qualys 0.1.4 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ac602898aecbc4ee66fe92c1bcb23cebe9bf745c
-  data.tar.gz: 57bb46bc7f9f685085252481c6beb1190446775a
+  metadata.gz: 7d239fdef1e63e56d32021e4a56638200fcb71fb
+  data.tar.gz: 8943a665c47520cb349caf0c3d92d2931abf41fe
 SHA512:
-  metadata.gz: ce3ecaaa399130b1d9b4d38b8321401b510f2cd729062dcc50758255b379be3097f3945335ca0d7fb8d2eb70801c320c7f5b3c5fe49e5f0be0be6126159c107b
-  data.tar.gz: 06c36c291e5aa06c2d0ba59581af9dcd1c229be65da84ce07dc1ccfade804668202e75fec8e044e216ca8a5c5b1d2c008ce408cda75bc7ad03ff00bd9c60afd6
+  metadata.gz: d646857008c5095b373aa90216ffc03ef5ba1459e3e0ef65cdf12834a2b3aced1dccc08d6d12b14e8181572dcbb5c305434c316ad18004ac876b11d37fa5cca3
+  data.tar.gz: 9364b0a37083e4da14da213a5e3de308bbc0e2c20059e327db5bbafcd478a370d1e381ba1d1b349a0fe85075d4722dfa269cd7f6a758e18766e4dcac562e5cec

data/.gitignore

@@ -1,5 +1,6 @@
 /.bundle/
 /vendor/
-Gemfile.lock
 *.gem
-/config/qualys.yaml
+/config/qualys.yaml
+.idea
+coverage

data/.rubocop.yml

@@ -0,0 +1,7 @@
+inherit_from: .rubocop_todo.yml
+
+AllCops:
+  TargetRubyVersion: 2.3
+
+Metrics/BlockLength:
+  ExcludedMethods: ['describe', 'context']

data/.rubocop_todo.yml

@@ -0,0 +1,71 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2017-12-06 13:40:31 +0100 using RuboCop version 0.51.0.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 2
+Metrics/AbcSize:
+  Max: 21
+
+# Offense count: 13
+# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Metrics/LineLength:
+  Max: 126
+
+# Offense count: 2
+# Configuration parameters: CountComments.
+Metrics/MethodLength:
+  Max: 12
+
+# Offense count: 10
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'
+    - 'lib/qualys.rb'
+    - 'lib/qualys/api.rb'
+    - 'lib/qualys/auth.rb'
+    - 'lib/qualys/compliance.rb'
+    - 'lib/qualys/config.rb'
+    - 'lib/qualys/report.rb'
+    - 'lib/qualys/scans.rb'
+
+# Offense count: 13
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: when_needed, always, never
+Style/FrozenStringLiteralComment:
+  Exclude:
+    - 'Gemfile'
+    - 'Rakefile'
+    - 'lib/qualys.rb'
+    - 'lib/qualys/api.rb'
+    - 'lib/qualys/auth.rb'
+    - 'lib/qualys/compliance.rb'
+    - 'lib/qualys/config.rb'
+    - 'lib/qualys/reports.rb'
+    - 'lib/qualys/scans.rb'
+    - 'lib/qualys/version.rb'
+    - 'qualys.gemspec'
+    - 'spec/qualys_spec.rb'
+    - 'spec/spec_helper.rb'
+
+# Offense count: 4
+# Configuration parameters: MinBodyLength.
+Style/GuardClause:
+  Exclude:
+    - 'lib/qualys/api.rb'
+    - 'lib/qualys/config.rb'
+    - 'lib/qualys/reports.rb'
+
+# Offense count: 2
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: module_function, extend_self
+Style/ModuleFunction:
+  Exclude:
+    - 'lib/qualys.rb'
+    - 'lib/qualys/config.rb'

data/.travis.yml

@@ -1 +1,13 @@
-language: ruby
+language: ruby
+sudo: false
+cache: bundler
+rvm:
+  - 2.3.4
+  - 2.4.1
+
+script:
+  - bundle exec rubocop -F --fail-level C -f s
+  - bundle exec rspec spec
+
+notifications:
+  email: false

data/Gemfile

@@ -1,3 +1,5 @@
 source 'https://rubygems.org'
 
