PyPI - os-normalizer - Versions diffs - 0.3.2__py3-none-any.whl - Mend

os-normalizer 0.3.2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of os-normalizer might be problematic. Click here for more details.

Files changed (22) hide show

os_normalizer/__init__.py +10 -0
os_normalizer/constants.py +87 -0
os_normalizer/cpe.py +265 -0
os_normalizer/helpers.py +107 -0
os_normalizer/models.py +159 -0
os_normalizer/os_normalizer.py +313 -0
os_normalizer/parsers/__init__.py +16 -0
os_normalizer/parsers/bsd.py +69 -0
os_normalizer/parsers/linux.py +121 -0
os_normalizer/parsers/macos.py +111 -0
os_normalizer/parsers/mobile.py +37 -0
os_normalizer/parsers/network/__init__.py +61 -0
os_normalizer/parsers/network/cisco.py +96 -0
os_normalizer/parsers/network/fortinet.py +56 -0
os_normalizer/parsers/network/huawei.py +38 -0
os_normalizer/parsers/network/juniper.py +42 -0
os_normalizer/parsers/network/netgear.py +41 -0
os_normalizer/parsers/windows.py +197 -0
os_normalizer-0.3.2.dist-info/METADATA +172 -0
os_normalizer-0.3.2.dist-info/RECORD +22 -0
os_normalizer-0.3.2.dist-info/WHEEL +4 -0
os_normalizer-0.3.2.dist-info/licenses/LICENSE +21 -0

os_normalizer/parsers/network/__init__.py ADDED Viewed

@@ -0,0 +1,61 @@
+"""Vendor-specific network OS parsers.
+Each module exposes a vendor detection regex (or set) and a `parse_*`
+function that mutates and returns an OSData instance.
+"""
+from .cisco import (
+    CISCO_IOS_RE,
+    CISCO_IOS_XE_RE,
+    CISCO_NXOS_RE,
+    parse_cisco,
+)
+from .juniper import JUNOS_RE, parse_juniper
+from .fortinet import FORTI_RE, parse_fortinet
+from .huawei import HUAWEI_RE, parse_huawei
+from .netgear import NETGEAR_RE, parse_netgear
+from os_normalizer.models import OSData
+__all__ = [
+    # Cisco
+    "CISCO_IOS_RE",
+    "CISCO_IOS_XE_RE",
+    "CISCO_NXOS_RE",
+    "parse_cisco",
+    # Juniper
+    "JUNOS_RE",
+    "parse_juniper",
+    # Fortinet
+    "FORTI_RE",
+    "parse_fortinet",
+    # Huawei
+    "HUAWEI_RE",
+    "parse_huawei",
+    # Netgear
+    "NETGEAR_RE",
+    "parse_netgear",
+    # Orchestrator
+    "parse_network",
+]
+def parse_network(text: str, data: dict | None, p: OSData) -> OSData:
+    """Detect vendor and delegate to the correct parser."""
+    tl = text.lower()
+    if "cisco" in tl or CISCO_IOS_XE_RE.search(text) or CISCO_IOS_RE.search(text) or CISCO_NXOS_RE.search(text):
+        return parse_cisco(text, p)
+    if JUNOS_RE.search(text):
+        return parse_juniper(text, p)
+    if FORTI_RE.search(text):
+        return parse_fortinet(text, p)
+    if HUAWEI_RE.search(text):
+        return parse_huawei(text, p)
+    if NETGEAR_RE.search(text):
+        return parse_netgear(text, p)
+    # Unknown network vendor; keep coarse
+    p.vendor = p.vendor or "Unknown-Network"
+    p.product = p.product or "Network OS"
+    p.precision = "family"
+    return p

