init

Author: cn-kali-team

Cargo.toml

@@ -31,7 +31,3 @@ opt-level = 3
 
 
 [dependencies]
-
-[[bin]]
-name = "nvd-server"
-path = "nvd-server/src/main.rs"

Dockerfile

@@ -18,6 +18,7 @@ COPY nvd-yew nvd-yew
 COPY nvd-api nvd-api
 COPY nvd-server nvd-server
 COPY helper helper
+COPY src src
 RUN cargo build --release
 RUN trunk build --release
 

cve/src/v4/configurations.rs

@@ -145,20 +145,16 @@ impl Match {
     }
     // 什么都没有的
     if v_start.is_none() && v_end.is_none() {
-      return format!(
-        "{} {}",
-        op_start.unwrap_or(""),
-        version.unwrap_or_default()
-      );
+      format!("{} {}", op_start.unwrap_or(""), version.unwrap_or_default())
     } else {
-      return format!(
+      format!(
         "{}{} {} {}{}",
         v_start.unwrap_or(""),
         op_start.unwrap_or(""),
         version.unwrap_or_default(),
         op_end.unwrap_or(""),
         v_end.unwrap_or_default()
-      );
+      )
     }
   }
   pub fn match_version_range(&self, ver: &str) -> bool {

helper/Cargo.toml

@@ -7,6 +7,7 @@ edition = "2021"
 [dependencies]
 mysqlclient-sys = "0.2.5"
 diesel = { version = "2.1.0", features = ["r2d2", "mysql", "chrono", "uuid", "serde_json"] }
+chrono = { version = "0.4", default-features = false, features = ["serde"] }
 dotenvy = "0.15"
 uuid = { version = "1.3.3", features = ["v4"] }
 nvd-server = { path = "../nvd-server" }

helper/examples/cpe-api-example.rs

@@ -1,9 +1,10 @@
+use nvd_api::ApiVersion;
 use nvd_api::v2::products::{CpeMatchParameters, CpeParameters};
 // https://cwe.mitre.org/data/downloads.html
 // curl -s -k https://cwe.mitre.org/data/downloads.html |grep  -Eo '(/[^"]*\.xml.zip)'|xargs -I % wget -c https://cwe.mitre.org%
 #[tokio::main]
 async fn main() {
-  let api = nvd_api::NVDApi::new(None, "2.0").unwrap();
+  let api = nvd_api::NVDApi::new(None, ApiVersion::default()).unwrap();
   let cpe = api
     .cpe(CpeParameters {
       cpe_name_id: None,

helper/examples/cve-api-example.rs

@@ -1,9 +1,10 @@
+use nvd_api::ApiVersion;
 use nvd_api::v2::vulnerabilities::{CveHistoryParameters, CveParameters};
 // https://cwe.mitre.org/data/downloads.html
 // curl -s -k https://cwe.mitre.org/data/downloads.html |grep  -Eo '(/[^"]*\.xml.zip)'|xargs -I % wget -c https://cwe.mitre.org%
 #[tokio::main]
 async fn main() {
-  let api = nvd_api::NVDApi::new(None, "2.0").unwrap();
+  let api = nvd_api::NVDApi::new(None, ApiVersion::default()).unwrap();
   let cve = api
     .cve(CveParameters {
       cpe_name: None,