-gemspec
+gemspec
+
+gem 'coveralls', require: false

data/Gemfile.lock

@@ -0,0 +1,91 @@
+PATH
+  remote: .
+  specs:
+    qualys (0.1.5)
+      erubis
+      httparty (~> 0.15)
+      json
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    ast (2.3.0)
+    coveralls (0.8.21)
+      json (>= 1.8, < 3)
+      simplecov (~> 0.14.1)
+      term-ansicolor (~> 1.3)
+      thor (~> 0.19.4)
+      tins (~> 1.6)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    diff-lcs (1.3)
+    docile (1.1.5)
+    erubis (2.7.0)
+    hashdiff (0.3.7)
+    httparty (0.15.6)
+      multi_xml (>= 0.5.2)
+    json (2.1.0)
+    multi_xml (0.6.0)
+    parallel (1.12.0)
+    parser (2.4.0.2)
+      ast (~> 2.3)
+    powerpack (0.1.1)
+    public_suffix (3.0.1)
+    rainbow (2.2.2)
+      rake
+    rake (12.3.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    rubocop (0.51.0)
+      parallel (~> 1.10)
+      parser (>= 2.3.3.1, < 3.0)
+      powerpack (~> 0.1)
+      rainbow (>= 2.2.2, < 3.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.0, >= 1.0.1)
+    ruby-progressbar (1.9.0)
+    safe_yaml (1.0.4)
+    simplecov (0.14.1)
+      docile (~> 1.1.0)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.2)
+    term-ansicolor (1.6.0)
+      tins (~> 1.0)
+    thor (0.19.4)
+    tins (1.16.1)
+    unicode-display_width (1.3.0)
+    vcr (4.0.0)
+    webmock (3.1.1)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler
+  coveralls
+  qualys!
+  rake
+  rspec
+  rubocop
+  vcr
+  webmock
+
+BUNDLED WITH
+   1.16.0

data/README.md

@@ -1,11 +1,9 @@
-# Ruby Qualys API v2
-A Ruby extension for interfacing with Qualys v2 API.
+[![Build Status](https://travis-ci.org/Cyberwatch/ruby-qualys.svg?branch=master)](https://travis-ci.org/Cyberwatch/ruby-qualys)
+[![Coverage Status](https://coveralls.io/repos/github/Cyberwatch/ruby-qualys/badge.svg?branch=master)](https://coveralls.io/github/Cyberwatch/ruby-qualys?branch=master)
 
-[![](http://ruby-gem-downloads-badge.herokuapp.com/qualys?type=total)](https://rubygems.org/gems/qualys)
-
-[![Dependency Status](https://gemnasium.com/mikemackintosh/ruby-qualys.svg)](https://gemnasium.com/mikemackintosh/ruby-qualys)
+# Ruby Qualys API v2
 
-[![Gem Version](https://badge.fury.io/rb/qualys.svg)](https://rubygems.org/gems/qualys)
+A Ruby extension for interfacing with Qualys v2 API.
 
 ### Introduction
 
@@ -13,11 +11,13 @@ I had the need to pull stats and details from Qualys automatically to collect an
 
 ## Installation
 
-Like any other gem:
+Add this line to your application's Gemfile:
 
-```shell
-gem install qualys
-```
+    gem 'ruby-qualys', git: 'https://github.com/Cyberwatch/ruby-qualys.git'
+
+And then execute:
+
+    $ bundle
 
 ## Usage
 
@@ -72,7 +72,47 @@ If your URL differs from the default, set it using:
 ```ruby
 Qualys::Api.base_uri = OTHER_PRODUCTION_ENDPOINT
 ```
+### Getting vulnerabilities
+
+You can load all vulnerability detected by qualys so far for the logged user
+Here an example printing some information on the vulnerabilities for two hosts :
 
