RubyGems - CloudyScripts - Versions diffs - 1.6.1 → 1.7.27 - Mend

CloudyScripts 1.6.1 → 1.7.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (176) hide show

data/Rakefile +1 -1
data/lib/audit/checks/APACHE2.group +6 -0
data/lib/audit/checks/APACHE2_CONFIG_01.check +36 -0
data/lib/audit/checks/APACHE2_CONFIG_02.check +34 -0
data/lib/audit/checks/APACHE2_CONFIG_03.check +60 -0
data/lib/audit/checks/APACHE2_CONFIG_04.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_05.check +23 -0
data/lib/audit/checks/APACHE2_CONFIG_06.check +30 -0
data/lib/audit/checks/APACHE2_INIT_1.check +14 -0
data/lib/audit/checks/APACHE2_INIT_2.check +66 -0
data/lib/audit/checks/APACHE2_INIT_3.check +13 -0
data/lib/audit/checks/APACHE2_USER_7.check +17 -0
data/lib/audit/checks/BACKUP_HOME_DOTFILES.check +26 -0
data/lib/audit/checks/BACKUP_LOG.check +24 -0
data/lib/audit/checks/BACKUP_MAIL.check +19 -0
data/lib/audit/checks/BACKUP_WEB.check +12 -0
data/lib/audit/checks/CONFIGURATION_BACKUP.check +14 -0
data/lib/audit/checks/DIRECTORY_LISTING.check +14 -0
data/lib/audit/checks/DISTRIBUTION_FACTS.check +60 -0
data/lib/audit/checks/DMESG_OUTPUT.check +14 -0
data/lib/audit/checks/FIND_GROUP_FILE.check +6 -0
data/lib/audit/checks/FIND_PASSWD_FILE.check +8 -0
data/lib/audit/checks/FIND_SHADOW_FILE.check +5 -0
data/lib/audit/checks/FIND_SUDOERS_FILE.check +6 -0
data/lib/audit/checks/FREE_SPACE.check +26 -0
data/lib/audit/checks/HAS_AWK.check +30 -0
data/lib/audit/checks/HAS_BASE.check +21 -0
data/lib/audit/checks/HAS_CAT.check +18 -0
data/lib/audit/checks/HAS_COMPRESSOR.check +30 -0
data/lib/audit/checks/HAS_CUT.check +18 -0
data/lib/audit/checks/HAS_DF.check +19 -0
data/lib/audit/checks/HAS_DPKG.check +18 -0
data/lib/audit/checks/HAS_FILE_DOWNLOADER.check +32 -0
data/lib/audit/checks/HAS_FIND.check +18 -0
data/lib/audit/checks/HAS_GREP.check +19 -0
data/lib/audit/checks/HAS_GROUPCHECK.check +23 -0
data/lib/audit/checks/HAS_GROUPS.check +19 -0
data/lib/audit/checks/HAS_HOSTNAME.check +7 -0
data/lib/audit/checks/HAS_ID.check +7 -0
data/lib/audit/checks/HAS_LSB_RELEASE.check +16 -0
data/lib/audit/checks/HAS_MOUNT.check +19 -0
data/lib/audit/checks/HAS_NETSTAT.check +20 -0
data/lib/audit/checks/HAS_PASSWD_CHECK.check +17 -0
data/lib/audit/checks/HAS_PS.check +19 -0
data/lib/audit/checks/HAS_ROUTE.check +19 -0
data/lib/audit/checks/HAS_SH.check +19 -0
data/lib/audit/checks/HAS_SORT.check +17 -0
data/lib/audit/checks/HAS_STAT.check +17 -0
data/lib/audit/checks/HAS_SUPERUSER.check +11 -0
data/lib/audit/checks/HAS_TAIL.check +16 -0
data/lib/audit/checks/HAS_TAR.check +7 -0
data/lib/audit/checks/HAS_TR.check +22 -0
data/lib/audit/checks/HAS_UNAME.check +7 -0
data/lib/audit/checks/HAS_UNIQ.check +17 -0
data/lib/audit/checks/HAS_WC.check +16 -0
data/lib/audit/checks/HAS_WHO.check +18 -0
data/lib/audit/checks/HAS_YUM.check +18 -0
data/lib/audit/checks/LASTLOG.check +28 -0
data/lib/audit/checks/LIST_ROUTES.check +33 -0
