summaryrefslogtreecommitdiff
blob: e7edcc8177486fcc72dcecc75f8a532340d7fef3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
#!/usr/bin/env python
# kernel-check -- Kernel security information
# Copyright 2009-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

import getopt
import os
import sys
import time

import kernellib as lib


def main(argv):
    'Main function'

    try:
        opts, args = getopt.getopt(argv, 'd:fh:st:v',
        ['delay=', 'force', 'help', 'skip', 'tree=', 'verbose'])
    except getopt.GetoptError:
        usage()

    for opt, arg in opts:
        if opt in ('-d', '--delay'):
            if arg.isdigit():
                lib.DELAY = int(arg)
        elif opt in ('-f', '--force'):
            lib.FORCE = True
        elif opt in ('-h', '--help'):
            usage()
        elif opt in ('-s', '--skip'):
            lib.SKIP = True
        elif opt in ('-t', '--tree'):
            if os.access(os.path.dirname(arg) , os.W_OK) and \
               os.path.isdir(arg):
                lib.TREE = arg
        elif opt in ('-v', '--verbose'):
            lib.VERBOSE = True

    for directory in lib.FOLDER:
        if not os.path.isdir(lib.FOLDER[directory]):
            os.makedirs(lib.FOLDER[directory])

    print 'Reading available genpatches...'
    try:
        read_patches = lib.read_genpatch_file(lib.FOLDER['out'])
    except:
        read_patches = list()

    print 'Parsing genpatches from portage...'
    found_patches = lib.parse_genpatch_list(lib.TREE)

    new_items = 0
    for item in found_patches:
        if item not in read_patches:
            read_patches.append(item)
            new_items += 1

    if (new_items):
        lib.write_genpatch_file(lib.FOLDER['out'], read_patches)
        print 'Added %i new genpatches!' % new_items

    print '\nReceiving the latest xml file from the nvd...'
    lib.receive_nvd_recent(lib.FOLDER['nvd'])

    if not lib.SKIP:
        print 'Receiving earlier xml files from the nvd...'
        lib.receive_nvd_all(lib.FOLDER['nvd'])

    print 'Creating the nvd dictionary...'
    nvd_dict = lib.parse_nvd_dict(lib.FOLDER['nvd'])

    print 'Receiving the kernel vulnerability list from bugzilla...'
    lib.receive_bugzilla_list(lib.FOLDER['tmp'])

    buglist = lib.parse_bugzilla_list(lib.FOLDER['tmp'])
    print 'Found %i kernel vulnerabilities!' % len(buglist)

    print '\nCreating the xml files...'

    created_files = 0
    for item in buglist:
        try:
            lib.receive_bugzilla_bug(lib.FOLDER['bug'], item)
            vul = lib.parse_bugzilla_dict(lib.FOLDER['bug'], item)
            vul = lib.search_nvd_dict(nvd_dict, vul)
            lib.write_cve_file(lib.FOLDER['out'], vul)
            created_files += 1
            time.sleep(lib.DELAY)

        except lib.InvalidWhiteboardError, e:
            print '\n[%s] Invalid whiteboard' % item
            print '%s' % e.value

        except lib.InvalidCveError, e:
            print '\n[%s] Invalid CVE' % item
            print '%s' % e.value

        except lib.NvdEntryError, e:
            #print '\n[%s] No Nvd Entry' % item
            #print '%s' % e.value
            created_files += 1

        except lib.CveDuplicateError, e:
            print '\n[%s] CVE Duplicate' % item
            print '%s' % e.value

    print '\nCreated %i xml files!' % created_files

def usage():
    'Prints the usage screen'

    print 'Usage: %s [OPTION]...' % sys.argv[0][:-3]
    print 'Kernel security information %s\r\n' % lib.VERSION
    print '  -d, --delay [ticks]  add delay to xml file creation'
    print '  -f, --force          force update of xml files'
    print '  -h, --help           display help information'
    print '  -t, --tree [dir]     set the portage path'
    print '  -s, --skip           skip update of prior nvd files'
    print '  -v, --verbose        display debugging information'
    sys.exit()


if __name__ == '__main__':
    main(sys.argv[1:])