+```ruby
+Qualys::Reports.global_report.hosts.each{ |host|
+  p "ip:#{ host.ip }"
+  p "vulns : (#{ host.vulnerabilities.count })"
+  host.vulnerabilities.each{ |vuln|
+    p vuln.to_s
+  }
+}
+```
+
+Output :
+```
+"ip:12.34.156.89"
+"vulns : (16)"
+"qid_38173, SSL Certificate - Signature Verification Failed Vulnerability, severity : 2, cves: no cve"
+"qid_38685, SSL Certificate - Invalid Maximum Validity Date Detected, severity : 2, cves: no cve"
+"qid_38169, SSL Certificate - Self-Signed Certificate, severity : 2, cves: no cve"
+"qid_38170, SSL Certificate - Subject Common Name Does Not Match Server FQDN, severity : 2, cves: no cve"
+"qid_38628, SSL/TLS Server supports TLSv1.0, severity : 3, cves: no cve"
+"qid_38601, SSL/TLS use of weak RC4 cipher, severity : 3, cves: CVE-2013-2566, CVE-2015-2808"
+"qid_38140, SSL Server Supports Weak Encryption Vulnerability, severity : 3, cves: no cve"
+"qid_38142, SSL Server Allows Anonymous Authentication Vulnerability, severity : 4, cves: no cve"
+"qid_38657, Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32), severity : 3, cves: CVE-2016-2183"
+"qid_38606, SSL Server Has SSLv3 Enabled Vulnerability, severity : 3, cves: no cve"
+"qid_82003, ICMP Timestamp Request, severity : 1, cves: CVE-1999-0524"
+"qid_38603, SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE), severity : 3, cves: CVE-2014-3566"
+"qid_11827, HTTP Security Header Not Detected, severity : 2, cves: no cve"
+"qid_11827, HTTP Security Header Not Detected, severity : 2, cves: no cve"
+"qid_38628, SSL/TLS Server supports TLSv1.0, severity : 3, cves: no cve"
+"qid_38657, Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32), severity : 3, cves: CVE-2016-2183"
+"ip:10.34.156.89"
+"vulns : (3)"
+"qid_11827, HTTP Security Header Not Detected, severity : 2, cves: no cve"
+"qid_11827, HTTP Security Header Not Detected, severity : 2, cves: no cve"
+"qid_38628, SSL/TLS Server supports TLSv1.0, severity : 3, cves: no cve"
+```
 
 ## References
 

data/Rakefile

@@ -1,9 +1,8 @@
-#encoding: utf-8 
-require "bundler/gem_tasks"
+require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
 require 'rubocop/rake_task'
 
-task :default => :test
+task default: :test
 
 RSpec::Core::RakeTask.new do |spec|
   spec.verbose = false
@@ -24,4 +23,4 @@ RuboCop::RakeTask.new(:rubocop) do |task|
   task.formatters = ['progress']
   # don't abort rake on failure
   task.fail_on_error = false
-end
+end

data/lib/qualys.rb

@@ -10,23 +10,22 @@ require 'qualys/auth'
 
 require 'qualys/scans'
 require 'qualys/compliance'
-require 'qualys/reports'
+require 'qualys/report'
 
+require 'qualys/host'
+require 'qualys/vulnerability'
 
 module Qualys
-
   extend self
 
   def configure
     block_given? ? yield(Config) : Config
-    %w(username password).each do |key|
-      if Qualys::Config.instance_variable_get("@#{key}").nil?
-        raise Qualys::Config::RequiredOptionMissing,
-          "Configuration parameter missing: '#{key}'. " +
-          "Please add it to the Qualys.configure block"
-      end
+    %w[username password].each do |key|
+      next unless Qualys::Config.instance_variable_get("@#{key}").nil?
+      raise Qualys::Config::RequiredOptionMissing,
+            "Configuration parameter missing: '#{key}'. " \
+            'Please add it to the Qualys.configure block'
     end
   end
-  alias_method :config, :configure
-
-end
+  alias config configure
+end

data/lib/qualys/api.rb

@@ -1,71 +1,62 @@
 module Qualys
   class Api
-
     class InvalidResponse < RuntimeError; end
     class AuthorizationRequired < RuntimeError; end
     class Exception < RuntimeError; end
 