data/lib/audit/checks/LIST_USER_ACCOUNTS.check +25 -0
data/lib/audit/checks/LOADED_MODULES.check +22 -0
data/lib/audit/checks/LOCAL_NMAP.check +97 -0
data/lib/audit/checks/LOGGED_USERS.check +28 -0
data/lib/audit/checks/LYNIS_AUTH.group +9 -0
data/lib/audit/checks/LYNIS_AUTH_9204.check +43 -0
data/lib/audit/checks/LYNIS_AUTH_9208.check +35 -0
data/lib/audit/checks/LYNIS_AUTH_9216.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9222.check +25 -0
data/lib/audit/checks/LYNIS_AUTH_9226.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9228.check +24 -0
data/lib/audit/checks/LYNIS_AUTH_9252.check +19 -0
data/lib/audit/checks/MAYBE_HAS_BZIP2.check +17 -0
data/lib/audit/checks/MAYBE_HAS_CURL.check +17 -0
data/lib/audit/checks/MAYBE_HAS_DU.check +17 -0
data/lib/audit/checks/MAYBE_HAS_HOSTNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_ID.check +17 -0
data/lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check +15 -0
data/lib/audit/checks/MAYBE_HAS_SUPERUSER.check +36 -0
data/lib/audit/checks/MAYBE_HAS_TAR.check +19 -0
data/lib/audit/checks/MAYBE_HAS_UNAME.check +17 -0
data/lib/audit/checks/MAYBE_HAS_WGET.check +17 -0
data/lib/audit/checks/MOUNTED_DEVICES.check +22 -0
data/lib/audit/checks/MYSQL_HISTORY_1.check +29 -0
data/lib/audit/checks/MYSQL_INIT_1.check +9 -0
data/lib/audit/checks/MYSQL_INIT_2.check +12 -0
data/lib/audit/checks/MYSQL_INIT_3.check +7 -0
data/lib/audit/checks/PACKAGES_INSTALLED_DPKG.check +38 -0
data/lib/audit/checks/PACKAGES_INSTALLED_YUM.check +36 -0
data/lib/audit/checks/PASSWORD_INFORMATION.check +33 -0
data/lib/audit/checks/PLATFORM_FACTS.check +35 -0
data/lib/audit/checks/PORTS_OPEN_NETSTAT.check +121 -0
data/lib/audit/checks/PROCESS_LIST.check +87 -0
data/lib/audit/checks/SLOW.group +7 -0
data/lib/audit/checks/SLOW_1.check +4 -0
data/lib/audit/checks/SLOW_2.check +4 -0
data/lib/audit/checks/SLOW_3.check +4 -0
data/lib/audit/checks/SSH.group +14 -0
data/lib/audit/checks/SSH_CONFIG_01.check +12 -0
data/lib/audit/checks/SSH_CONFIG_02.check +15 -0
data/lib/audit/checks/SSH_CONFIG_03.check +13 -0
data/lib/audit/checks/SSH_CONFIG_04.check +11 -0
data/lib/audit/checks/SSH_CONFIG_05.check +12 -0
data/lib/audit/checks/SSH_CONFIG_06.check +12 -0
data/lib/audit/checks/SSH_CONFIG_07.check +11 -0
data/lib/audit/checks/SSH_CONFIG_08.check +12 -0
data/lib/audit/checks/SSH_CONFIG_09.check +12 -0
data/lib/audit/checks/SSH_CONFIG_10.check +15 -0
data/lib/audit/checks/SSH_CONFIG_11.check +14 -0
data/lib/audit/checks/SSH_INIT_1.check +9 -0
data/lib/audit/checks/SSH_INIT_2.check +12 -0
data/lib/audit/checks/SSH_KEYS_1.check +32 -0
data/lib/audit/checks/USERS_INIT_1.check +9 -0
data/lib/audit/checks/USERS_INIT_2.check +5 -0
data/lib/audit/checks/USERS_INIT_3.check +5 -0
data/lib/audit/checks/USERS_INIT_4.check +9 -0
data/lib/audit/checks/USERS_INIT_5.check +10 -0
data/lib/audit/checks/USER_INFORMATION.check +29 -0
data/lib/audit/checks/VARIOUS.group +19 -0
