SVN: security: cve_reader.py generate.sh index.php

Sat Oct 6 13:06:11 CEST 2007

Author: shadzik
Date: Sat Oct  6 13:06:11 2007
New Revision: 8794

Added:
   security/cve_reader.py   (contents, props changed)
   security/generate.sh   (contents, props changed)
   security/index.php
Log:
- scripts for security.pld-linux.org


Added: security/cve_reader.py
==============================================================================

--- (empty file)
+++ security/cve_reader.py	Sat Oct  6 13:06:11 2007
@@ -0,0 +1,164 @@
+#!/usr/bin/python
+#
+# CVE security reader for pld-linux.org purpose
+# Basicly it parses commits.log and searches for "CVE" keyword, then it generates a .html file with simple table structure
+#
+# TODO
+# - display all auto-ac, auto-th and auto-ti tags if they resolve the same CVE
+#
+import os
+import sys
+import re
+import readline
+import time
+import datetime
+
+# Changes go here
+log = '/cvsroot/SPECS/commits.log'
+cvsroot = "/cvsroot/"
+cvsmodule = "SPECS/"
+h_page = "header.html"
+table_page = "security.html"
+f_page = "footer.html"
+size_f = "size.txt"
+
+# Don't change anything below unless you know what you're doing
+specs =  []
+cves = []
+lines = []
+revs = []
+date = []
+
+# Main parse function
+def parse():
+	# seek where we last ended parsing
+	f2 = open(size_f, 'r')
+	old_size = f2.read().split("L")
+	old_size = long(old_size[0])
+	f2.close()
+	f = open(log)
+	f.seek(old_size) # end seeking
+	read = f.xreadlines()
+	for l in read:
+		l = l.strip()
+		lines.append(l)
+	lines_len = len(lines)
+	for i in range(lines_len):
+		if lines[i] == "Modified files:":
+			spec = lines[i+1]
+		if lines[i] == "Log message:":
+			cvslog = 1
+			cve = ""
+			while(lines[i+cvslog] != ""):
+				cve_match = re.match('.*(CVE-[0-9\-]+)', lines[i+cvslog])
+				if cve_match:
+					cve += "<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\">%s</a> " % (cve_match.group(1), cve_match.group(1))
+				cvslog = cvslog+1
+		if lines[i] == "$Log$":
+			p = lines[i+1].split(" ")
+			if cve != "":
+				specs.append(spec)
+				cves.append(cve)
+				revs.append(p[1])
+				date.append(p[3])
+	f1 = open(table_page, 'w')
+	x = len(cves)-1
+	# LIFO - means, reverse the array
+	while x!=-1:
+		resolved = getCVSentry(specs[x], revs[x])
+		if resolved == 0:
+			f1.write("<tr><td>%s</td>\n" % (date[x]))
+			f1.write("<td><a href=\"http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SPECS/%s?rev=%s\">%s</a></td>\n" % (specs[x], revs[x], specs[x]))
+			f1.write("<td>%s</td>\n" % (cves[x]))
+			f1.write("<td>%s</td>\n" % (revs[x]))
+			f1.write("<td>%s</td></tr>\n" % (revs[x]))
+		else:
+			rev_tag = resolved.split(":")
+			f1.write("<tr><td>%s</td>\n" % (date[x]))
+			f1.write("<td><a href=\"http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SPECS/%s?logsort=rev;only_with_tag=%s\">%s</a></td>\n" % (specs[x], rev_tag[0], specs[x]))
+			f1.write("<td>%s</td>\n" % (cves[x]))
+			f1.write("<td>%s</td>\n" % (revs[x]))
+			f1.write("<td>%s</td></tr>\n" % (resolved))
+		x = x-1
+	f1.close()
+	# write new file size
+	size = os.fstat(f.fileno())
+	size = str(size).split(", ")
+	fs = open(size_f, "w")
+	fs.write(size[6])
+	fs.close()
+
+# get cvs log entries (auto-tags) for specs
+def getCVSentry(spec, revision):
+	tags = []
+	autotag = os.popen("cvs -d %s log -tr%s: %s%s |grep -A300 symbolic |grep auto" % (cvsroot, revision, cvsmodule, spec))
+	for l in autotag.xreadlines():
+		l = l.strip()
+		tags.append(l)
+	try:
+		tag_rev = tags[0].split(" ")
+		if compRevs(tag_rev[1], revision)==0:
+			return tags[0]
+		else:
+			return 0
+	except(IndexError):
+		return 0
+		pass
+
+# get commits.log file
+def rsync():
+	os.system("rsync rsync://cvs.pld-linux.org/cvs/SPECS/commits.log .")
+
+# do I need to explain this function?
+def genPageHeader():
+	t = datetime.datetime.now()
+	EpochSeconds = time.mktime(t.timetuple())
+	now = datetime.datetime.fromtimestamp(EpochSeconds)
+	f = open(h_page, 'w')
+	f.write("<p align=\"center\">Generated on: %s</p>" % now.ctime())
+	f.write("<table><tr>\n")
+	f.write("<td><b>Date</b></td>\n")
+	f.write("<td><b>SPEC</b></td>\n")
+	f.write("<td><b>CVE Entry</b></td>\n")
+	f.write("<td><b>Revision</b></td>\n")
+	f.write("<td><b>Resolved with</b></td>\n")
+	f.write("</tr><tr>\n")
+	f.close()
+
+# ...or this one?
+def genPageFooter():
+	f = open(f_page, 'w')
+	f.write("</tr></table>\n")
+	f.write("<p align=\"right\">\n")
+	f.write("<img src=\"http://pl.docs.pld-linux.org/zrzuty_ekr/logo_03.png\" alt=\"PLD\" /></p>\n")
+	f.close()
+
+#compares whether rev1 is greater than rev2 and return 0 if true, 1 if false
+def compRevs(rev1, rev2):
+	rev1 = rev1.split(".")
+	rev2 = rev2.split(".")
+	if len(rev1) >= len(rev2):
+		for x in range(len(rev2)):
+			if (rev1[x]!=rev2[x]): 
+				if (rev1[x]>rev2[x]):
+					return 0
+					break
+				else:
+					return 1
+					break
+	elif len(rev1) < len(rev2):
+		for x in range(len(rev1)):
+			if (rev1[x]!=rev2[x]):
+				if (rev1[x]>rev2[x]):
+					return 0
+					break
+				else:
+					return 1
+					break
+	return 0	
+
+# now call them
+genPageHeader()
+#rsync()
+parse()
+genPageFooter()