os_normalizer/parsers/network/cisco.py ADDED Viewed

@@ -0,0 +1,96 @@
+"""Cisco network OS parsing (IOS, IOS XE, NX-OS)."""
+import re
+from os_normalizer.helpers import update_confidence
+from os_normalizer.models import OSData
+# Detection and parsing regex
+CISCO_IOS_XE_RE = re.compile(r"(ios[\s-]?xe)", re.IGNORECASE)
+CISCO_IOS_RE = re.compile(r"\bios(?!\s?xe)\b", re.IGNORECASE)
+CISCO_NXOS_RE = re.compile(r"\bnx-?os\b|\bNexus Operating System\b", re.IGNORECASE)
+CISCO_VERSION_RE = re.compile(
+    r"\bVersion\s+([0-9]+\.[0-9.()a-zA-Z]+)\b|\bnxos\.(\d+\.\d+(?:\.\d+|\(\d+\)))",
+    re.IGNORECASE,
+)
+CISCO_IMAGE_RE = re.compile(r"\b([a-z0-9][a-z0-9_.-]+\.bin)\b", re.IGNORECASE)
+CISCO_MODEL_RE = re.compile(
+    r"\b(N9K-[A-Z0-9-]+|C\d{3,4}[\w-]+|ASR\d{3,4}[\w-]*|ISR\d{3,4}[\w/-]*|Catalyst\s?\d{3,4}[\w-]*)\b",
+    re.IGNORECASE,
+)
+CISCO_EDITION_RE = re.compile(
+    r"\b(universalk9|ipbase|adv(ip)?services|metroipaccess|securityk9|datak9)\b",
+    re.IGNORECASE,
+)
+def parse_cisco(text: str, p: OSData) -> OSData:
+    p.vendor = "Cisco"
+    p.family = p.family or "network-os"
+    # Detect product line
+    if CISCO_IOS_XE_RE.search(text):
+        p.product, p.kernel_name = "IOS XE", "ios-xe"
+    elif CISCO_NXOS_RE.search(text):
+        p.product, p.kernel_name = "NX-OS", "nx-os"
+    elif CISCO_IOS_RE.search(text):
+        p.product, p.kernel_name = "IOS", "ios"
+    else:
+        p.product = p.product or "Cisco OS"
+    # Version (Version X or nxos.X from text)
+    vm = CISCO_VERSION_RE.search(text)
+    if vm:
+        ver = vm.group(1) or vm.group(2)
+        if ver:
+            p.evidence["version_raw"] = ver
+            num = re.findall(r"\d+", ver)
+            if len(num) >= 1:
+                p.version_major = int(num[0])
+            if len(num) >= 2:
+                p.version_minor = int(num[1])
+            if len(num) >= 3:
+                p.version_patch = int(num[2])
+            p.version_build = ver
+            p.precision = (
+                "patch" if p.version_patch is not None else ("minor" if p.version_minor is not None else "major")
+            )
+    # Image filename
+    img = CISCO_IMAGE_RE.search(text)
+    if img:
+        p.build_id = img.group(1)
+        p.precision = "build"
+    # If NX-OS and only got version via filename, parse nxos.A.B.C.bin
+    if not p.version_major and p.build_id:
+        m = re.search(r"nxos\.(\d+)\.(\d+)\.(\d+)", p.build_id, re.IGNORECASE)
+        if m:
+            p.version_major = int(m.group(1))
+            p.version_minor = int(m.group(2))
+            p.version_patch = int(m.group(3))
+            p.version_build = f"{p.version_major}.{p.version_minor}.{p.version_patch}"
+            p.precision = "patch"
+    # Model
+    mm = CISCO_MODEL_RE.search(text)
+    if mm:
+        p.hw_model = mm.group(1)
+    # Edition (universalk9/ipbase)
+    fl = CISCO_EDITION_RE.search(text)
+    if fl:
+        p.edition = fl.group(1).lower()
+    # Train codename
+    from os_normalizer.constants import CISCO_TRAIN_NAMES
+    tl = text.lower()
+    for train in CISCO_TRAIN_NAMES:
+        if train.lower() in tl:
+            p.codename = train
+            break
+    # Boost confidence based on precision
+    update_confidence(p, p.precision if p.precision in ("build", "patch") else "minor")
+    return p

