diff options
-rw-r--r-- | nvdmirror/nvdmirror.go | 106 | ||||
-rw-r--r-- | nvdmirror/syncconfig.go | 111 |
2 files changed, 111 insertions, 106 deletions
diff --git a/nvdmirror/nvdmirror.go b/nvdmirror/nvdmirror.go index 4faf68e..aeb5c24 100644 --- a/nvdmirror/nvdmirror.go +++ b/nvdmirror/nvdmirror.go @@ -16,114 +16,8 @@ import ( "net/url" "os" "path/filepath" - "time" ) -// Sync() configuration. -type SyncConfig struct { - // CVE 1.1 Base URL. The full meta and JSON URLs are constructed by - // appending the file name to this base. - Cve11BaseUrl string - - // CPE Match 1.0 base URL. The full meta and JSON URLs are - // constructed by appending the file name to this base. - CpeMatch10BaseUrl string - - // CPE 2.3 dictionary URL. - Cpe23DictUrl string - - // User agent string. Set to "" for default user agent string. - UserAgent string - - // Maximum number of idle connections. - MaxIdleConns int - - // Idle connection timeout. - IdleConnTimeout time.Duration -} - -// NVD URLs -var DefaultConfig = SyncConfig { - Cve11BaseUrl: "https://nvd.nist.gov/feeds/json/cve/1.1", - CpeMatch10BaseUrl: "https://nvd.nist.gov/feeds/json/cpematch/1.0", - Cpe23DictUrl: "https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz", - UserAgent: "cvez/0.1.0", -} - -// Initial (first) CVE year. -const baseYear = 2002 - -// Additional non-year CVE feeds. -var cveExtraFiles = []string { - "modified", - "recent", -} - -// Get user agent string. -func (me SyncConfig) GetUserAgent() string { - if len(me.UserAgent) > 0 { - return me.UserAgent - } else { - return DefaultConfig.UserAgent - } -} - -// Get URL for CVE feed file. -func (me SyncConfig) GetCveUrl(id, ext string) string { - return fmt.Sprintf("%s/nvdcve-1.1-%s.%s", me.Cve11BaseUrl, id, ext) -} - -// Get URL for CVE feed file for given year. -func (me SyncConfig) GetCveYearUrl(year int, ext string) string { - return me.GetCveUrl(fmt.Sprintf("%04d", year), ext) -} - -// Get URL for CPE match file. -func (me SyncConfig) GetCpeMatchUrl(ext string) string { - return fmt.Sprintf("%s/nvdcpematch-1.0.%s", me.CpeMatch10BaseUrl, ext) -} - -// Get CPE dictionary URL. -func (me SyncConfig) GetCpeDictUrl() string { - if len(me.Cpe23DictUrl) > 0 { - return me.Cpe23DictUrl - } else { - return DefaultConfig.Cpe23DictUrl - } -} - -// get meta URL map. -func (me SyncConfig) getMetaUrls() map[string]string { - // calculate total number of years - numYears := time.Now().Year() - baseYear + 1 - - r := make(map[string]string) - - // fetch cve feed metas - for i := 0; i < numYears; i++ { - metaUrl := me.GetCveYearUrl(baseYear + i, "meta") - feedUrl := me.GetCveYearUrl(baseYear + i, "json.gz") - r[metaUrl] = feedUrl - } - - // fetch cve extra file metas - for _, s := range(cveExtraFiles) { - metaUrl := me.GetCveUrl(s, "meta") - feedUrl := me.GetCveUrl(s, "json.gz") - r[metaUrl] = feedUrl - } - - { - // add cpe match - metaUrl := me.GetCpeMatchUrl("meta") - feedUrl := me.GetCpeMatchUrl("json.gz") - r[metaUrl] = feedUrl - } - - // return map - return r -} - // Fetch result. type fetchResult struct { src string // source URL diff --git a/nvdmirror/syncconfig.go b/nvdmirror/syncconfig.go new file mode 100644 index 0000000..5da067d --- /dev/null +++ b/nvdmirror/syncconfig.go @@ -0,0 +1,111 @@ +package nvdmirror + +import ( + "fmt" + "time" +) + +// Sync() configuration. +type SyncConfig struct { + // CVE 1.1 Base URL. The full meta and JSON URLs are constructed by + // appending the file name to this base. + Cve11BaseUrl string + + // CPE Match 1.0 base URL. The full meta and JSON URLs are + // constructed by appending the file name to this base. + CpeMatch10BaseUrl string + + // CPE 2.3 dictionary URL. + Cpe23DictUrl string + + // User agent string. Set to "" for default user agent string. + UserAgent string + + // Maximum number of idle connections. + MaxIdleConns int + + // Idle connection timeout. + IdleConnTimeout time.Duration +} + +// NVD URLs +var DefaultConfig = SyncConfig { + Cve11BaseUrl: "https://nvd.nist.gov/feeds/json/cve/1.1", + CpeMatch10BaseUrl: "https://nvd.nist.gov/feeds/json/cpematch/1.0", + Cpe23DictUrl: "https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz", + UserAgent: "cvez/0.1.0", +} + +// Initial (first) CVE year. +const baseYear = 2002 + +// Additional non-year CVE feeds. +var cveExtraFiles = []string { + "modified", + "recent", +} + +// Get user agent string. +func (me SyncConfig) GetUserAgent() string { + if len(me.UserAgent) > 0 { + return me.UserAgent + } else { + return DefaultConfig.UserAgent + } +} + +// Get URL for CVE feed file. +func (me SyncConfig) GetCveUrl(id, ext string) string { + return fmt.Sprintf("%s/nvdcve-1.1-%s.%s", me.Cve11BaseUrl, id, ext) +} + +// Get URL for CVE feed file for given year. +func (me SyncConfig) GetCveYearUrl(year int, ext string) string { + return me.GetCveUrl(fmt.Sprintf("%04d", year), ext) +} + +// Get URL for CPE match file. +func (me SyncConfig) GetCpeMatchUrl(ext string) string { + return fmt.Sprintf("%s/nvdcpematch-1.0.%s", me.CpeMatch10BaseUrl, ext) +} + +// Get CPE dictionary URL. +func (me SyncConfig) GetCpeDictUrl() string { + if len(me.Cpe23DictUrl) > 0 { + return me.Cpe23DictUrl + } else { + return DefaultConfig.Cpe23DictUrl + } +} + +// get meta URL map. +func (me SyncConfig) getMetaUrls() map[string]string { + // calculate total number of years + numYears := time.Now().Year() - baseYear + 1 + + r := make(map[string]string) + + // fetch cve feed metas + for i := 0; i < numYears; i++ { + metaUrl := me.GetCveYearUrl(baseYear + i, "meta") + feedUrl := me.GetCveYearUrl(baseYear + i, "json.gz") + r[metaUrl] = feedUrl + } + + // fetch cve extra file metas + for _, s := range(cveExtraFiles) { + metaUrl := me.GetCveUrl(s, "meta") + feedUrl := me.GetCveUrl(s, "json.gz") + r[metaUrl] = feedUrl + } + + { + // add cpe match + metaUrl := me.GetCpeMatchUrl("meta") + feedUrl := me.GetCpeMatchUrl("json.gz") + r[metaUrl] = feedUrl + } + + // return map + return r +} |