Documentation ¶
Index ¶
- func ArchMatch(pkgArch string, requiredPkgArch string, operation oval.Operation) bool
- func DpkgDefsToVulns(ctx context.Context, root *oval.Root, protoVulns ProtoVulnsFunc, ...) ([]*claircore.Vulnerability, error)
- func Links(def oval.Definition) string
- func Operation(value, requiredValue string, operation oval.Operation) bool
- func RPMDefsToVulns(ctx context.Context, root *oval.Root, protoVulns ProtoVulnsFunc) ([]*claircore.Vulnerability, error)
- func TestLookup(root *oval.Root, ref string, f func(kind string) bool) (oval.Test, error)
- type Compressor
- type DefinitionType
- type Fetcher
- type FetcherConfig
- type PackageExpansionFunc
- type ProtoVulnsFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DpkgDefsToVulns ¶
func DpkgDefsToVulns(ctx context.Context, root *oval.Root, protoVulns ProtoVulnsFunc, expansionFunc PackageExpansionFunc) ([]*claircore.Vulnerability, error)
DpkgDefsToVulns iterates over the definitions in an oval root and assumes DpkgInfo objects and states.
Each Criterion encountered with an EVR string will be translated into a claircore.Vulnerability
func Links ¶
func Links(def oval.Definition) string
Links joins all the links in the cve definition into a single string.
func RPMDefsToVulns ¶
func RPMDefsToVulns(ctx context.Context, root *oval.Root, protoVulns ProtoVulnsFunc) ([]*claircore.Vulnerability, error)
RPMDefsToVulns iterates over the definitions in an oval root and assumes RPMInfo objects and states.
Each Criterion encountered with an EVR string will be translated into a claircore.Vulnerability
Types ¶
type Compressor ¶
type Compressor uint
Compressor is used by Fetcher to decompress data it fetches.
const ( CompressionAuto Compressor = iota // auto CompressionNone // none CompressionGzip // gzip CompressionBzip2 // bzip2 CompressionZstd // zstd )
These are the kinds of Compession a Fetcher can deal with.
func ParseCompressor ¶
func ParseCompressor(s string) (c Compressor, err error)
ParseCompressor reports the Compressor indicated by the passed in string.
func (Compressor) String ¶
func (i Compressor) String() string
type DefinitionType ¶
type DefinitionType string
const ( CVEDefinition DefinitionType = "cve" RHBADefinition DefinitionType = "rhba" RHEADefinition DefinitionType = "rhea" RHSADefinition DefinitionType = "rhsa" UnaffectedDefinition DefinitionType = "unaffected" NoneDefinition DefinitionType = "none" )
func GetDefinitionType ¶
func GetDefinitionType(def oval.Definition) (DefinitionType, error)
GetDefinitionType parses an OVAL definition and extracts its type from ID.
type Fetcher ¶
type Fetcher struct { URL *url.URL Client *http.Client Compression Compressor }
Fetcher implements the driver.Fetcher interface.
Fetcher expects all of its exported members to be filled out appropriately, and may panic if not.
func (*Fetcher) Configure ¶
Configure implements driver.Configurable.
For users that embed a Fetcher, this provides a configuration hook by default.
func (*Fetcher) Fetch ¶
func (f *Fetcher) Fetch(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error)
Fetch fetches the resource as specified by Fetcher.URL and Fetcher.Compression, using the client provided as Fetcher.Client.
Fetch makes GET requests, and will make conditional requests using the passed-in hint.
Tmp.File is used to return a ReadCloser that outlives the passed-in context.
type FetcherConfig ¶
type FetcherConfig struct { URL string `json:"url" yaml:"url"` Compression string `json:"compression" yaml:"compression"` }
FetcherConfig is the configuration that the Fetcher's Configure method works with.
Users the embed Fetcher and use Fetcher.Configure should make sure any of their configuration keys don't conflict with these names.
type PackageExpansionFunc ¶
type PackageExpansionFunc func(def oval.Definition, name *oval.DpkgName) []string
PackageExpansionFunc allows a caller to expand the inserted vulns. For example when the OVAL DB reports vulnerabilities from the source package only (Debian). Or the name field has a var_ref indicating a variable lookup is needed (Ubuntu).
type ProtoVulnsFunc ¶
type ProtoVulnsFunc func(def oval.Definition) ([]*claircore.Vulnerability, error)
ProtoVulnsFunc allows a caller to create prototype vulnerabilities that will be copied and further defined for every applicable oval.Criterion discovered.
This allows the caller to use oval.Definition fields and closure syntax when defining how a vulnerability should be parsed