diff options
Diffstat (limited to 'pym/kernelcheck/kernelcheck.py')
| -rwxr-xr-x | pym/kernelcheck/kernelcheck.py | 93 |
1 files changed, 46 insertions, 47 deletions
diff --git a/pym/kernelcheck/kernelcheck.py b/pym/kernelcheck/kernelcheck.py index 5eac6b1..45914d6 100755 --- a/pym/kernelcheck/kernelcheck.py +++ b/pym/kernelcheck/kernelcheck.py @@ -31,7 +31,7 @@ def main(argv): try: opts, args = getopt.gnu_getopt(argv, 'dhnr:sv', ['debug', 'help', 'nocolor', 'report=', 'sync', 'verbose']) - except getopt.GetoptError, e: + except getopt.GetoptError: usage() return @@ -67,9 +67,9 @@ def main(argv): information = dict() - print '' - print darkgreen('These are the specifications of your kernel:') - print '' + print('') + print(darkgreen('These are the specifications of your kernel:')) + print('') uname = os.uname() if uname[0] != 'Linux': @@ -101,32 +101,36 @@ def main(argv): } print_items(information, 'Information') - print '' + print('') print_items(lib.gather_configuration(), 'Configuration') - print '\nDetermining vulnerabilities... done!' #TODO #spin - print '' + print('\nDetermining vulnerabilities... done!') #TODO #spin + print('') - kernel_eval = lib.eval_cve_files(lib.DIR['out'], kernel, arch, None) - if not kernel_eval: + evaluation = lib.eval_cve_files(lib.DIR['out'], kernel, arch, None) + if not evaluation: error('No kernel vulnerability files found!') return - print_summary(kernel_eval.affected) + if len(evaluation.affected) is not 0: + print_summary(evaluation.affected) - print 'Total: %s vulnerabilities (%s), Average CVSS score: %.1f' % ( - len(kernel_eval.affected), repr(kernel_eval), kernel_eval.avg_cvss) + print('Total: %s vulnerabilities (%s), Average CVSS score: %.1f\n' % ( + len(evaluation.affected), repr(evaluation), evaluation.avg_cvss)) - print '' + prompt = "Would you like to upgrade your kernel?" + if userquery(prompt, None) == 'No': + print('') + print('Quitting.') + print('') - prompt = "Would you like to upgrade your kernel?" - if userquery(prompt, None) == 'No': - print'' - print'Quitting.' - print '' + else: + print('Not implemented yet...') else: - print 'Not implemented yet ;)' + print('Total: 0 vulnerabilities, Average CVSS score: 0.0\n') + print(bold('Your kernel is not affected by any known vulnerability!')) + def print_items(category, header): 'Indents and prints items' @@ -140,49 +144,44 @@ def print_items(category, header): for i, string in enumerate(textwrap.wrap('%s' % category[item], (screenwidth - 23))): if i is 0: - print '%s%s%s : %s' % (' ' * 6, darkgreen(item), - ' ' * (14 - len(item)), string) + print('%s%s%s : %s' % (' ' * 6, darkgreen(item), + ' ' * (14 - len(item)), string)) else: - print '%s%s' % (' ' * 23, string) + print('%s%s' % (' ' * 23, string)) def print_summary(vullist): 'Prints the vulnerability summary' for item in vullist: - - whiteboard = str() - for interval in item.affected: - whiteboard += '[' + str(interval) + '] ' - if item.cves: for cve in item.cves: - cve_text = str() + cvetype = str() if 'AV:L' in cve.vector: - cve_text += colorize('BAD', 'local') + cvetype += colorize('BAD', 'local') if 'AV:A' in cve.vector or 'AV:N' in cve.vector: - cve_text += colorize('BAD', 'network') + cvetype += colorize('BAD', 'network') if ('C:P' in cve.vector or 'C:C' in cve.vector) \ and ('I:P' in cve.vector or 'I:C' in cve.vector) \ and ('A:P' in cve.vector or 'A:C' in cve.vector): - cve_text += '%s%s' % (' ', blue('-complete')) + cvetype += '%s%s' % (' ', blue('-complete')) else: if 'C:P' in cve.vector or 'C:C' in cve.vector: - cve_text += '%s%s' % (' ', blue('-confidentiality')) + cvetype += '%s%s' % (' ', blue('-confidentiality')) if 'I:P' in cve.vector or 'I:C' in cve.vector: - cve_text += '%s%s' % (' ', blue('-integrity')) + cvetype += '%s%s' % (' ', blue('-integrity')) if 'A:P' in cve.vector or 'A:C' in cve.vector: - cve_text += '%s%s' % (' ', blue('-availability')) + cvetype += '%s%s' % (' ', blue('-availability')) - print '[%s %26s] %s %s TYPE="%s"' % (darkgreen('bugid'), + print ('[%s %26s] %s %s TYPE="%s"') % (darkgreen('bugid'), colorize('GOOD', item.bugid), darkgreen(cve.cve), - blue('[%s]' % cve.score), cve_text) + blue('[%s]' % cve.score), cvetype) - print '' + print('') def print_bug(bugid): @@ -206,7 +205,7 @@ def print_bug(bugid): 'Architecture' : vul.arch.capitalize() } - print '' + print('') print_items(buginformation, 'Bugid %s' % bugid) for cve in vul.cves: @@ -235,7 +234,7 @@ def print_cve(cveid): } #TODO print cve.refs - print '' + print('') print_items(cveinformation, cve.cve) @@ -249,14 +248,14 @@ def print_information(): def usage(): 'Prints the usage screen' - print 'Usage: kernel-check [BUGID|CVE] [OPTION]...' - print 'Gentoo Kernel Security %s\n' % lib.VERSION - print ' -d, --debug display debugging information' - print ' -h, --help display help information' - print ' -n, --nocolor disable colors' - print ' -r, --report [file] create a security report' - print ' -s, --sync receive the latest vulnerabilities' - print ' -v, --verbose display additional information' + print('Usage: kernel-check [BUGID|CVE] [OPTION]...') + print('Gentoo Kernel Security %s\n' % lib.VERSION) + print(' -d, --debug display debugging information') + print(' -h, --help display help information') + print(' -n, --nocolor disable colors') + print(' -r, --report [file] create a security report') + print(' -s, --sync receive the latest vulnerabilities') + print(' -v, --verbose display additional information') if __name__ == '__main__': |