os_normalizer/parsers/network/fortinet.py ADDED Viewed

@@ -0,0 +1,56 @@
+"""Fortinet FortiOS parsing."""
+import re
+from os_normalizer.helpers import update_confidence
+from os_normalizer.models import OSData
+FORTI_RE = re.compile(r"\bforti(os|gate)\b", re.IGNORECASE)
+FORTI_VER_RE = re.compile(r"\bv?(\d+\.\d+(?:\.\d+)?)\b", re.IGNORECASE)
+FORTI_BUILD_RE = re.compile(r"\bbuild\s?(\d{3,5})\b", re.IGNORECASE)
+FORTI_IMG_RE = re.compile(r"\b(FGT_[0-9.]+-build\d{3,5})\b", re.IGNORECASE)
+FORTI_MODEL_RE = re.compile(r"\b(FortiGate-?\d+[A-Z]?|FG-\d+[A-Z]?)\b", re.IGNORECASE)
+FORTI_CHANNEL_RE = re.compile(r"\((GA|Patch|Beta)\)", re.IGNORECASE)
+def parse_fortinet(text: str, p: OSData) -> OSData:
+    p.vendor = "Fortinet"
+    p.product = "FortiOS"
+    p.family = p.family or "network-os"
+    p.kernel_name = "fortios"
+    ver = FORTI_VER_RE.search(text)
+    if ver:
+        v = ver.group(1)
+        nums = re.findall(r"\d+", v)
+        if nums:
+            p.version_major = int(nums[0])
+        if len(nums) >= 2:
+            p.version_minor = int(nums[1])
+        if len(nums) >= 3:
+            p.version_patch = int(nums[2])
+        p.version_build = v
+        p.precision = (
+            "patch" if p.version_patch is not None else ("minor" if p.version_minor is not None else "major")
+        )
+    bld = FORTI_BUILD_RE.search(text)
+    if bld:
+        p.version_build = (p.version_build or "") + f"+build.{bld.group(1)}"
+        p.precision = "build"
+    img = FORTI_IMG_RE.search(text)
+    if img:
+        p.build_id = img.group(1)
+        p.precision = "build"
+    mdl = FORTI_MODEL_RE.search(text)
+    if mdl:
+        p.hw_model = mdl.group(1).replace("FortiGate-", "FG-")
+    ch = FORTI_CHANNEL_RE.search(text)
+    if ch:
+        p.channel = ch.group(1).upper()
+    update_confidence(p, p.precision if p.precision in ("build", "patch") else "minor")
+    return p

os_normalizer/parsers/network/huawei.py ADDED Viewed

@@ -0,0 +1,38 @@
+"""Huawei VRP parsing."""
+import re
+from os_normalizer.helpers import update_confidence
+from os_normalizer.models import OSData
+HUAWEI_RE = re.compile(r"\bhuawei\b|\bvrp\b", re.IGNORECASE)
+HUAWEI_VER_RE = re.compile(r"\bV(\d{3})R(\d{3})C(\d+)(SPC\d+)?\b", re.IGNORECASE)
+HUAWEI_RAWVER_RE = re.compile(r"\bV\d{3}R\d{3}C\d+(?:SPC\d+)?\b", re.IGNORECASE)
+HUAWEI_MODEL_RE = re.compile(r"\b(S\d{4}-\d{2}[A-Z-]+|CE\d{4}[A-Z-]*|AR\d{3,4}[A-Z-]*)\b", re.IGNORECASE)
+def parse_huawei(text: str, p: OSData) -> OSData:
+    p.vendor = "Huawei"
+    p.product = "VRP"
+    p.family = p.family or "network-os"
+    p.kernel_name = "vrp"
+    raw = HUAWEI_RAWVER_RE.search(text)
+    if raw:
+        p.version_build = raw.group(0)
+    vm = HUAWEI_VER_RE.search(text)
+    if vm:
+        maj, r, _c = vm.group(1), vm.group(2), vm.group(3)
+        p.version_major = int(maj)
+        p.version_minor = int(r)
+        p.precision = "minor"
+    mdl = HUAWEI_MODEL_RE.search(text)
+    if mdl:
+        p.hw_model = mdl.group(1)
+    p.build_id = p.version_build or p.build_id
+    update_confidence(p, p.precision if p.precision in ("minor", "build") else "major")
+    return p

