summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'pym/kernelcheck/kernelcheck.py')
-rwxr-xr-xpym/kernelcheck/kernelcheck.py93
1 files changed, 46 insertions, 47 deletions
diff --git a/pym/kernelcheck/kernelcheck.py b/pym/kernelcheck/kernelcheck.py
index 5eac6b1..45914d6 100755
--- a/pym/kernelcheck/kernelcheck.py
+++ b/pym/kernelcheck/kernelcheck.py
@@ -31,7 +31,7 @@ def main(argv):
try:
opts, args = getopt.gnu_getopt(argv, 'dhnr:sv',
['debug', 'help', 'nocolor', 'report=', 'sync', 'verbose'])
- except getopt.GetoptError, e:
+ except getopt.GetoptError:
usage()
return
@@ -67,9 +67,9 @@ def main(argv):
information = dict()
- print ''
- print darkgreen('These are the specifications of your kernel:')
- print ''
+ print('')
+ print(darkgreen('These are the specifications of your kernel:'))
+ print('')
uname = os.uname()
if uname[0] != 'Linux':
@@ -101,32 +101,36 @@ def main(argv):
}
print_items(information, 'Information')
- print ''
+ print('')
print_items(lib.gather_configuration(), 'Configuration')
- print '\nDetermining vulnerabilities... done!' #TODO #spin
- print ''
+ print('\nDetermining vulnerabilities... done!') #TODO #spin
+ print('')
- kernel_eval = lib.eval_cve_files(lib.DIR['out'], kernel, arch, None)
- if not kernel_eval:
+ evaluation = lib.eval_cve_files(lib.DIR['out'], kernel, arch, None)
+ if not evaluation:
error('No kernel vulnerability files found!')
return
- print_summary(kernel_eval.affected)
+ if len(evaluation.affected) is not 0:
+ print_summary(evaluation.affected)
- print 'Total: %s vulnerabilities (%s), Average CVSS score: %.1f' % (
- len(kernel_eval.affected), repr(kernel_eval), kernel_eval.avg_cvss)
+ print('Total: %s vulnerabilities (%s), Average CVSS score: %.1f\n' % (
+ len(evaluation.affected), repr(evaluation), evaluation.avg_cvss))
- print ''
+ prompt = "Would you like to upgrade your kernel?"
+ if userquery(prompt, None) == 'No':
+ print('')
+ print('Quitting.')
+ print('')
- prompt = "Would you like to upgrade your kernel?"
- if userquery(prompt, None) == 'No':
- print''
- print'Quitting.'
- print ''
+ else:
+ print('Not implemented yet...')
else:
- print 'Not implemented yet ;)'
+ print('Total: 0 vulnerabilities, Average CVSS score: 0.0\n')
+ print(bold('Your kernel is not affected by any known vulnerability!'))
+
def print_items(category, header):
'Indents and prints items'
@@ -140,49 +144,44 @@ def print_items(category, header):
for i, string in enumerate(textwrap.wrap('%s' % category[item],
(screenwidth - 23))):
if i is 0:
- print '%s%s%s : %s' % (' ' * 6, darkgreen(item),
- ' ' * (14 - len(item)), string)
+ print('%s%s%s : %s' % (' ' * 6, darkgreen(item),
+ ' ' * (14 - len(item)), string))
else:
- print '%s%s' % (' ' * 23, string)
+ print('%s%s' % (' ' * 23, string))
def print_summary(vullist):
'Prints the vulnerability summary'
for item in vullist:
-
- whiteboard = str()
- for interval in item.affected:
- whiteboard += '[' + str(interval) + '] '
-
if item.cves:
for cve in item.cves:
- cve_text = str()
+ cvetype = str()
if 'AV:L' in cve.vector:
- cve_text += colorize('BAD', 'local')
+ cvetype += colorize('BAD', 'local')
if 'AV:A' in cve.vector or 'AV:N' in cve.vector:
- cve_text += colorize('BAD', 'network')
+ cvetype += colorize('BAD', 'network')
if ('C:P' in cve.vector or 'C:C' in cve.vector) \
and ('I:P' in cve.vector or 'I:C' in cve.vector) \
and ('A:P' in cve.vector or 'A:C' in cve.vector):
- cve_text += '%s%s' % (' ', blue('-complete'))
+ cvetype += '%s%s' % (' ', blue('-complete'))
else:
if 'C:P' in cve.vector or 'C:C' in cve.vector:
- cve_text += '%s%s' % (' ', blue('-confidentiality'))
+ cvetype += '%s%s' % (' ', blue('-confidentiality'))
if 'I:P' in cve.vector or 'I:C' in cve.vector:
- cve_text += '%s%s' % (' ', blue('-integrity'))
+ cvetype += '%s%s' % (' ', blue('-integrity'))
if 'A:P' in cve.vector or 'A:C' in cve.vector:
- cve_text += '%s%s' % (' ', blue('-availability'))
+ cvetype += '%s%s' % (' ', blue('-availability'))
- print '[%s %26s] %s %s TYPE="%s"' % (darkgreen('bugid'),
+ print ('[%s %26s] %s %s TYPE="%s"') % (darkgreen('bugid'),
colorize('GOOD', item.bugid), darkgreen(cve.cve),
- blue('[%s]' % cve.score), cve_text)
+ blue('[%s]' % cve.score), cvetype)
- print ''
+ print('')
def print_bug(bugid):
@@ -206,7 +205,7 @@ def print_bug(bugid):
'Architecture' : vul.arch.capitalize()
}
- print ''
+ print('')
print_items(buginformation, 'Bugid %s' % bugid)
for cve in vul.cves:
@@ -235,7 +234,7 @@ def print_cve(cveid):
}
#TODO print cve.refs
- print ''
+ print('')
print_items(cveinformation, cve.cve)
@@ -249,14 +248,14 @@ def print_information():
def usage():
'Prints the usage screen'
- print 'Usage: kernel-check [BUGID|CVE] [OPTION]...'
- print 'Gentoo Kernel Security %s\n' % lib.VERSION
- print ' -d, --debug display debugging information'
- print ' -h, --help display help information'
- print ' -n, --nocolor disable colors'
- print ' -r, --report [file] create a security report'
- print ' -s, --sync receive the latest vulnerabilities'
- print ' -v, --verbose display additional information'
+ print('Usage: kernel-check [BUGID|CVE] [OPTION]...')
+ print('Gentoo Kernel Security %s\n' % lib.VERSION)
+ print(' -d, --debug display debugging information')
+ print(' -h, --help display help information')
+ print(' -n, --nocolor disable colors')
+ print(' -r, --report [file] create a security report')
+ print(' -s, --sync receive the latest vulnerabilities')
+ print(' -v, --verbose display additional information')
if __name__ == '__main__':