Added new set-config command and new tests

xsist10 · Apr 21, 2014 · 311a6cc · 311a6cc
1 parent 3d514fd
commit 311a6cc
Show file tree

Hide file tree

Showing 15 changed files with 232 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -38,6 +38,18 @@ If you are using the `shone.phar` file, you can update it to the latest version
     $ ./shone.phar self-update
 
 
+Setting up your configuration
+-----
+
+There are some basic settings that make it easier to use the tool. It's recommended to set your API key at the start (the configuration file will be stored in your home folder ~/shone.json or similar location).
+
+    # Set the API key so you don't need to declare it everywhere
+    $ ./shone.phar set-config --key "[API KEY]"
+
+    # This is not recommended
+    $ ./shone.phar set-config  --common-checksum=0 --no-cert-check=1
+
+
 Using the scanner
 -----
 

diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "shone/scanner",
-    "description": "Software Version Scanner",
+    "description": "A scanner to determine if the version of the popular open source software you are running is vulnerable.",
     "keywords": ["version", "scanner", "security", "vulnerability"],
     "homepage": "https://www.shone.co.za/",
     "type": "tool",

diff --git a/res/config.json b/res/config.json
@@ -24,5 +24,5 @@
         "zip"
     ],
     "ssl-cert-check": 1,
-    "version": "1.1.2"
+    "version": "1.1.3"
 }
diff --git a/shone.phar b/shone.phar
diff --git a/src/Command/FingerprintCommand.php b/src/Command/FingerprintCommand.php
@@ -87,7 +87,7 @@ protected function execute(InputInterface $input, OutputInterface $output)
         }
 
         // Do we have a key to use?
-        $key = $input->hasOption('key') ? $input->getOption('key') : $config->get('key');
+        $key = $input->getOption('key') ? $input->getOption('key') : $config->get('key');
         $this->log($output, ' Setting key to `' . $key . '`');
         $scanner->setKey($key);
 
@@ -103,12 +103,12 @@ protected function execute(InputInterface $input, OutputInterface $output)
         } else {
             $this->log($output, 'Result: <info>' . $result['Detail'] . '</info>', true);
 
-            $table = $this->getApplication()->getHelperSet()->get('table');
-            $table->setHeaders(array('Software', 'Version', 'Status'));
+            if (!empty($result['Matches'])) {
+                $table = $this->getApplication()->getHelperSet()->get('table');
+                $table->setHeaders(array('Software', 'Version', 'Status'));
 
-            $data = array();
+                $data = array();
 
-            if (!empty($result['Matches'])) {
                 foreach ($result['Matches'] as $match) {
                     $warning = array();
                     if ($match['is_malicious']) {
@@ -127,10 +127,10 @@ protected function execute(InputInterface $input, OutputInterface $output)
                         implode(', ', $warning)
                     );
                 }
-            }
 
-            $table->setRows($data);
-            $table->render($output);
+                $table->setRows($data);
+                $table->render($output);
+            }
         }
 
         $this->log($output);

diff --git a/src/Command/ScanCommand.php b/src/Command/ScanCommand.php
@@ -135,6 +135,11 @@ protected function execute(InputInterface $input, OutputInterface $output)
 
         // Determine the path we're going to scan
         $this->log($output, ' Setting path to `' . $config['path'] . '`');
+        if (!is_dir($config['path']) || !is_readable($config['path'])) {
+            $this->log($output, '<error>Unable to read the path specified.</error>', true);
+            $this->log($output);
+            return false;
+        }
 
         // Has the user specified a label?
         $this->log($output, ' Setting label to `' . $config['label'] .'`');