os_normalizer/parsers/network/juniper.py ADDED Viewed

@@ -0,0 +1,42 @@
+"""Juniper Junos parsing."""
+import re
+from os_normalizer.helpers import update_confidence
+from os_normalizer.models import OSData
+JUNOS_RE = re.compile(r"\bjunos\b", re.IGNORECASE)
+JUNOS_VER_RE = re.compile(r"\b(\d{1,2}\.\d{1,2}R\d+(?:-\w+\d+)?)\b", re.IGNORECASE)
+JUNOS_PKG_RE = re.compile(r"\b(jinstall-[a-z0-9_.-]+\.tgz)\b", re.IGNORECASE)
+JUNOS_MODEL_RE = re.compile(r"\b(EX\d{3,4}-\d{2}[A-Z]?|QFX\d{3,4}\w*|SRX\d{3,4}\w*|MX\d{2,3}\w*)\b", re.IGNORECASE)
+def parse_juniper(text: str, p: OSData) -> OSData:
+    p.vendor = "Juniper"
+    p.product = "Junos"
+    p.family = p.family or "network-os"
+    p.kernel_name = "junos"
+    vm = JUNOS_VER_RE.search(text)
+    if vm:
+        ver = vm.group(1)
+        p.evidence["version_raw"] = ver
+        nums = re.findall(r"\d+", ver)
+        if nums:
+            p.version_major = int(nums[0])
+        if len(nums) >= 2:
+            p.version_minor = int(nums[1])
+        p.version_build = ver
+        p.precision = "minor"
+    pkg = JUNOS_PKG_RE.search(text)
+    if pkg:
+        p.build_id = pkg.group(1)
+        p.precision = "build"
+    mdl = JUNOS_MODEL_RE.search(text)
+    if mdl:
+        p.hw_model = mdl.group(1)
+    update_confidence(p, p.precision if p.precision in ("build", "minor") else "major")
+    return p

os_normalizer/parsers/network/netgear.py ADDED Viewed

@@ -0,0 +1,41 @@
+"""Netgear firmware parsing."""
+import re
+from os_normalizer.helpers import update_confidence
+from os_normalizer.models import OSData
+NETGEAR_RE = re.compile(r"\bnetgear\b|\bfirmware\b", re.IGNORECASE)
+NETGEAR_VER_RE = re.compile(
+    r"\bV(\d+\.\d+\.\d+(?:\.\d+)?(?:_\d+\.\d+\.\d+)?)\b", re.IGNORECASE
+)
+NETGEAR_MODEL_RE = re.compile(r"\b([RN][0-9]{3,4}[A-Z]?)\b", re.IGNORECASE)
+def parse_netgear(text: str, p: OSData) -> OSData:
+    p.vendor = "Netgear"
+    p.product = "Firmware"
+    p.family = p.family or "network-os"
+    p.kernel_name = "firmware"
+    vm = NETGEAR_VER_RE.search(text)
+    if vm:
+        v = vm.group(1)
+        nums = re.findall(r"\d+", v)
+        if nums:
+            p.version_major = int(nums[0])
+        if len(nums) >= 2:
+            p.version_minor = int(nums[1])
+        if len(nums) >= 3:
+            p.version_patch = int(nums[2])
+        p.version_build = v
+        p.precision = (
+            "patch" if p.version_patch is not None else ("minor" if p.version_minor is not None else "major")
+        )
+    mdl = NETGEAR_MODEL_RE.search(text)
+    if mdl:
+        p.hw_model = mdl.group(1)
+    update_confidence(p, "minor" if p.precision == "major" else p.precision)
+    return p

