TLS bugfix: only store if there is a rating, Latest bugfix: show latest changes, not latest scans

parent 7f271b53
......@@ -1087,11 +1087,11 @@ def latest_scans(request, scan_type):
return empty_response()
if scan_type == "tls_qualys":
scans = list(TlsQualysScan.objects.order_by('-last_scan_moment')[0:6])
scans = list(TlsQualysScan.objects.order_by('-rating_determined_on')[0:6])
if scan_type in ["Strict-Transport-Security", "X-Content-Type-Options", "X-Frame-Options", "X-XSS-Protection",
"plain_https"]:
scans = list(EndpointGenericScan.objects.filter(type=scan_type).order_by('-last_scan_moment')[0:6])
scans = list(EndpointGenericScan.objects.filter(type=scan_type).order_by('-rating_determined_on')[0:6])
for scan in scans:
points, calculation = points_and_calculation(scan, scan_type)
......@@ -1101,10 +1101,10 @@ def latest_scans(request, scan_type):
"protocol": scan.endpoint.protocol,
"port": scan.endpoint.port,
"ip_version": scan.endpoint.ip_version,
"explanation": calculation["explanation"],
"high": calculation["high"],
"medium": calculation["medium"],
"low": calculation["low"],
"explanation": calculation.get("explanation", ""),
"high": calculation.get("high", 0),
"medium": calculation.get("medium", 0),
"low": calculation.get("low", 0),
"last_scan_humanized": naturaltime(scan.last_scan_moment),
"last_scan_moment": scan.last_scan_moment.isoformat()
})
......
......@@ -341,6 +341,8 @@ def save_scan(url, data):
message = qep['statusMessage']
rating = 0
rating_no_trust = 0
if message in [
"Unable to connect to the server",
"Failed to communicate with the secure server",
......@@ -365,25 +367,26 @@ def save_scan(url, data):
# don't store "failures" as complete scans (with 0 scores).
# storing failures increases the amount of "waste" data. Since so many things can be not resolvable etc.
if previous_scan and rating:
if all([previous_scan.qualys_rating == rating,
previous_scan.qualys_rating_no_trust == rating_no_trust]):
log.info("Scan on %s did not alter the rating, updating scan date only." % failmap_endpoint)
previous_scan.last_scan_moment = datetime.now(pytz.utc)
previous_scan.scan_time = datetime.now(pytz.utc)
previous_scan.scan_date = datetime.now(pytz.utc)
previous_scan.qualys_message = message
previous_scan.save()
results.append('no-change')
if rating:
if previous_scan:
if all([previous_scan.qualys_rating == rating,
previous_scan.qualys_rating_no_trust == rating_no_trust]):
log.info("Scan on %s did not alter the rating, updating scan date only." % failmap_endpoint)
previous_scan.last_scan_moment = datetime.now(pytz.utc)
previous_scan.scan_time = datetime.now(pytz.utc)
previous_scan.scan_date = datetime.now(pytz.utc)
previous_scan.qualys_message = message
previous_scan.save()
results.append('no-change')
else:
log.info("Rating changed on %s, we're going to save the scan to retain history" % failmap_endpoint)
create_scan(failmap_endpoint, rating, rating_no_trust, message)
results.append('rating-changed')
else:
log.info("Rating changed on %s, we're going to save the scan to retain history" % failmap_endpoint)
log.info("This endpoint on %s was never scanned, creating a new scan." % failmap_endpoint)
create_scan(failmap_endpoint, rating, rating_no_trust, message)
results.append('rating-changed')
else:
log.info("This endpoint on %s was never scanned, creating a new scan." % failmap_endpoint)
create_scan(failmap_endpoint, rating, rating_no_trust, message)
results.append('first-scan')
results.append('first-scan')
return results
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment