Commit 810a8280 authored by Elger Jonker's avatar Elger Jonker

[WIP] O-saft scanner, scans now, have to store and add checks


Former-commit-id: 367368bc
parent e238088c
......@@ -543,7 +543,7 @@ class CoordinateAdmin(LeafletGeoAdminMixin, ImportExportModelAdmin):
def save_model(self, request, obj, form, change):
# logger.info(form.changed_data)
# log.info(form.changed_data)
# grrr, both area and edit_area are ALWAYS changed... even if you didn't change the values in these
# fields... this is obviously a bug or "optimization". We now have to resort to queries to figure out
# if anything changed at all. Evil bugs.
......
......@@ -15,7 +15,7 @@ class Command(BaseCommand):
help = 'Development command'
def handle(self, *args, **options):
rebuild_ratings()
test_osaft()
return
# tasking()
......@@ -37,6 +37,17 @@ class Command(BaseCommand):
# Command.develop_celery_test_async_tasks()
def test_osaft():
from failmap.scanners.scanner_tls_osaft import scan_address, determine_grade, debug_grade
address = 'faalkaart.nl'
port = 443
report = scan_address(address, port)
grades, trust = determine_grade(report)
logger.debug(trust)
logger.debug(grades)
debug_grade(grades, trust)
def rebuild_ratings():
from failmap.map.rating import rerate_organizations
......
This diff is collapsed.
......@@ -452,6 +452,9 @@ TOOLS = {
},
'dnscheck': {
'executable': TOOLS_DIR + 'dnssec.pl'
},
'osaft': {
'json': VENDOR_DIR + 'osaft/JSON-array.awk',
}
}
......
#!/usr/bin/gawk -f
#?
#? NAME
#? JSON-array.awk - formatting o-saft.pl's output as JSON array
#?
#? SYNOPSIS
#? o-saft.pl --tracekey --tab ... | JSON-array.awk
#? o-saft.pl --tracekey --tab ... | gawk -f JSON-array.awk
#?
#? DESCRIPTION
#? Input format must be: key\tlabel\tvalue
#?
#? Formats all output as JSON array. Each array element consists of:
#? typ, line, key, label, value
#?
#? VERSION
#? @(#) JSON-array.awk 1.1 17/06/26 11:47:42
#?
#? AUTHOR
#? 23. June 2017 Achim Hoffmann
#?
# -----------------------------------------------------------------------------
BEGIN { FS="\t"; e=0; w=0; h=0; c=0; d=0; i=0; print "["; }
function trim(val) { gsub(/^ */, "", val); gsub(/ *$/, "", val); return val; }
function line(key,val,sep) { printf("\"%s\":\"%s\"%s", trim(key), trim(val), sep); }
function stat(key,val) {
printf(" {");
line("typ","stat", ",");
line("key", key, ",");
line("value", val, "");
print "},";
}
(NF>0) { gsub(/"/,"\\\";"); } # escape "
/^#\[/ { sub(/^#\[/,""); sub(/\]/,"");} # pretty-print key: #[key] --> key
/^\s*$/ { s++; next; } # empty lines
/^=/ { s++; next; } # header lines
($1~/ reading/) { s++; next; } # other lines
{ # must be first check
if ($NF ~ /^no/ || $NF == "yes") {
d++; typ = "check";
} else {
i++; typ = "info";
if ($0 ~ /^cnt_/ || $0 ~ /^len_/) { typ = "check"; }
}
}
($1~/^**ERROR/) { e++; typ = "error"; $0 = sprintf("%s\t%s\t%s", e, FNR, $0); }
($1~/^**WARN/) { w++; typ = "warning"; $0 = sprintf("%s\t%s\t%s", w, FNR, $0); }
($1~/^**HINT/) { h++; typ = "hint"; $0 = sprintf("%s\t%s\t%s", h, FNR, $0); }
($1~/^!!Hint/) { h++; typ = "hint"; $0 = sprintf("%s\t%s\t%s", h, FNR, $0); }
($NF~/[Hh][Ii][Gg][Hh]/) { c++; typ = "cipher"; }
($NF~/[Mm][Ee][Dd][Ii]/) { c++; typ = "cipher"; }
($NF~/[Ll][Oo][Ww]/) { c++; typ = "cipher"; }
($NF~/[Ww][Ee][Aa][Kk]/) { c++; typ = "cipher"; }
{
#dbx# print " // ", $0;
delete arr;
split($0, arr, /\t/);
printf(" {");
line("typ", typ, ",");
line("line", FNR, ",");
line("key", arr[1], ",");
line("label", arr[2], ",");
line("value", arr[length(arr)], "");
print "},";
next;
}
END {
stat("error", e);
stat("warning", w);
stat("cipher", c);
stat("check", d);
stat("info", i);
stat("skip", s);
print "];"; }
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment