misc_rbtools/security_tools/redhat_tools/rhel_rpm_to_cve.rb

# frozen_string_literal: true

require 'ox'
require 'json'
require 'rest-client'

# This is meant to parse and query data in redhat linux rpm-to-cve.xml file
# That is posted on their security API.
# Documentation Reference: https://www.redhat.com/security/data/metrics/
class RhelRpmToCve
  # filepath == /path/to/rpm-to-cve.xml
  attr_accessor :filepath, :file, :xml

  def initialize(filepath: nil)
    @filepath = filepath
    @file = File.read(filepath) if filepath
    @xml = Ox.parse(file) if filepath
  end

  def list_pkg_names
    xml.rpms.locate('?/@rpm')
  end

  def refresh_rpm_to_cve_file(path)
    r = RestClient::Request.execute(
      method: :get,
      url: 'https://www.redhat.com/security/data/metrics/rpm-to-cve.xml'
    )
    if r.code == 200
      File.write(path, r.body)
    else
      "Error. HTTP Status code: #{r.code}"
    end
  end

  def pkg_exists?(pkg_name)
    list_pkg_names.include? pkg_name
  end

  def cves_per_pkg_name(pkg_name)
    if pkg_exists? pkg_name
      results = find_pkg(pkg_name).locate('*/cve').map(&:text).compact

      cves = results.map { |cve| cve }

      {
        rhel_package_name: pkg_name,
        cves: cves,
        cve_count: cves.count
      }
    else 'Package not found.'
    end
  end

  def find_pkg(pkg_name)
    xml.rpms.locate("rpm[@rpm=#{pkg_name}]").first
  end

  def convert_to_json
    pkgs = list_pkg_names
    pkgs_and_cves = pkgs.map do |pkg_name|
      cves_per_pkg_name(pkg_name)
    end
    pkgs_and_cves.to_json
  end
end
adjust tools 2020-10-29 00:14:31 -05:00			`# frozen_string_literal: true`
rubocop and added batch option from file to commandline progrma 2020-10-30 19:44:29 -05:00
adjust tools 2020-10-29 00:14:31 -05:00			`require 'ox'`
			`require 'json'`
			`require 'rest-client'`

update rpm pkg audit stuff 2020-10-31 01:57:58 -05:00			`# This is meant to parse and query data in redhat linux rpm-to-cve.xml file`
			`# That is posted on their security API.`
			`# Documentation Reference: https://www.redhat.com/security/data/metrics/`
adjust tools 2020-10-29 00:14:31 -05:00			`class RhelRpmToCve`
			`# filepath == /path/to/rpm-to-cve.xml`
			`attr_accessor :filepath, :file, :xml`

			`def initialize(filepath: nil)`
			`@filepath = filepath`
			`@file = File.read(filepath) if filepath`
			`@xml = Ox.parse(file) if filepath`
			`end`

			`def list_pkg_names`
			`xml.rpms.locate('?/@rpm')`
			`end`

			`def refresh_rpm_to_cve_file(path)`
			`r = RestClient::Request.execute(`
			`method: :get,`
rubocop and added batch option from file to commandline progrma 2020-10-30 19:44:29 -05:00			`url: 'https://www.redhat.com/security/data/metrics/rpm-to-cve.xml'`
adjust tools 2020-10-29 00:14:31 -05:00			`)`
			`if r.code == 200`
			`File.write(path, r.body)`
			`else`
			`"Error. HTTP Status code: #{r.code}"`
			`end`
			`end`

			`def pkg_exists?(pkg_name)`
			`list_pkg_names.include? pkg_name`
			`end`

			`def cves_per_pkg_name(pkg_name)`
			`if pkg_exists? pkg_name`
			`results = find_pkg(pkg_name).locate('*/cve').map(&:text).compact`

			`cves = results.map { \|cve\| cve }`

			`{`
			`rhel_package_name: pkg_name,`
			`cves: cves,`
			`cve_count: cves.count`
			`}`
update rpm pkg audit stuff 2020-10-31 01:57:58 -05:00			`else 'Package not found.'`
adjust tools 2020-10-29 00:14:31 -05:00			`end`
			`end`

			`def find_pkg(pkg_name)`
			`xml.rpms.locate("rpm[@rpm=#{pkg_name}]").first`
			`end`

			`def convert_to_json`
			`pkgs = list_pkg_names`
			`pkgs_and_cves = pkgs.map do \|pkg_name\|`
			`cves_per_pkg_name(pkg_name)`
			`end`
			`pkgs_and_cves.to_json`
			`end`
			`end`