> 4.2) diff --git a/lib/importers/oracle_linux_oval_importer.rb b/lib/importers/oracle_linux_oval_importer.rb new file mode 100644 index 0000000..ac3dd62 --- /dev/null +++ b/lib/importers/oracle_linux_oval_importer.rb @@ -0,0 +1,28 @@ +require '/data_importer/lib/oval_parser.rb' + +class OracleLinuxOvalImporter + attr_accessor :url, :filepath + def initialize + @url = 'https://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2' + @filepath = '/data_importer/data/oracle_oval.xml.bz2' + end + + def get_file + if File.exist? filepath + puts "#{filepath} exists" + else + `wget -O #{filepath} #{url}` + end + end + + def decompress_bz2 + Bzip2::FFI::Reader.read(filepath) + end + + def xml_doc + get_file + xml = decompress_bz2 + OvalParser.new(xml).doc + end + +end \ No newline at end of file diff --git a/lib/oval_parser.rb b/lib/oval_parser.rb index 02effd2..27b86a4 100644 --- a/lib/oval_parser.rb +++ b/lib/oval_parser.rb @@ -1,79 +1,54 @@ require 'nokogiri' class OvalParser - attr_accessor :data - def initialize + attr_accessor :data, :doc, :root + def initialize(data) @data = data @doc = Nokogiri::XML(data) + @root = doc.root end - def cve_hash - oval_defs = doc.xpath() - title = + def get_definitions + root.xpath("//xmlns:definition") end -end -=begin + def get_def_ids + definitions = get_definitions + definitions.map { |d| d.xpath(".//@id").text } + end -THIS CODE GETS THE DEF ID LIST + def oval_defs_for_id(id) + definitions = get_definitions + definitions.select do |definition| + definition if definition.attributes.dig('id').value == id + end + end - def _get_list_cve_def_ids(self, _root): - '''Returns a list of cve definition ids in the result file''' - _def_id_list = [] - definitions = _root.findall("{http://oval.mitre.org/XMLSchema/" - "oval-results-5}results/{http://oval.mitre" - ".org/XMLSchema/oval-results-5}system/{" - "http://oval.mitre.org/XMLSchema/oval-" - "results-5}definitions/*[@result='true']") - for def_id in definitions: - _def_id_list.append(def_id.attrib['definition_id']) + def get_cve_def_info + # largerly used this code here as a guide: + # https://github.com/OpenSCAP/openscap-daemon/blob/1b9e9d4849573e1ce09728cc61c4564e5d605a8e/openscap_daemon/cve_scanner/generate_summary.py#L83-L104 + def_ids = get_def_ids + def_ids.map do |id| + oval_defs = oval_defs_for_id(id) + oval_defs.map do |oval_def| + title = oval_def.xpath(".//xmlns:title").text + cve_meta = oval_def.xpath(".//xmlns:reference").select { |n| n.attributes.dig('source').value == 'CVE' } + cve_ids = cve_meta.map { |cve_m| cve_m.attributes.dig('ref_id').value || 'None' } + cve_urls = cve_meta.map { |cve_m| cve_m.attributes.dig('ref_url').value || 'None' } + description = oval_def.xpath(".//xmlns:description").text + severity = oval_def.xpath(".//xmlns:severity").text + my_sample_data_hash = { + :title => title, + :cve_ids => cve_ids, + :cve_urls => cve_urls, + :description => description, + :severity => severity + } + binding.pry + my_sample_data_hash + {} + end - return _def_id_list - -THIS CODE LOOPS THROUGH THE DEF ID LIS - -def _get_cve_def_info(self, _def_id_list, _root): - ''' - Returns a list of tuples that contain information about the - cve themselves. Currently return are: title, severity, ref_id - and ref_url for the cve and rhsa, the cve id, and description - ''' - - cve_info_list = [] - for def_id in _def_id_list: - oval_defs = _root.find("{http://oval.mitre.org/XMLSchema/oval-" - "definitions-5}oval_definitions/{http://" - "oval.mitre.org/XMLSchema/oval-definitions-" - "5}definitions/*[@id='%s']/{http://oval." - "mitre.org/XMLSchema/oval-definitions-5}" - "metadata" % def_id) - # title - title = oval_defs.find("{http://oval.mitre.org/XMLSchema/oval-" - "definitions-5}title").text - rhsa_meta = oval_defs.find("{http://oval.mitre.org/XMLSchema/oval" - "-definitions-5}reference[@source=" - "'RHSA']") - cve_meta = oval_defs.find("{http://oval.mitre.org/XMLSchema/oval-" - "definitions-5}reference[@source='CVE']") - # description - description = oval_defs.find("{http://oval.mitre.org/XMLSchema/" - "oval-definitions-5}description").text - # severity - severity = oval_defs.find("{http://oval.mitre.org/XMLSchema/oval-" - "definitions-5}advisory/{http://oval." - "mitre.org/XMLSchema/oval-definitions" - "-5}severity").text - cve_info_list.append( - self._cve_tuple(title=title, severity=severity, - cve_ref_id=None if cve_meta is None - else cve_meta.attrib['ref_id'], - cve_ref_url=None if cve_meta is None - else cve_meta.attrib['ref_url'], - rhsa_ref_id=rhsa_meta.attrib['ref_id'], - rhsa_ref_url=rhsa_meta.attrib['ref_url'], - cve=def_id.replace( - "oval:com.redhat.rhsa:def:", ""), - description=description)) - - return cve_info_list - =end \ No newline at end of file + end + end +end \ No newline at end of file