os_normalizer/parsers/windows.py ADDED Viewed

@@ -0,0 +1,197 @@
+"""Windows specific parsing logic.
+Refactored for clarity: vendor/edition detection, NT mapping, and build
+mapping are handled by focused helpers. Behavior is preserved while
+avoiding ambiguous NT mappings when server signals are present.
+"""
+import re
+from typing import Any, Optional
+from os_normalizer.constants import (
+    WINDOWS_BUILD_MAP,
+    WINDOWS_NT_CLIENT_MAP,
+    WINDOWS_NT_SERVER_MAP,
+)
+from os_normalizer.helpers import update_confidence
+from os_normalizer.models import OSData
+# Regex patterns used only by the Windows parser
+WIN_EDITION_RE = re.compile(
+    r"\b(professional|enterprise|home|education|ltsc|datacenter)\b",
+    re.IGNORECASE,
+)
+WIN_SP_RE = re.compile(r"\bSP\s?([0-9]+)\b", re.IGNORECASE)
+WIN_BUILD_RE = re.compile(r"\bbuild\s?(\d{4,6})\b", re.IGNORECASE)
+WIN_NT_RE = re.compile(r"\bnt\s?(\d+)\.(\d+)\b", re.IGNORECASE)
+WIN_FULL_NT_BUILD_RE = re.compile(r"\b(10)\.(0)\.(\d+)(?:\.(\d+))?\b")
+WIN_CHANNEL_RE = re.compile(r"\b(20H2|21H2|22H2|23H2|24H2|19H2|18H2|17H2|2004|1909|1809|1709|1511|1507)\b", re.IGNORECASE)
+def parse_windows(text: str, data: dict[str, Any], p: OSData) -> OSData:
+    """Populate an OSData instance with Windows-specific details."""
+    p.kernel_name = "nt"
+    # 1) Product and edition from free text
+    p.product = p.product or _detect_product_from_text(text.lower())
+    p.edition = p.edition or _detect_edition(text)
+    # 2) Service Pack
+    _parse_service_pack(text, p)
+    # 3) NT version mapping (client vs server)
+    server_like = _is_server_like(text.lower())
+    _apply_nt_mapping(text, p, server_like)
+    # 4) Full kernel version (e.g., 10.0.22621.2715) + channel token if present
+    _apply_full_kernel_and_channel(text, p)
+    # 5) Build number + marketing channel (fallback when only 'build 22631' is present)
+    _apply_build_mapping(text, p)
+    # 6) Precision and version_major if applicable
+    _finalize_precision_and_version(p)
+    # 7) Vendor + confidence
+    p.vendor = "Microsoft"
+    update_confidence(p, p.precision)
+    return p
+def _detect_product_from_text(t: str) -> str:
+    if "windows 11" in t or "win11" in t:
+        return "Windows 11"
+    if "windows 10" in t or "win10" in t:
+        return "Windows 10"
+    if "windows 8.1" in t or "win81" in t:
+        return "Windows 8.1"
+    if "windows 8" in t or "win8" in t:
+        return "Windows 8"
+    if "windows 7" in t or "win7" in t:
+        return "Windows 7"
+    if "windows me" in t or "windows millenium" in t:
+        return "Windows ME"
+    if "windows 98" in t or "win98" in t:
+        return "Windows 98"
+    # Server explicit names
+    if "windows server 2022" in t or "win2k22" in t or "win2022" in t:
+        return "Windows Server 2022"
+    if "windows server 2019" in t or "win2k19" in t or "win2019" in t:
+        return "Windows Server 2019"
+    if "windows server 2016" in t or "win2k16" in t or "win2016" in t:
+        return "Windows Server 2016"
+    if "windows server 2012" in t or "win2k12" in t or "win2012" in t:
+        return "Windows Server 2012"
+    if "windows server 2008" in t or "win2k8" in t or "win2008" in t:
+        return "Windows Server 2008"
+    if "windows server 2003" in t or "win2k3" in t or "win2003" in t:
+        return "Windows Server 2003"