helper/examples/nvdcve/v.json

@@ -0,0 +1,183 @@
+use cached::proc_macro::cached;
+use cached::SizedCache;
+use chrono::{NaiveDateTime, Utc};
+use cve::v4::{CVEContainer, CVEItem};
+use diesel::mysql::MysqlConnection;
+use helper::init_db_pool;
+use nvd_api::v2::vulnerabilities::CveParameters;
+use nvd_api::v2::LastModDate;
+use nvd_api::ApiVersion;
+use nvd_server::error::DBResult;
+use nvd_server::modules::cve_db::CreateCve;
+use nvd_server::modules::cve_product_db::CreateCveProductByName;
+use nvd_server::modules::product_db::{CreateProduct, QueryProductById};
+use nvd_server::modules::vendor_db::CreateVendors;
+use nvd_server::modules::{Cve, CveProduct, Product, Vendor};
+use std::str::FromStr;
+
+// https://cwe.mitre.org/data/downloads.html
+// curl -s -k https://cwe.mitre.org/data/downloads.html |grep  -Eo '(/[^"]*\.xml.zip)'|xargs -I % wget -c https://cwe.mitre.org%
+
+fn import_to_db(connection: &mut MysqlConnection, cve_item: CVEItem) -> DBResult<String> {
+  let id = cve_item.cve.meta.id;
+  let y = id.split('-').nth(1).unwrap_or_default();
+  let new_post = CreateCve {
+    id: id.clone(),
+    created_at: cve_item.published_date,
+    updated_at: cve_item.last_modified_date,
+    references: serde_json::json!(cve_item.cve.references.reference_data),
+    description: serde_json::json!(cve_item.cve.description.description_data),
+    severity: cve_item.impact.severity(),
+    metrics: serde_json::json!(cve_item.impact),
+    assigner: cve_item.cve.meta.assigner,
+    configurations: serde_json::json!(cve_item.configurations.nodes),
+    year: i32::from_str(y).unwrap_or_default(),
+    weaknesses: serde_json::json!(cve_item.cve.problem_type.problem_type_data),
+    timeline: Default::default(),
+  };
+  // 插入到数据库
+  match Cve::create(connection, &new_post) {
+    Ok(cve_id) => {
+      // 插入cpe_match关系表
+      for node in cve_item.configurations.nodes {
+        for vendor_product in node.vendor_product() {
+          import_vendor_product_to_db(connection, vendor_product.clone());
+          create_cve_product(
+            connection,
+            cve_id.id.clone(),
+            vendor_product.vendor,
+            vendor_product.product,
+          );
+        }
+      }
+    }
+    Err(err) => {
+      println!("Cve::create: {err:?}");
+    }
+  }
+  Ok(new_post.id)
+}
+
+pub fn create_cve_product(
+  conn: &mut MysqlConnection,
+  cve_id: String,
+  vendor: String,
+  product: String,
+) -> String {
+  // 构建待插入对象
+  let cp = CreateCveProductByName {
+    cve_id,
+    vendor,
+    product,
+  };
+  // 插入到数据库
+  match CveProduct::create_by_name(conn, &cp) {
+    Ok(_cp) => {}
+    Err(err) => {
+      println!("create_cve_product: {err:?}:{cp:?}");
+    }
+  }
+  String::new()
+}
+
+#[cached(
+  type = "SizedCache<String, Vec<u8>>",
+  create = "{ SizedCache::with_size(100) }",
+  convert = r#"{ format!("{:?}", product.to_owned()) }"#
+)]
+fn import_vendor_product_to_db(connection: &mut MysqlConnection, product: cpe::Product) -> Vec<u8> {
+  let vendor_id = create_vendor(connection, product.vendor, None);
+  create_product(connection, vendor_id, product.product, product.part)
+}
+
+#[cached(
+  type = "SizedCache<String, Vec<u8>>",
+  create = "{ SizedCache::with_size(100) }",
+  convert = r#"{ format!("{}", name.to_owned()) }"#
+)]
+pub fn create_vendor(
+  conn: &mut MysqlConnection,
+  name: String,
+  description: Option<String>,
+) -> Vec<u8> {
+  if let Ok(v) = Vendor::query_by_name(conn, &name) {
+    return v.id;
+  }
+  // 构建待插入对象
+  let new_post = CreateVendors {
+    id: uuid::Uuid::new_v4().as_bytes().to_vec(),
+    name,
+    description,
+    official: u8::from(true),
+    homepage: None,
+  };
+  // 插入到数据库
+  if let Err(err) = Vendor::create(conn, &new_post) {
+    println!("create_vendor: {err:?}");
+  }
+  new_post.id
+}
+
+#[cached(
+  type = "SizedCache<String, Vec<u8>>",
+  create = "{ SizedCache::with_size(100) }",
+  convert = r#"{ format!("{}:{:?}", name.to_owned(),vendor.to_owned()) }"#
+)]
+pub fn create_product(
+  conn: &mut MysqlConnection,
+  vendor: Vec<u8>,
+  name: String,
+  part: String,
+) -> Vec<u8> {
+  let q = QueryProductById {
+    vendor_id: vendor.clone(),
+    name: name.clone(),
+  };
+  if let Ok(v) = Product::query_by_id(conn, &q) {
+    return v.id;
+  }
+  // 构建待插入对象
+  let new_post = CreateProduct {
+    id: uuid::Uuid::new_v4().as_bytes().to_vec(),
+    vendor_id: vendor,
+    name,
+    description: None,
+    official: u8::from(true),
+    part,
+    homepage: None,
+  };
+  // 插入到数据库
+  if let Err(err) = Product::create(conn, &new_post) {
+    println!("create_product: {err:?}");
+  }
+  new_post.id
+}
+
+fn main() {
+  // let connection_pool = init_db_pool();
+  // let api = nvd_api::NVDApi::new(None, ApiVersion::default()).unwrap();
+  let now = Utc::now();
+    let two_h =
+  println!("{:?}", now);
+  // api.cve(CveParameters{
+  //     cpe_name: None,
+  //     cve_id: None,
+  //     cvss_v2_metrics: None,
+  //     cvss_v2_severity: None,
+  //     cvss_v3_metrics: None,
+  //     cvss_v3_severity: None,
+  //     cwe_id: None,
+  //     has_cert_alerts: None,
+  //     has_cert_notes: None,
+  //     has_kev: None,
+  //     has_oval: None,
+  //     is_vulnerable: None,
+  //     keyword: None,
+  //     last_mod: Some(LastModDate{ last_mod_start_date: "".to_string(), last_mod_end_date: "".to_string() }),
+  //     no_rejected: None,
+  //     pub_date: None,
+  //     limit_offset: None,
+  //     source_identifier: None,
+  //     virtual_match: None,
+  // })
+}

helper/src/bin/api_to_db.rs

@@ -26,7 +26,7 @@ fn import_to_db(connection: &mut MysqlConnection, cve_item: CVEItem) -> DBResult
     updated_at: cve_item.last_modified_date,
     references: serde_json::json!(cve_item.cve.references.reference_data),
     description: serde_json::json!(cve_item.cve.description.description_data),
-    severity: cve_item.impact.severity().to_string(),
+    severity: cve_item.impact.severity(),
     metrics: serde_json::json!(cve_item.impact),
     assigner: cve_item.cve.meta.assigner,
     configurations: serde_json::json!(cve_item.configurations.nodes),
@@ -154,7 +154,7 @@ pub fn create_product(
 
 fn main() {
   let connection_pool = init_db_pool();
-  for y in 2023..2024 {
+  for y in 2002..2024 {
     let p = format!("helper/examples/nvdcve/nvdcve-1.1-{y}.json.gz");
     println!("{p}");
     let gz_open_file = File::open(p).unwrap();
@@ -164,6 +164,6 @@ fn main() {
     for w in c.CVE_Items {
       import_to_db(connection_pool.get().unwrap().deref_mut(), w).unwrap_or_default();
     }
-    break;
+    // break;
   }
 }