data/lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check +5 -0
data/lib/audit/checks/benchmark.group +6 -0
data/lib/audit/checks/footer.template +12 -0
data/lib/audit/checks/header.template +10 -0
data/lib/audit/checks/helpers/head.sh +59 -0
data/lib/audit/checks/script_header.template +69 -0
data/lib/audit/create_benchmark.sh +93 -0
data/lib/audit/lib/audit.rb +136 -0
data/lib/audit/lib/audit_facade.rb +5 -0
data/lib/audit/lib/benchmark/audit_benchmark.rb +165 -0
data/lib/audit/lib/benchmark/automatic_dependencies.rb +13 -0
data/lib/audit/lib/benchmark/benchmark_factory.rb +23 -0
data/lib/audit/lib/benchmark/benchmark_result.rb +25 -0
data/lib/audit/lib/benchmark/check.rb +34 -0
data/lib/audit/lib/benchmark/group.rb +30 -0
data/lib/audit/lib/benchmark/item_exception.rb +13 -0
data/lib/audit/lib/benchmark/result_code.rb +11 -0
data/lib/audit/lib/benchmark/rule_result.rb +42 -0
data/lib/audit/lib/benchmark/rule_role.rb +5 -0
data/lib/audit/lib/benchmark/rule_severity.rb +13 -0
data/lib/audit/lib/benchmark/yaml_benchmark.rb +133 -0
data/lib/audit/lib/connection/ami_connection.rb +4 -0
data/lib/audit/lib/connection/connection_factory.rb +27 -0
data/lib/audit/lib/connection/ssh_connection.rb +243 -0
data/lib/audit/lib/ec2_utils.rb +245 -0
data/lib/audit/lib/http_fingerprint.rb +116 -0
data/lib/audit/lib/lazy.rb +37 -0
data/lib/audit/lib/linear_script_generator.rb +31 -0
data/lib/audit/lib/main.rb +13 -0
data/lib/audit/lib/my_option_parser.rb +106 -0
data/lib/audit/lib/nessus_new.rb +290 -0
data/lib/audit/lib/nessus_utils.rb +102 -0
data/lib/audit/lib/parser/command/abstract_command.rb +32 -0
data/lib/audit/lib/parser/command/abstract_command_result.rb +30 -0
data/lib/audit/lib/parser/command/attach_file_command.rb +63 -0
data/lib/audit/lib/parser/command/check_finished_command.rb +45 -0
data/lib/audit/lib/parser/command/cpe_name_command.rb +37 -0
data/lib/audit/lib/parser/command/data_command.rb +43 -0
data/lib/audit/lib/parser/command/listening_port_command.rb +46 -0
data/lib/audit/lib/parser/command/message_command.rb +21 -0
data/lib/audit/lib/parser/command/program_name_command.rb +42 -0
data/lib/audit/lib/parser/parse_exception.rb +2 -0
data/lib/audit/lib/parser/result_type.rb +13 -0
data/lib/audit/lib/parser/script_output_parser.rb +201 -0
data/lib/audit/lib/parser/stdout_line_buffer.rb +43 -0
data/lib/audit/lib/ssh_fingerprint.rb +220 -0
data/lib/audit/lib/ssh_fingerprint2.rb +170 -0
data/lib/audit/lib/ssh_utils.rb +292 -0
data/lib/audit/lib/transformers/web_view_transformer.rb +171 -0
data/lib/audit/lib/transformers/yaml_transformer.rb +50 -0
data/lib/audit/lib/util/random_string.rb +22 -0
data/lib/audit/lib/version.rb +7 -0
data/lib/help/ec2_helper.rb +65 -2
data/lib/help/remote_command_handler.rb +17 -0
data/lib/help/state_transition_helper.rb +8 -0
data/lib/scripts/ec2/open_port_checker.rb +112 -0
data/lib/scripts/ec2/port_range_detector.rb +0 -1
metadata +175 -16

data/lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check ADDED Viewed

@@ -0,0 +1,5 @@
+ID: VAR_LIST_HOME_DIRECTORIES
+Depends: [USERS_INIT_1, HAS_CAT, HAS_TR, HAS_CUT, HAS_SED]
+Description: Export colon-separated home directory list from /etc/passwd.
+Type: [export]
+Script: "export HOME_DIRS_LIST=$(${CAT} /etc/passwd | ${CUT} -d: -f6 | ${TR} '\n' ':' | ${SED} -e 's/:$//')"

data/lib/audit/checks/benchmark.group ADDED Viewed

@@ -0,0 +1,6 @@
+ID: BENCHMARK
+Children:
+   - APACHE2
+   - SSH
+   - LYNIS_AUTH
+   - VARIOUS

data/lib/audit/checks/footer.template ADDED Viewed

@@ -0,0 +1,12 @@
+   EXIT_CODE=$?
+   %%SCRIPT_ID%%_EXITCODE=${EXIT_CODE}
+   if [ ${EXIT_CODE} -eq 0 ]
+   then
+      script_return "pass"
+   else
+		script_return "fail"
+   fi
+else
+   %%SCRIPT_ID%%_EXITCODE=2
+   script_return "notchecked"
+fi

data/lib/audit/checks/header.template ADDED Viewed

@@ -0,0 +1,10 @@
+#################################
+### %%SCRIPT_ID%%
+#################################
+MY_SCRIPT_ID="%%SCRIPT_ID%%"
+IFS=$( printf ' \t\n+' ); IFS=${IFS%+}
+if [ 0 -eq 0 %%DEPENDS_CONDITION%% ]
+then

data/lib/audit/checks/helpers/head.sh ADDED Viewed

@@ -0,0 +1,59 @@
+#!/bin/sh
+if [ "${1##--}" = "version" ]
+then
+	echo "internal helper"
+	exit 0
+fi
+NB_LINES=${1##-}
+#test if number of lines parameter is really numerical
+NB_LINES_FILTERED=${NB_LINES##[0-9]}
+NB_LINES_FILTERED=${NB_LINES_FILTERED##[0-9]}
+NB_LINES_FILTERED=${NB_LINES_FILTERED##[0-9]}
+if [ -z "${NB_LINES_FILTERED}" ]
+then
+	shift
+else
+	NB_LINES=10
+fi
+#if 0 lines of head, simply return
+if [ "${NB_LINES}" -le 0 ]
+then
+	return 0
+fi
+# test if second parameter is given
+if [ -z "$1" ]
+then
+	INPUT_FILE=/dev/stdin
+else
+	TEMPFILE=/tmp/$$
+	mkfifo ${TEMPFILE}
+	cat "$1" > ${TEMPFILE} &
+	INPUT_FILE=${TEMPFILE}
+fi
+#read each line and count down the line counter
+while read LINE < ${INPUT_FILE}
+do
+	echo ${LINE}
+	NB_LINES=$((${NB_LINES}-1))
+	#if line counter reaches zero, it's finished
+	if [ "${NB_LINES}" -le 0 ]
+	then
+		if [ ! -z "${TEMPFILE}" ]
+		then
+			rm ${TEMPFILE}
+		fi
+		return 0
+	fi
+done
+if [ ! -z "${TEMPFILE}" ]
+then
+	rm ${TEMPFILE}
+fi