+    if "windows server 2000" in t or "win2k" in t or "win2000" in t:
+        return "Windows Server 2000"
+    if "windows" in t:
+        return "Windows"
+    return "Unknown"
+def _detect_edition(text: str) -> str | None:
+    m = WIN_EDITION_RE.search(text)
+    return m.group(1).title() if m else None
+def _parse_service_pack(text: str, p: OSData) -> None:
+    sp = WIN_SP_RE.search(text)
+    if sp:
+        p.version_patch = int(sp.group(1))
+        p.evidence["service_pack"] = sp.group(0)
+def _is_server_like(t: str) -> bool:
+    return any(
+        kw in t
+        for kw in (
+            "server",
+            "datacenter",
+            "standard",
+            "essentials",
+            "foundation",
+            "core",  # server core often appears
+            "hyper-v",
+        )
+    )
+def _apply_nt_mapping(text: str, p: OSData, server_like: bool) -> None:
+    nt = WIN_NT_RE.search(text)
+    if not nt:
+        return
+    major, minor = int(nt.group(1)), int(nt.group(2))
+    p.evidence["nt_version"] = f"{major}.{minor}"
+    # If product already explicitly set (e.g., "Windows Server 2019"), keep it
+    if p.product and p.product not in ("Windows", "Windows 10/11"):
+        return
+    product = WINDOWS_NT_SERVER_MAP.get((major, minor)) if server_like else WINDOWS_NT_CLIENT_MAP.get((major, minor))
+    if product:
+        p.product = product
+def _apply_build_mapping(text: str, p: OSData) -> None:
+    m = WIN_BUILD_RE.search(text)
+    if not m:
+        return
+    build_num = int(m.group(1))
+    p.version_build = str(build_num)
+    # Kernel version for recent Windows 10/11
+    if (p.product == "Windows 10/11") or ("10.0" in text):
+        p.kernel_version = f"{10}.{0}.{build_num}"
+    else:
+        p.kernel_version = None
+    # Only apply client build mapping if current product isn't an explicit Server
+    is_server_product = isinstance(p.product, str) and "server" in p.product.lower()
+    if not is_server_product:
+        for lo, hi, product_name, marketing in WINDOWS_BUILD_MAP:
+            if lo <= build_num <= hi:
+                p.product = product_name
+                p.channel = marketing
+                break
+def _apply_full_kernel_and_channel(text: str, p: OSData) -> None:
+    # Full NT kernel version, e.g., 10.0.22621.2715
+    m = WIN_FULL_NT_BUILD_RE.search(text)
+    if m:
+        build = m.group(3)
+        suffix = m.group(4)
+        p.version_build = p.version_build or build
+        p.kernel_version = f"10.0.{build}{('.' + suffix) if suffix else ''}"
+        # Record evidence for NT 10.0 if not set via NT mapping
+        p.evidence.setdefault("nt_version", "10.0")
+    # Marketing channel token in free text, e.g., 22H2 (case-insensitive)
+    ch = WIN_CHANNEL_RE.search(text)
+    if ch and not p.channel:
+        p.channel = ch.group(1).upper()
+def _finalize_precision_and_version(p: OSData) -> None:
+    if p.version_build:
+        p.precision = "build"
+        return
+    if p.version_patch is not None:
+        p.precision = "patch"
+        return
+    if p.product and any(x in p.product for x in ("7", "8", "10", "11")):
+        digits = re.findall(r"\d+", p.product)
+        if digits:
+            p.version_major = int(digits[0])
+        p.precision = "major"
+        return
+    if p.product:
+        p.precision = "product"
+    else:
+        p.precision = "family"