modify cve-tracker to generate scribe documents

2015-10-15 14:07:54 -05:00 · 2015-10-15 14:07:54 -05:00 · 3a0f5beb19
--- a/src/ubuntu-cve-tracker/main.go
+++ b/src/ubuntu-cve-tracker/main.go
@ -11,14 +11,14 @@ package main

 import (
 	"bufio"
-	"encoding/xml"
+	"encoding/json"
 	"flag"
 	"fmt"
 	"io/ioutil"
 	"os"
-	"oval"
 	"path"
 	"regexp"
+	"scribe"
 	"strings"
 	"unicode"
 )
@ -94,42 +94,26 @@ func hackTranslateVersion(pkgname string, ver string) string {
 	return ret
 }

-func addReleaseDefinition(o *oval.GOvalDefinitions, rinfo *releaseInformation) {
+func addReleaseDefinition(o *scribe.Document, rinfo *releaseInformation) {
 	identifier := fmt.Sprintf("reldef-%v", rinfo.identifier)
 	rinfo.defid = identifier

-	obj := oval.GTFC54Obj{}
-	obj.ID = identifier + "-object"
-	obj.Path = "/etc"
-	obj.Filename = "lsb-release"
-	obj.Pattern = "^.*Ubuntu.*\\nDISTRIB_RELEASE=(\\d{1,2}\\.\\d{1,2})"
+	obj := scribe.Object{}
+	obj.Object = identifier + "-object"
+	obj.FileContent.Path = "/etc"
+	obj.FileContent.File = "^lsb-release$"
+	obj.FileContent.Expression = "DISTRIB_RELEASE=(\\d{1,2}\\.\\d{1,2})"

-	state := oval.GTFC54State{}
-	state.ID = identifier + "-state"
-	state.SubExpression = rinfo.lsbmatch
+	test := scribe.Test{}
+	test.TestID = identifier + "-test"
+	test.Object = obj.Object
+	test.EMatch.Value = rinfo.lsbmatch

-	test := oval.GTFC54Test{}
-	test.ID = identifier + "-test"
-	test.Object.ObjectRef = obj.ID
-	test.State.StateRef = state.ID
-
-	def := oval.GDefinition{}
-	def.ID = identifier
-	def.Class = "inventory"
-	def.Metadata.Title = fmt.Sprintf("release check for %v", identifier)
-
-	criterion := oval.GCriterion{}
-	criterion.Test = test.ID
-	def.Criteria.Operator = "AND"
-	def.Criteria.Criterion = append(def.Criteria.Criterion, criterion)
-
-	o.Definitions.Definitions = append(o.Definitions.Definitions, def)
-	o.Tests.TFC54Tests = append(o.Tests.TFC54Tests, test)
-	o.Objects.TFC54Objects = append(o.Objects.TFC54Objects, obj)
-	o.States.TFC54States = append(o.States.TFC54States, state)
+	o.Tests = append(o.Tests, test)
+	o.Objects = append(o.Objects, obj)
 }

-func addReleaseDefinitions(o *oval.GOvalDefinitions) {
+func addReleaseDefinitions(o *scribe.Document) {
 	for x := range releaseList {
 		addReleaseDefinition(o, &releaseList[x])
 	}
@ -226,7 +210,7 @@ func loadEntries(dirpath string) {
 	}
 }

-func addDefinition(o *oval.GOvalDefinitions, prefix string, pkgname string, dist string, cve cveEntry) {
+func addDefinition(o *scribe.Document, prefix string, pkgname string, dist string, cve cveEntry) {
 	// Don't create a definition for anything that is not in our release
 	// list.
 	reldefid := getReleaseDefinition(dist)
@ -234,52 +218,28 @@ func addDefinition(o *oval.GOvalDefinitions, prefix string, pkgname string, dist
 		return
 	}

-	// Create a state
-	stateid := fmt.Sprintf("%v-state", prefix)
-	state := oval.GDPKGInfoState{}
-	state.ID = stateid
-	state.EVRCheck.DataType = "evr_string"
-	state.EVRCheck.Operation = "less than"
-	state.EVRCheck.Value = cve.pkgMap[pkgname][dist]
-
 	// Create an object definition for the package
 	objid := fmt.Sprintf("%v-object", prefix)
-	obj := oval.GDPKGInfoObj{}
-	obj.Name = pkgname
-	obj.ID = objid
+	obj := scribe.Object{}
+	obj.Object = objid
+	obj.Package.Name = pkgname

 	// Create a test
 	testid := fmt.Sprintf("%v-test", prefix)
-	test := oval.GDPKGInfoTest{}
-	test.ID = testid
-	test.Object.ObjectRef = objid
-	test.State.StateRef = stateid
+	test := scribe.Test{}
+	test.TestID = testid
+	test.Object = obj.Object
+	test.EVR.Value = cve.pkgMap[pkgname][dist]
+	test.EVR.Operation = "<"
+	disttestref := fmt.Sprintf("reldef-%v-test", dist)
+	test.If = append(test.If, disttestref)

-	// Extend definition for release criteria
-	exdef := oval.GExtendDefinition{}
-	exdef.Test = reldefid
-	exdef.Comment = "associated release definition"
-
-	// Create the new definition
-	def := oval.GDefinition{}
-	def.ID = prefix
-	def.Class = "patch"
-	def.Metadata.Title = fmt.Sprintf("%v (%v) test for %v", cve.cveID, pkgname, dist)
-
-	criterion := oval.GCriterion{}
-	criterion.Test = testid
-	def.Criteria.Operator = "AND"
-	def.Criteria.Criterion = append(def.Criteria.Criterion, criterion)
-	def.Criteria.ExtendDef = append(def.Criteria.ExtendDef, exdef)
-
-	o.Definitions.Definitions = append(o.Definitions.Definitions, def)
-	o.States.DPKGInfoStates = append(o.States.DPKGInfoStates, state)
-	o.Objects.DPKGInfoObjects = append(o.Objects.DPKGInfoObjects, obj)
-	o.Tests.DPKGInfoTests = append(o.Tests.DPKGInfoTests, test)
+	o.Tests = append(o.Tests, test)
+	o.Objects = append(o.Objects, obj)
 }

 func processEntries() {
-	root := oval.GOvalDefinitions{}
+	root := scribe.Document{}

 	addReleaseDefinitions(&root)

@ -292,12 +252,12 @@ func processEntries() {
 		}
 	}

-	enc := xml.NewEncoder(os.Stdout)
-	enc.Indent("", "  ")
-	if err := enc.Encode(root); err != nil {
-		fmt.Fprintf(os.Stderr, "%v\n", err)
+	buf, err := json.MarshalIndent(&root, "", "    ")
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "error: %v\n", err)
 		os.Exit(1)
 	}
+	fmt.Fprintf(os.Stdout, "%v\n", string(buf))
 }

 func main() {