Merge pull request #47 from radicallyopensecurity/pep8-styling

Pep8 styling
2018-08-27 09:20:40 +02:00 · 2018-08-27 09:20:40 +02:00 · 7067e29627
commit 7067e29627
parent d89540e3ab 0b5cd5527e
3 changed files with 67 additions and 34 deletions
--- a/chatops/python/docbuilder.py
+++ b/chatops/python/docbuilder.py
@ -23,6 +23,7 @@ from __future__ import print_function

 import argparse
 import os
+import random
 import subprocess
 from subprocess import PIPE
 import sys
@ -32,7 +33,7 @@ import textwrap
 GITREV = 'GITREV'  # Magic tag which gets replaced by the git short commit hash
 OFFERTE = 'generate_offerte.xsl'  # XSL for generating waivers
 WAIVER = 'waiver_'  # prefix for waivers
-EXECSUMMARY = 'execsummary' # generating an executive summary instead of a report
+EXECSUMMARY = 'execsummary'  # generating an executive summary instead of a report


 def parse_arguments():
@ -56,9 +57,12 @@ the Free Software Foundation, either version 3 of the License, or
                        help='overwrite output file if it already exists')
    parser.add_argument('-date', action='store',
                        help='the invoice date')
-    parser.add_argument('-execsummary', action='store_true',
+    parser.add_argument('--execsummary', action='store_true',
                        help="""create an executive summary as well as a report (true/false).
                        Default: false """)
+    parser.add_argument('--pw', action='store_true',
+                        help="""password-protect the pdf.
+                        Default: false """)
    parser.add_argument('--fop-config', action='store',
                        default='/etc/docbuilder/fop.xconf',
                        help="""fop configuration file (default
@ -106,7 +110,7 @@ the Free Software Foundation, either version 3 of the License, or
    else:
        verboseprint = lambda *a: None
        verboseerror = lambda *a: None
-    return vars(parser.parse_args())
+    return vars(args)


 def print_output(stdout, stderr):
@ -138,6 +142,13 @@ def change_tag(fop):
        print('[-] could not execute git - is git installed ?')


+def generate_pw():
+    s = "abcdefghijklmnopqrstuvwxyz01234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()?"
+    length = 12
+    p = "".join(random.sample(s, length))
+    return(p)
+
+
 def to_fo(options):
    """
    Creates a fo output file based on a XML file.
@ -171,6 +182,9 @@ def to_pdf(options):
    """
    cmd = [options['fop_binary'], '-c', options['fop_config'], options['fop'],
           options['output']]
+    if options['pw']:
+        pw = generate_pw()
+        cmd = cmd + ['-u', pw]
    try:
        verboseprint('Converting {0} to {1}'.format(options['fop'],
                                                    options['output']))
@ -180,6 +194,8 @@ def to_pdf(options):
        print_output(stdout, stderr)
        if result == 0:
            print('[+] Succesfully built ' + options['output'])
+            if options['pw']:
+                print('\n[+] Password for this pdf is ' + pw)
    except OSError as exception:
        print_exit('[-] ERR: {0}'.format(exception.strerror), exception.errno)
    return result == 0
@ -234,7 +250,7 @@ def main():
            except OSError as exception:
                print_exit('[-] ERR: {0}'.format(exception.strerror),
                           exception.errno)
-        if options['execsummary'] == True:  # we're generating a summary as well as a report
+        if options['execsummary']:  # we're generating a summary as well as a report
            report_output = options['output']
            verboseprint('generating additional executive summary')
            output_dir = os.path.dirname(options['output'])
@ -260,4 +276,4 @@ def main():


 if __name__ == "__main__":
-    main()
+    main()
--- a/chatops/python/pentext_id.py
+++ b/chatops/python/pentext_id.py
@ -123,7 +123,7 @@ def locate_id(findings, args):
    Show finding corresponding to an identifier
    """
    try:
-        print("{0:2d} {1}".format(args.id, findings[args.id-1]))
+        print("{0:2d} {1}".format(args.id, findings[args.id - 1]))
    except IndexError:
        logging.error('Finding %s could not be located', args.id)

