ok
Direktori : /opt/imunify360/venv/lib64/python3.11/site-packages/im360/subsys/ |
Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/im360/subsys/modsec_app_version_detector.py |
import json import os import re from collections import defaultdict from peewee import SqliteDatabase class DatabaseNotFoundError(Exception): pass def map_components_versions_to_tags(components_sqlite_file, tags_mapping): if not os.path.isfile(components_sqlite_file): raise DatabaseNotFoundError( "App detector database '{}' couldn't be found.".format( components_sqlite_file ) ) db = SqliteDatabase(components_sqlite_file) tags_regex = [] for tag, reg in tags_mapping.items(): tags_regex.append((tag, re.compile(reg))) cursor = db.execute_sql("select path, title from apps") path_tags = defaultdict(set) cache = dict() for path, title in cursor: tag = cache.get(title, None) if tag is not None: path_tags[path].add(tag) else: for tag, reg in tags_regex: if reg.match(title): path_tags[path].add(tag) cache[title] = tag break return generate_conf(path_tags) def generate_conf(path_tags): """ Generate conf file with rules Use json.dumps for converting special symbols like \n and escape quoters inside quoters :param path_tags: :return: """ return [ """<Directory {}> SecRuleRemoveByTag ^(?!(?:service.*|noshow|{})$) </Directory>""".format( json.dumps(path), "|".join(sorted(tags)) ) for path, tags in path_tags.items() ]