data/lib/audit/checks/script_header.template ADDED Viewed

@@ -0,0 +1,69 @@
+###################################################
+# Auditor scanning script #########################
+###################################################
+# (C) 2010 SecludIT, Jonas Zaddach ################
+###################################################
+script_raw_message() {
+	msg="%% ${MY_SCRIPT_ID}"
+	for val in "$@"
+	do
+		if [ ! val = "" ]
+		then
+			msg="${msg} %% ${val}"
+		fi
+	done
+	echo "${msg}"
+}
+script_message() {
+	script_raw_message "$1" "MESSAGE" "$2"
+}
+script_info_message() {
+	script_message "INFO" "$1"
+}
+script_warn_message() {
+	script_message "WARN" "$1"
+}
+script_error_message() {
+	script_message "ERROR" "$1"
+}
+script_return() {
+	script_raw_message "INFO" "CHECK_FINISHED" "$1"
+}
+script_program_name() {
+	script_raw_message "INFO" "PROGRAM_NAME" "$1" "$2"
+}
+script_not_found() {
+	script_raw_message "ERROR" "NOT_FOUND" "$1"
+}
+script_data() {
+	script_raw_message "INFO" "DATA" "$1" "$2"
+}
+script_debug() {
+	echo "$1" 1>&2
+}
+script_attach_file() {
+	script_raw_message "INFO" "ATTACH_FILE" "$1" "$2"
+}
+script_set_exit_code() {
+	/bin/sh -c "exit $1"
+}
+# create directory that can be used to store audit files
+AUDIT_DIRECTORY="/tmp/audit"
+rm -Rf ${AUDIT_DIRECTORY}
+mkdir -p ${AUDIT_DIRECTORY}

data/lib/audit/create_benchmark.sh ADDED Viewed

@@ -0,0 +1,93 @@
+#!/bin/bash
+BENCHMARK_FILE=$1
+ZIP_FILE=$2
+MISC_FILES="script_header.template header.template footer.template"
+REPOSIT="checks"
+if [ "${BENCHMARK_FILE}" = "" ] || [ "${ZIP_FILE}" = "" ]
+then
+	echo "USAGE: "$0" <benchmark group file> <target zip file>"
+	exit 1
+fi
+#check that identifiers are unique
+DUPLICATE_IDENTIFIERS=$( cd $REPOSIT && ls -1 *.check *.group | sed -e 's/\.[^.]*$//' | sort | uniq -d )
+if [ ! "${DUPLICATE_IDENTIFIERS}" = "" ]
+then
+	for f in $( echo ${DUPLICATE_IDENTIFIERS} )
+	do
+		echo "WARNING: There exist several files with the same identifier: $f"
+	done
+fi