Added: security/generate.sh
==============================================================================
--- (empty file)
+++ security/generate.sh	Sat Oct  6 13:06:11 2007
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+mv security.html temp
+./cve_reader.py
+cat temp >> security.html
+rm temp
+cp /home/users/security/*.html /home/users/security/www/
+chmod a+r /home/users/security/www/*.html

Added: security/index.php
==============================================================================
--- (empty file)
+++ security/index.php	Sat Oct  6 13:06:11 2007
@@ -0,0 +1,99 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="pl">
+<head>
+<title>PLD Security Logs</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+
+<style type="text/css">
+h2 { text-align: center; }
+body, td { font-family: Verdana; font-size: 9pt; }
+table { border-collapse: collapse; width: 100%; }
+td { padding: 6px 15px; }
+tr.entry { padding: 6px 15px; border-top: 3px solid #ebebe4; border-bottom: 1px solid #ebebe4 }
+tr.branch { padding: 6px 15px; width: 150px; color: red; } 
+.thead td, thead td, tfoot td { background-color: #ebebe4 }
+.thead td, thead td { border-bottom: 1px solid #c0c0c0; border-top: 1px solid #c0c0c0; padding: 5px 15px }
+.thead td a, thead td a { color: #000000 }
+tfoot td { border-top: 2px solid #c0c0c0; border-bottom: 1px solid #c0c0c0 }
+tfoot td a { display: block; padding: 2px 5px; border: 1px outset; float: left; border: 1px solid #c0c0c0; background-color: #ffffff; color: #000000; text-decoration: none; margin-left: 5px }
+#phonebookTable thead tr td div {
+	text-align: center;
+	font-weight: bold;
+}
+.status {
+	width: 200px;
+}
+.builder, .spec, .status {
+	width: 100px;
+}
+.recip {
+	width: 80px;
+}
+
+.date { 
+	width: 80px;
+	text-align: center;
+}
+.sender {
+	width: 80px;
+}
+.appInfoHead td {
+	text-decoration: underline;
+}
+tr.application:hover td {
+	background: #f2f2f2;
+}
+div#logoPLD {
+	text-align: right;
+}
+
+a, a:visited {
+	color: blue;
+}
+a:hover, a:visited:hover {
+	color: red;
+}
+
+a.mailto, a.mailto:visited {
+	background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAANBAMAAABSlfMXAAAAElBMVEUAAADAwMDIyMjU1NTh4eHq6urvtBmjAAAAAXRSTlMAQObYZgAAAAFiS0dEAIgFHUgAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfXBRIQIwkqTPrmAAAANElEQVQI12NgIAIIQgGDsEooEDgZMog6AVlOKoEMoqFOpsEqoSBGqKFwKIQBAtgYihBjhABusBAkFbJeowAAAABJRU5ErkJggg==) right center no-repeat;
+	padding-right: 18px;
+}
+a.mailto:hover, a.mailto:visited:hover {
+	background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAANBAMAAABSlfMXAAAAGFBMVEUAAADAwMDMzMzf39/q6ury8vL5+fn///9jzSKfAAAAAXRSTlMAQObYZgAAAAFiS0dEAIgFHUgAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfXBRIQKiMgNYh5AAAAPklEQVQI12NgYGAwFGYAgyDzYlUwrVpeHgRkMQNpIMuAQbgcDAwZRNJBdJkjg4gbiJECZLiAAXEMRUEwEAIApjwY+YHESpgAAAAASUVORK5CYII=);
+}
+#Popup {
+	display: none;
+	position: absolute;
+	padding: 2px;
+	border: 2px solid #c0c0c0;
+	background-color: #ebebe4;
+	color: #000;
+	z-index: 1000;
+	right: auto;
+	bottom: auto;
+	width: auto;
+	max-width: 490px;
+	height: auto;
+	left: 10px;
+	top: 10px;
+}
+.ok { color: green; }
+.fail { color: red; }
+#bottomlink {
+	padding: 15px 15px 15px 15px;
+	text-align: right;
+}
+
+</style>
+
+</head>
+<body>
+
+<h2>PLD Security Logs</h2>
+<?
+include("header.html");
+include("security.html");
+include("footer.html");
+?>
+</body>
+</html>