--- a/chatops/python/validate_report.py
+++ b/chatops/python/validate_report.py
@ -51,7 +51,7 @@ VOCABULARY = 'project-vocabulary.txt'
 # Snippets may contain XML fragments without the proper entities
 EXAMPLEDIR = 'examples/'
 SNIPPETDIR = 'snippets/'
-STATUS = 25 # loglevel for 'generic' status messages
+STATUS = 25  # loglevel for 'generic' status messages
 TEMPLATEDIR = 'templates/'
 OFFERTE = '/offerte.xml'
 REPORT = '/report.xml'
@ -68,12 +68,12 @@ class LogFormatter(logging.Formatter):
    # STATUS  = (25) generic status messages
    # WARNING = (30) warning messages (= errors in validation)
    # ERROR   = (40) error messages (= program errors)
-    FORMATS = {logging.DEBUG :"DEBUG: %(module)s: %(lineno)d: %(message)s",
-               logging.INFO : "[*] %(message)s",
-               STATUS : "[+] %(message)s",
-               logging.WARN : "[-] %(message)s",
-               logging.ERROR : "ERROR: %(message)s",
-               'DEFAULT' : "%(message)s"}
+    FORMATS = {logging.DEBUG: "DEBUG: %(module)s: %(lineno)d: %(message)s",
+               logging.INFO: "[*] %(message)s",
+               STATUS: "[+] %(message)s",
+               logging.WARN: "[-] %(message)s",
+               logging.ERROR: "ERROR: %(message)s",
+               'DEFAULT': "%(message)s"}

    def format(self, record):
        self._fmt = self.FORMATS.get(record.levelno, self.FORMATS['DEFAULT'])
@ -213,7 +213,8 @@ def validate_files(filenames, options):
                        if 'scans' in xml_type:
                            scans.append(filename)
    for master in masters:
-        result = validate_master(master, findings, non_findings, scans, options) and result
+        result = validate_master(
+            master, findings, non_findings, scans, options) and result
    return result


@ -241,10 +242,12 @@ def validate_xml(filename, options):
    try:
        with open(filename, 'rb') as xml_file:
            xml.sax.parse(xml_file, xml.sax.ContentHandler())
-            tree = ElementTree.parse(filename, ElementTree.XMLParser(strip_cdata=False))
-            tree.xinclude() # Include everything
+            tree = ElementTree.parse(
+                filename, ElementTree.XMLParser(strip_cdata=False))
+            tree.xinclude()  # Include everything
            type_result, xml_type = validate_type(tree, filename, options)
-            result = validate_long_lines(tree, filename, options) and result and type_result
+            result = validate_long_lines(
+                tree, filename, options) and result and type_result
        if options['edit'] and not result:
            open_editor(filename)
    except (xml.sax.SAXException, ElementTree.ParseError) as exception:
@ -326,12 +329,13 @@ def validate_type(tree, filename, options):
                print('[-] threatLevel is not Low, Moderate, High, Elevated or Extreme: {0} {1}'.
                      format(filename, root.attrib[attribute]))
                result = False
-            if attribute == 'type' and (options['capitalization'] and not \
+            if attribute == 'type' and (options['capitalization'] and not
                                        is_capitalized(root.attrib[attribute])):
                print('[A] Type missing capitalization (expected {0}, read {1})'.
                      format(capitalize(root.attrib[attribute]),
                             root.attrib[attribute]))
-                root.attrib[attribute] = titlecase(root.attrib[attribute], callback=abbreviations)
+                root.attrib[attribute] = titlecase(
+                    root.attrib[attribute], callback=abbreviations)
                fix = True
            if attribute == 'status' and root.attrib[attribute] not in \
               ('new', 'unresolved', 'not_retested', 'resolved'):
@ -347,16 +351,18 @@ def validate_type(tree, filename, options):
            logging.warning('Empty tag in %s: %s', filename, tag)
            result = False
            continue
-        if tag == 'title' and (options['capitalization'] and \
+        if tag == 'title' and (options['capitalization'] and
                               not is_capitalized(root.find(tag).text)):
            print('[A] Title missing capitalization in {0} (expected {1}, read {2})'.
                  format(filename, titlecase(root.find(tag).text, callback=abbreviations).strip(),
                         root.find(tag).text.strip()))
-            root.find(tag).text = titlecase(root.find(tag).text, callback=abbreviations)
+            root.find(tag).text = titlecase(
+                root.find(tag).text, callback=abbreviations)
            fix = True
        all_text = get_all_text(root.find(tag))
        if tag == 'description' and all_text.strip()[-1] != '.':
-            print('[A] Description missing final dot in {0}: {1}'.format(filename, all_text))
+            print('[A] Description missing final dot in {0}: {1}'.format(
+                filename, all_text))
            root.find(tag).text = all_text.strip() + '.'
            fix = True
    if fix:
@ -395,7 +401,8 @@ def validate_long_lines(tree, filename, options):
                    print('cutted line {0}'.format(line))
                    line = line[cutpoint:]
                    fixed_text += fixed_line.encode('utf-8')
-                    print('[A] can be fixed (breaking at {0}): {1}'.format(cutpoint, fixed_line))
+                    print('[A] can be fixed (breaking at {0}): {1}'.format(
+                        cutpoint, fixed_line))
                fixed_text += line + '\n'
            if fix and options['auto_fix']:
                print('[+] Automatically fixed {0}'.format(filename))
@ -418,11 +425,12 @@ def validate_master(filename, findings, non_findings, scans, options):
    try:
        xmltree = ElementTree.parse(filename,
                                    ElementTree.XMLParser(strip_cdata=False))
-        xmltree.xinclude() # include all stuff
+        xmltree.xinclude()  # include all stuff
        if not find_keyword(xmltree, 'TODO', filename):
            print('[-] Keyword checks failed for {0}'.format(filename))
            result = False
-        logging.info('Performing cross check on findings, non-findings and scans...')
+        logging.info(
+            'Performing cross check on findings, non-findings and scans...')
        for finding in findings:
            if not cross_check_file(filename, finding):
                print('[A] Cross check failed for finding {0}'.format(finding))
@ -430,7 +438,8 @@ def validate_master(filename, findings, non_findings, scans, options):
                result = False
        for non_finding in non_findings:
            if not cross_check_file(filename, non_finding):
-                logging.warning('Cross check failed for non-finding %s', non_finding)
+                logging.warning(
+                    'Cross check failed for non-finding %s', non_finding)
                include_nonfindings.append(non_finding)
                result = False
        if result:
@ -468,7 +477,8 @@ def cross_check_file(filename, external):
    result = True
    report_text = report_string(filename)
    if report_text.find(external) == -1:
-        logging.warning('Could not find a reference in %s to %s', filename, external)
+        logging.warning(
+            'Could not find a reference in %s to %s', filename, external)
        result = False
    return result