+#check for identifiers that do not correspond to file names
+WRONG_IDENTIFIERS=""
+cd $REPOSIT
+for f in *.check *.group
+do
+	FILENAME_ID=$( echo $f | sed -e 's/.[^.]*$//' )
+	INTERNAL_ID=$( grep "ID:" $f | sed -e 's/^ID:\s*//' )
+	if [ ! "${FILENAME_ID}" = "${INTERNAL_ID}" ]
+	then
+		echo "WARNING: ID in file $f is different from file name"
+	fi
+done
+#if zip file exists already, delete it
+rm -f ../${ZIP_FILE}
+#build list of tests required by benchmark
+CHECKS_FIFO="${BENCHMARK_FILE%.group}"
+DONE_CHECKS=""
+while [ ! "${CHECKS_FIFO}" = "" ]
+do
+	CURRENT_CHECK=$( echo ${CHECKS_FIFO} | cut -d" " -f1 )
+	CHECKS_FIFO=$( echo ${CHECKS_FIFO} | sed -e "s/${CURRENT_CHECK}//" )
+	DONE_CHECKS="${DONE_CHECKS} ${CURRENT_CHECK}"
+	echo "adding check: ${CURRENT_CHECK}"
+	if [ -f "${CURRENT_CHECK}.group" ]
+	then
+		CHILDREN=$( ruby -r "yaml" -e "File.open('${CURRENT_CHECK}.group') {|f| x = YAML::load(f)['Children']; print x ? x.join(' ') : '' }" )
+		#add child if it is not already in benchmark
+		for f in $( echo ${CHILDREN} )
+		do
+			if ( ! echo ${CHECKS_FIFO} | grep $f 2>/dev/null 1>/dev/null ) && ( ! echo ${DONE_CHECKS} | grep $f 2>/dev/null 1>/dev/null )
+			then
+				CHECKS_FIFO="${CHECKS_FIFO} $f"
+			fi
+		done
+		zip -9 ../${ZIP_FILE} "${CURRENT_CHECK}.group" 2>/dev/null 1>/dev/null
+	elif [ -f "${CURRENT_CHECK}.check" ]
+	then
+		# get list of dependencies
+		DEPENDENCIES=$( ruby -r "yaml" -e "File.open('${CURRENT_CHECK}.check') {|f| x = YAML::load(f)['Depends']; print x ? x.join(' ') : '' }" )
+		for f in $( echo ${DEPENDENCIES} )
+		do
+			if ( ! echo ${CHECKS_FIFO} | grep $f 2>/dev/null 1>/dev/null ) && ( ! echo ${DONE_CHECKS} | grep $f 2>/dev/null 1>/dev/null )
+			then
+				CHECKS_FIFO="${CHECKS_FIFO} $f"
+			fi
+		done
+		zip -9 ../${ZIP_FILE} "${CURRENT_CHECK}.check" 2>/dev/null 1>/dev/null
+	else
+		echo "WARNING: Unsatisfied dependency: ${CURRENT_CHECK}"
+	fi
+done
+for f in $( echo ${MISC_FILES} )
+do
+	echo "adding file: $f"
+	zip -9 ../${ZIP_FILE} $f 2>/dev/null 1>/dev/null
+done
+cd -