     # Set the current production endpoint
-    PRODUCTION_ENDPOINT = 'https://qualysapi.qualys.com/api/2.0/fo/'
+    PRODUCTION_ENDPOINT = 'https://qualysapi.qualys.com/api/2.0/fo/'.freeze
 
     # Set HTTParty defaults
     HTTParty::Basement.default_options.update(base_uri: PRODUCTION_ENDPOINT)
     HTTParty::Basement.default_options.update(headers: {
-        "X-Requested-With" => "Qualys Ruby Client v#{Qualys::VERSION}"
-      })
-
-    #
-    #
-    def self.api_get(url, options={})
+                                                'X-Requested-With' => "Qualys Ruby Client v#{Qualys::VERSION}"
+                                              })
 
-      unless Qualys::Config.session_key.nil?
-        HTTParty::Basement.default_cookies.add_cookies(Qualys::Config.session_key)
-      end
+    class << self
+      def api_get(url, options = {})
+        HTTParty::Basement.default_cookies.add_cookies(Qualys::Config.session_key) unless Qualys::Config.session_key.nil?
 
-      # Send Request
-      response = HTTParty.get(url, options)
+        # Send Request
+        response = HTTParty.get(url, options)
 
-      # Check if you need to be authorized
-      if response.code.eql?(401)
-        raise Qualys::Api::AuthorizationRequired, "Please Login Before Communicating With The API"
-      elsif response.code.eql?(403)
-        raise Qualys::Api::Exception, response.parsed_response['SIMPLE_RETURN']['RESPONSE']['TEXT']      
-      elsif !response.code.eql?(200)
-        raise Qualys::Api::InvalidResponse, "Invalid Response Received"
+        # Check if you need to be authorized
+        check_response(response)
+        # return the response
+        response
       end
 
-      # return the response
-      response
-    end
+      #
+      #
+      def api_post(url, options = {})
+        HTTParty::Basement.default_cookies.add_cookies(Qualys::Config.session_key) unless Qualys::Config.session_key.nil?
 
-    #
-    #
-    def self.api_post(url, options={})
-      
-      unless Qualys::Config.session_key.nil?
-        HTTParty::Basement.default_cookies.add_cookies(Qualys::Config.session_key)
-      end
+        # Send Request
+        response = HTTParty.post(url, options)
 
-      # Send Request
-      response = HTTParty.post(url, options)
+        # Check if you need to be authorized
+        check_response(response)
+        # return the response
+        response
+      end
 
-      # Check if you need to be authorized
-      if response.code.eql?(401)
-        raise Qualys::Api::AuthorizationRequired, "Please Configure A Username and Password Before Communicating With The API"
-      elsif response.code.eql?(403)
-        raise Qualys::Api::Exception, response.parsed_response['SIMPLE_RETURN']['RESPONSE']['TEXT']      
-      elsif response.code.eql?(500)
-        raise Qualys::Api::InvalidResponse, "Invalid Response Received"
+      #
+      # Sets the base URI.
+      def base_uri=(base_uri)
+        HTTParty::Basement.default_options.update(base_uri: base_uri)
       end
 
-      # return the response
-      response
-    end
+      private
 
-    #
-    # Sets the base URI.
-    def self.base_uri=(base_uri)
-      HTTParty::Basement.default_options.update(base_uri: base_uri)
+      def check_response(response)
+        code = response.code
+        raise(Qualys::Api::AuthorizationRequired, 'Please Login Before Communicating With The API') if code.eql?(401)
+        raise(Qualys::Api::Exception, response.parsed_response['SIMPLE_RETURN']['RESPONSE']['TEXT']) if code.eql?(403)
+        unless code.eql?(200)
+          raise(Qualys::Api::InvalidResponse, 'Invalid Response Received' + response.code.to_s + ' ' +
+              response.request.last_uri.to_s)
+        end
+      end
     end
   end
-end
+end