diff --git a/src/Command/SetConfigCommand.php b/src/Command/SetConfigCommand.php
@@ -0,0 +1,86 @@
+<?php
+/**
+ * The Shone Security Scanner is used to help a developer determine if the versions of the
+ * dependencies he is using are vulnerable to known exploits.
+ *
+ * @category Shone
+ * @package  Scanner
+ * @author   Thomas Shone <xsist10@gmail.com>
+ */
+
+namespace Shone\Scanner\Command;
+
+use Shone\Scanner\Scanner;
+
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Command\Command;
+
+use \Exception;
+
+/**
+ * The self-update command only accessable when accessing from a phar
+ *
+ * @category Shone
+ * @package  Scanner\Command
+ * @author   Thomas Shone <xsist10@gmail.com>
+ */
+class SetConfigCommand extends Command
+{
+    /**
+     * Configure our command call
+     *
+     * @return void
+     */
+    protected function configure()
+    {
+        $help = <<<EOT
+The <info>set-config</info> command sets the configuration for a user.
+
+EOT;
+
+        $this
+            ->setName('set-config')
+            ->setHelp($help)
+            ->setAliases(array('setconfig'))
+            ->setDescription('Setup the configuration for a user.')
+            ->setDefinition(array(
+                new InputOption('key', null, InputOption::VALUE_REQUIRED, 'Set an API key.'),
+                new InputOption('common-checksum', 'c', InputOption::VALUE_REQUIRED, 'Set whether to always ignore files that are very common.', true),
+                new InputOption('no-cert-check', null, InputOption::VALUE_REQUIRED, 'Set whether to disable CA certificate checks.', false),
+            ));
+    }
+
+    /**
+     * Execute our command call
+     *
+     * @param Symfony\Component\Console\Input\InputInterface   $input  Input source
+     * @param Symfony\Component\Console\Output\OutputInterface $output Output source
+     *
+     * @return void
+     * @codeCoverageIgnore
+     */
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $config = $this->getApplication()->getConfig();
+
+        $no_cert_check = $input->getOption('no-cert-check') ? true : false;
+        $config->set('no-cert-check', $no_cert_check);
+        $output->writeln(sprintf("Setting no-cert-check to <info>%b</info>.", $no_cert_check));
+
+        $common_checksum = $input->getOption('common-checksum') ? true : false;
+        $config->set('common-checksum', $common_checksum);
+        $output->writeln(sprintf("Setting common-checksum to <info>%b</info>.", $common_checksum));
+
+        if ($input->getOption('key'))
+        {
+            $config->set('key', $input->getOption('key'));
+            $output->writeln(sprintf("Setting key to <info>%s</info>.", $config->get('key')));
+        }
+
+        $output->writeln("<info>Config file saved.</info>");
+        $config->save();
+    }
+}
diff --git a/src/Config.php b/src/Config.php
@@ -37,25 +37,85 @@
  */
 class Config
 {
+    /**
+     * @var array
+     */
     public static $defaultConfig = array(
         'ignore-ext'        => array(),
         'ssl-cert-check'    => 1
     );
 
+    /**
+     * @var array
+     */
     private $config;
 
+    /**
+     * @var string
+     */
+    private $config_file;
+
+    /**
+     * @var string
+     */
+    private $home_file;
+
+    /**
+     * Build a new config object
+     *
+     * @return Shone\Scanner\Config
+     * @codeCoverageIgnore
+     */
     public function __construct()
     {
         // load defaults
         $this->config = static::$defaultConfig;
 
-        $jsonConfig = __DIR__ . '/../res/config.json';
-        if (is_file($jsonConfig) && is_readable($jsonConfig)) {
-            $json = json_decode(file_get_contents($jsonConfig), true);
+        // Get home directory
+        if (isset($_SERVER['HOME'])) {
+            $home = $_SERVER['HOME'];
+        } elseif (isset($_SERVER['HOMEDRIVE']) && isset($_SERVER['HOMEPATH'])) {
+            $home = $_SERVER['HOMEDRIVE'] . '/' . $_SERVER['HOMEPATH'];
+        } else {
+            $home = getcwd();
+        }
+
+        $this->home_file = $home . '/shone.json';
+
+        // Attempt to load a custom config
+        $this->config_file = realpath($this->home_file);
+        if (!is_readable($this->config_file))
+        {
+            // Failing that, default to the bundled one
+            $this->config_file = __DIR__ . '/../res/config.json';
+        }
+        if (is_file($this->config_file) && is_readable($this->config_file)) {
+            $json = json_decode(file_get_contents($this->config_file), true);
             $this->merge($json);
         }
     }
 
+    /**
+     * Returns the path to the config file
+     *
+     * @return string
+     */
+    public function getConfigFile()
+    {
+        return $this->config_file;
+    }
+
+    /**
+     * Save the config file to the home folder of the user
+     *
+     * @return boolean
+     * @codeCoverageIgnore
+     */
+    public function save()
+    {
+        return file_put_contents($this->home_file, json_encode($this->config)) > 0;
+    }
+
     /**
      * Merges new config values with the existing ones (overriding)
      *
@@ -71,6 +131,20 @@ public function merge(array $config)
         }
     }
 