data/lib/audit/lib/audit.rb ADDED Viewed

@@ -0,0 +1,136 @@
+require 'logger'
+require 'connection/connection_factory'
+require 'benchmark/benchmark_factory'
+require 'linear_script_generator'
+require 'parser/script_output_parser'
+require 'util/random_string'
+require 'benchmark/benchmark_result'
+require 'lazy'
+class Audit
+	attr_reader :benchmark
+	attr_reader :connection
+	attr_reader :start_time
+	attr_reader :end_time
+	attr_reader :results
+	attr_reader :exceptions
+	# Create a new audit.
+	# The audit will be initialized, but not started.
+	# * <em>benchmark</em> is a path string that points to the benchmark file
+	#   that should be used for the audit.
+	# * <em>attachment_dir</em> is a path string that points to the directory where incoming
+	#   files will be saved (that directory needs to be writable). If a null value
+	#   is passed, ATTACH_FILE requests will be ignored and no files will be saved.
+	# * <em>connection_type</em> is a symbol for the connection type that will be used.
+	#   Anything that can be given to the ConnectionFactory (connection/ConnectionFactory::create)
+	#   is valid (:ssh, ...)
+	# * <em>connection_params</em> is a dictionary of connection parameters that are
+	#   specific to the connection type chosen with <em>connection_type</em>. See the
+	#   ConnectionFactory class for more datails.
+	# * <em>logger</em> is an optional logger that the debug output is logged to
+	def initialize(options)
+		raise "Option :benchmark is required" unless options[:benchmark]
+#		raise "Option :attachment_dir is required" unless options[:attachment_dir]
+		raise "Option :connection_type is required" unless options[:connection_type]
+		raise "Option :connection_params is required" unless options[:connection_params]
+		if options[:logger] then
+			@logger = options[:logger]
+		else
+			@logger = Logger.new(STDOUT)
+		end
+		@benchmark = BenchmarkFactory.new(:logger => @logger).load(:benchmark => options[:benchmark])
+		@connection = ConnectionFactory.new(:logger => @logger).create(:connection_type => options[:connection_type],
+		                                                               :connection_params => options[:connection_params])
+		@results = {}
+		@exceptions = []
+		@attachment_dir = options[:attachment_dir]
+	end
+	def start(parallel = true)
+		@start_time = Time.now.utc
+		launch_audit = Proc.new do
+			remote_script_path = "/tmp/" + RandomString::generate() + ".sh"
+			script = LinearScriptGenerator.generate(@benchmark)
+			@connection.open() do|conn|
+				conn.write_to_remote_file(script, remote_script_path)
+				@response_parser = ScriptOutputParser.new(:benchmark => @benchmark,
+				                                          :connection => conn,
+				                                          :attachment_dir => @attachment_dir,
+				                                          :logger => @logger)
+				@response_parser.on_check_completed() do|rule_result|
+					@results[rule_result.rule_idref] = rule_result
+					@check_completed_handler.call(rule_result) unless @check_completed_handler.nil?
+				end
+				@response_parser.on_finished() do|benchmark, rule_results|
+					@end_time = Time.now.utc
+					@finished_handler.call(benchmark, rule_results) unless @finished_handler.nil?
+				end
+				conn.exec("/bin/sh " + remote_script_path)
+			end
+		end
+		if (parallel) then
+			begin
+				Thread.new {launch_audit.call}
+			rescue Exception => ex
+				exceptions << ex
+				@logger.error {"Exception type: #{ex.class.name}"}
+				@logger.error {"=== stack trace of exception #{ex.message}"}
+				ex.backtrace.each do|line|
+					@logger.error {line}
+				end
+				@logger.error {"=== end stack trace"}
+			end
+		else
+			launch_audit.call
+		end
+		return self
+	end
+	def on_check_completed(&block)
+		@check_completed_handler = block
+	end
+	def on_finished(&block)
+		@finished_handler = block
+	end
+	def progress()
+		return ((@response_parser.progress() unless @response_parser.nil?) or 0.0)
+	end
+	def abort()
+		@connection.abort() if @connection
+	end
+	def finished?()
+		return !end_time.nil?
+	end
+	def name()
+		return (@benchmark.name || @benchmark.id)  + "#" + @connection.to_s() + (@start_time ? "#" + @start_time.to_s() : "")
+	end
+	def remaining_time()
+		return @benchmark.duration() if @response_parser.nil?
+		return @response_parser.remaining_time()
+	end
+	def to_hash()
+		return {
+			:type => :AUDIT,
+			:start_time => @start_time,
+			:end_time => @end_time,
+			:connection => @connection.to_hash(),
+			:benchmark => @benchmark.to_hash(),
+			:results => Lazy.new(@results.values(), :map) {|x| Lazy.new(x, :to_hash)}
+		}
+	end
+end

data/lib/audit/lib/audit_facade.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AuditFacade
+  def start_audit(parameters, &block)
+    return Audit.new(parameters, block).start
+  end
+end