@ -477,16 +487,19 @@ def add_include(filename, identifier, findings):
    """
    Adds XML include based on the identifier ('findings' or 'nonFindings').
    """
-    tree = ElementTree.parse(filename, ElementTree.XMLParser(strip_cdata=False))
+    tree = ElementTree.parse(
+        filename, ElementTree.XMLParser(strip_cdata=False))
    root = tree.getroot()
    for section in tree.iter('section'):
        if section.attrib['id'] == identifier:
            finding_section = section
    if finding_section is not None:
        for finding in findings:
-            new_finding = ElementTree.XML('<placeholderinclude href="../{0}"/>'.format(finding))
+            new_finding = ElementTree.XML(
+                '<placeholderinclude href="../{0}"/>'.format(finding))
            finding_section.append(new_finding)
-            tree.write(filename, encoding="utf-8", xml_declaration=True, pretty_print=True)
+            tree.write(filename, encoding="utf-8",
+                       xml_declaration=True, pretty_print=True)


 def close_file(filename):
@ -501,8 +514,10 @@ def close_file(filename):
    f = open(fileout, 'w')
    f.write(newdata)
    f.close()
-    tree = ElementTree.parse(filename, ElementTree.XMLParser(strip_cdata=False))
-    tree.write(filename, encoding="utf-8", xml_declaration=True, pretty_print=True)
+    tree = ElementTree.parse(
+        filename, ElementTree.XMLParser(strip_cdata=False))
+    tree.write(filename, encoding="utf-8",
+               xml_declaration=True, pretty_print=True)


 def find_keyword(xmltree, keyword, filename):
@ -517,7 +532,8 @@ def find_keyword(xmltree, keyword, filename):
            section = 'in {0}'.format(tag.attrib['id'])
        if tag.text:
            if keyword in tag.text:
-                logging.warning('%s found in %s %s', keyword, filename, section)
+                logging.warning('%s found in %s %s',
+                                keyword, filename, section)
                result = False
    return result

@ -566,7 +582,8 @@ def main():
    else:
        logging.warning('Validation failed')
    if options['spelling'] and options['learn']:
-        logging.log(STATUS, 'Don\'t forget to check the vocabulary file %s', VOCABULARY)
+        logging.log(
+            STATUS, 'Don\'t forget to check the vocabulary file %s', VOCABULARY)


 if __name__ == "__main__":