+    /**
+     * Set a key
+     *
+     * @param string $key   Key of the config
+     * @param string $value Value of the config
+     *
+     * @return Shone\Scanner\Config
+     */
+    public function set($key, $value)
+    {
+        $this->config[$key] = $value;
+        return $this;
+    }
+
     /**
      * Returns a setting
      *

diff --git a/src/Console/Application.php b/src/Console/Application.php
@@ -157,6 +157,7 @@ protected function getDefaultCommands()
     {
         $commands = parent::getDefaultCommands();
         $commands[] = new Command\AboutCommand();
+        $commands[] = new Command\SetConfigCommand();
         $commands[] = new Command\ScanCommand();
         $commands[] = new Command\FtpScanCommand();
         $commands[] = new Command\JobCommand();
@@ -174,6 +175,6 @@ protected function getDefaultCommands()
      */
     public function getLongVersion()
     {
-        return parent::getLongVersion() . ' ' . Scanner::RELEASE_DATE;
+        return parent::getLongVersion() . ' ' . Scanner::RELEASE_DATE . "\nConfig File: " . $this->getConfig()->getConfigFile();
     }
 }
diff --git a/src/Scanner.php b/src/Scanner.php
@@ -117,9 +117,11 @@ protected function post($page, array $arguments = array())
 
         // Work around for Guzzle not clearing out old cacert files
         $cert_file = sys_get_temp_dir() . '/guzzle-cacert.pem';
+        // @codeCoverageIgnoreStart
         if (is_file($cert_file) && is_writable($cert_file)) {
             unlink($cert_file);
         }
+        // @codeCoverageIgnoreEnd
 
         $client = $this->getHttpClient();
         $client->setBaseUrl(self::API_ENDPOINT);
@@ -294,6 +296,7 @@ protected function buildFileFingerprint(Filesystem $filesystem, $file)
             $context = hash_init('md5');
             hash_update_stream($context, $stream);
             $md5 = hash_final($context);
+
             // Close the resource to release the handle
             fclose($stream);
 

diff --git a/src/Tests/Command/JobCommandTest.php b/src/Tests/Command/JobCommandTest.php
@@ -104,4 +104,22 @@ public function testGetHash()
         $this->assertRegExp('/| Joomla!  | 2.5.10  | vulnerable | 10\/10 | 96.00% |/', $display);
         $this->assertRegExp('/| tinymce  | 3.5.2   | deprecated | N\/A  | 10.00% |/', $display);
     }
+
+    public function testPendingJob()
+    {
+        $json = '{"status":"In progress"}';
+        $parameters = array('--hash' => 'abc123');
+        $display = $this->runCommand('getJob', $parameters, $json);
+
+        $this->assertRegExp('/Job still being processed/', $display);
+    }
+
+    public function testEmptyJob()
+    {
+        $json = '';
+        $parameters = array('--hash' => 'abc123');
+        $display = $this->runCommand('getJob', $parameters, $json);
+
+        $this->assertRegExp('/Invalid job result received/', $display);
+    }
 }
diff --git a/src/Tests/Command/ScanCommandTest.php b/src/Tests/Command/ScanCommandTest.php
@@ -76,6 +76,16 @@ public function testMissingParameters()
         $this->assertRegExp('/Because/', $commandTester->getDisplay());
     }
 
+    public function testInvalidPath()
+    {
+        $command = new ScanCommand();
+        $command->setApplication(new Application());
+
+        $commandTester = new CommandTester($command);
+        $commandTester->execute(array('path' => '/random/path'));
+        $this->assertRegExp('/Unable to read the path specified/', $commandTester->getDisplay());
+    }
+
     public function testExecuteForCommandAlias()
     {
         // Mock the scanner

diff --git a/src/Tests/ConfigTest.php b/src/Tests/ConfigTest.php
@@ -37,4 +37,12 @@ public function testGet()
         $this->assertEquals(null, $config->get('non-existant-key'));
         $this->assertEquals(1, $config->get('ssl-cert-check'));
     }
+
+    public function testSet()
+    {
+        $config = new Config();
+        $this->assertEquals(1, $config->get('ssl-cert-check'));
+        $config->set('ssl-cert-check', 0);
+        $this->assertEquals(0, $config->get('ssl-cert-check'));
+    }
 }
diff --git a/src/Tests/Fixture/tmp b/src/Tests/Fixture/tmp
diff --git a/src/Tests/ScannerTest.php b/src/Tests/ScannerTest.php
@@ -194,7 +194,7 @@ public function testJobPacket()
 
         $property = new ReflectionProperty('Shone\Scanner\Scanner', 'common_checksums');
         $property->setAccessible(true);
-        $property->setValue($scanner, array('742b794187af3520e8a991e207660493' => true));
+        $property->setValue($scanner, array('d41d8cd98f00b204e9800998ecf8427e' => true));
 
         $files = $scanner->buildFileList($filesystem, '', array('txt'));
         $files[] = "non_existant_file";