data/lib/audit/lib/benchmark/audit_benchmark.rb ADDED Viewed

@@ -0,0 +1,165 @@
+require 'benchmark/check'
+require 'benchmark/item_exception'
+require 'lazy'
+class AuditBenchmark
+	attr_reader :item_repository
+	def execution_order()
+		# resolve dependencies between checks based on the depends-tag of the checks.
+		# In a first pass, all dependencies are discovered iteratively popping checks
+		# from a queue of checks with unresolved dependencies, pushing them onto a resolved
+		# queue and pushing the check's dependencies onto the unresolved queue if they
+		# are not yet in the resolved or unresolved queue. Also, the reversed dependencies
+		# (which check is needed by which) are stored for the second pass.
+		#
+		# In a second pass, starting from checks which do not depend on any other checks,
+		# all checks are labelled with the dependency level they're in. Checks without dependencies
+		# have dependency level 0, checks which rely on checks from level 0 have level 1,
+		# and so on. This is not the optimal solution for the problem ... but I have forgot why,
+		# so figure this out yourself.
+		#
+		# You might wonder why I don't do dependency tracking with the Imports and Exports
+		# declarations: If there are two scripts which provide a variable (alternatives),
+		# it is very easy to write a mediating script, which chooses one of the provider scripts,
+		# and then can be depended on, but it is very hard to do the resolution based on
+		# imports and exports. So imagine this like the linker, which uses library/object
+		# names to include dependencies, but still checks that all symbols are resolved
+		# correctly (TODO: Add a check that all Imports are satisfied by Exports)
+		#find all dependencies
+		items = @children.dup
+		unresolved = []
+		while not items.empty?
+			item = items.shift
+			if item.class == Group
+				item.children.each do|x|
+					items << x unless items.include? x or unresolved.include? x
+				end
+			elsif item.class == Check
+				unresolved << item
+			end
+		end
+		resolved = []
+		dependency_root = []
+		reversed_dependencies = {}
+		iterations = 0
+		while !unresolved.empty? and iterations < @item_repository.length
+			cur = unresolved.shift
+			dependency_root.push(cur) if cur.dependencies.empty? and not dependency_root.include? cur
+			cur.dependencies.each do|dep|
+				unresolved.push dep unless unresolved.include? dep or resolved.include? dep
+				reversed_dependencies[dep] = [] if reversed_dependencies[dep].nil?
+				reversed_dependencies[dep] << cur
+			end
+		end
+		untagged = []
+		tagged = []
+		dependency_root.each {|x| untagged.push(x)}
+		untagged.push(:NEXT_LEVEL)
+		level = 0
+		while untagged.length > 1
+			cur = untagged.shift
+			if cur == :NEXT_LEVEL then
+				level = level + 1
+				untagged.push(:NEXT_LEVEL)
+				next
+			end
+			tag = tagged.select {|x| x[:check] == cur}
+			if tag.empty? then
+				tagged << {:level => level, :check => cur}
+			else
+				raise "multiple tags for check #{cur.id} found" if tag.length != 1
+				tag[0][:level] = level
+			end
+			unless reversed_dependencies[cur].nil? then
+				reversed_dependencies[cur].each {|x| untagged.push(x)}
+			end
+		end
+		retval = []
+		(0 .. level).each {|i| retval.push(tagged.select {|x| x[:level] == i}.map {|x| x[:check]})}
+		return retval
+	end
+	def element(name)
+		@elements = {} unless @elements
+		@elements[name] = element_impl(name) unless @elements[name]
+		return @elements[name]
+	end
+  def rules()
+    untraversed = @children.dup
+    rules = []
+    while untraversed.length > 0
+      item = untraversed.shift
+      if item.kind_of? Group then
+        untraversed = untraversed + item.children
+      elsif item.kind_of? Check then
+        rules << item
+      end
+    end
+    return rules.uniq
+  end
+  def dependencies()
+    return (rules().map {|x| x.dependencies }.flatten()).uniq
+  end
+  def automatic_dependencies()
+    return dependencies() - rules()
+  end
+#  def checks()
+#    checks = []
+#    not_traversed = @children.dup
+#
+#    while !not_traversed.empty? do
+#      item = not_traversed.shift
+#
+#      if (item.class == Group) then
+#        item.children.each do |child|
+#          not_traversed << child unless not_traversed.include? child
+#        end
+#      elsif item.class == Check then
+#        checks << item
+#        item.dependencies.each do |dep|
+#          not_traversed << dep unless not_traversed.include? dep
+#        end
+#      end
+#    end
+#
+#    return checks
+#  end
+  def duration()
+    execution_order().flatten().each().inject(0) {|result, element| result + element.duration}
+  end
+  def to_hash()
+    return {
+      :type => :BENCHMARK,
+      :id => @id,
+      :name => @name,
+      :description => @description,
+      :children => Lazy.new(Lazy.new(@children, :reject) {|x| !x.in_report?}, :map) {|child| Lazy.new(child, :to_hash)}
+    }
+  end
+end