示例#1
0
  protected Collection<FileItem> getItems(
      ObjectType obj, Collection<IFile> files, IRequestContext rc) throws CollectException {

    FileObject fObj = (FileObject) obj;
    Collection<FileItem> items = new ArrayList<FileItem>();
    for (IFile f : files) {
      try {
        FileItem item = (FileItem) getBaseItem(obj, f);
        if (item != null) {
          EntityItemIntType aTimeType = Factories.sc.core.createEntityItemIntType();
          Date temp = f.getAccessTime();
          if (temp == null) {
            aTimeType.setStatus(StatusEnumeration.NOT_COLLECTED);
          } else {
            aTimeType.setValue(Timestamp.toWindowsTimestamp(temp.getTime()));
            aTimeType.setDatatype(SimpleDatatypeEnumeration.INT.value());
          }
          item.setATime(aTimeType);

          EntityItemIntType cTimeType = Factories.sc.core.createEntityItemIntType();
          temp = f.getCreateTime();
          if (temp == null) {
            cTimeType.setStatus(StatusEnumeration.NOT_COLLECTED);
          } else {
            cTimeType.setValue(Timestamp.toWindowsTimestamp(temp.getTime()));
            cTimeType.setDatatype(SimpleDatatypeEnumeration.INT.value());
          }
          item.setCTime(cTimeType);

          EntityItemIntType mTimeType = Factories.sc.core.createEntityItemIntType();
          temp = f.getLastModified();
          if (temp == null) {
            mTimeType.setStatus(StatusEnumeration.NOT_COLLECTED);
          } else {
            mTimeType.setValue(Timestamp.toWindowsTimestamp(temp.getTime()));
            mTimeType.setDatatype(SimpleDatatypeEnumeration.INT.value());
          }
          item.setMTime(mTimeType);

          EntityItemIntType sizeType = Factories.sc.core.createEntityItemIntType();
          if (f.isFile()) {
            sizeType.setValue(new Long(f.length()).toString());
            sizeType.setDatatype(SimpleDatatypeEnumeration.INT.value());
          } else {
            sizeType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
          }
          item.setSize(sizeType);

          addExtendedInfo(fObj, f.getExtended(), item);
          addHeaderInfo(fObj, f, item);
          items.add(item);
        }
      } catch (IOException e) {
        session.getLogger().warn(Message.ERROR_IO, f.getPath(), e.getMessage());
        MessageType msg = Factories.common.createMessageType();
        msg.setLevel(MessageLevelEnumeration.ERROR);
        msg.setValue(e.getMessage());
        rc.addMessage(msg);
      }
    }
    return items;
  }
示例#2
0
  public Collection<PatchItem> getItems(ObjectType obj, IRequestContext rc)
      throws CollectException {
    if (!initialized) {
      scanRevisions();
    }

    PatchObject pObj = (PatchObject) obj;
    Collection<PatchItem> items = new ArrayList<PatchItem>();
    if (error != null) {
      MessageType msg = Factories.common.createMessageType();
      msg.setLevel(MessageLevelEnumeration.ERROR);
      msg.setValue(error);
      rc.addMessage(msg);
    }

    try {
      int iBase = Integer.parseInt((String) pObj.getBase().getValue());

      switch (pObj.getBase().getOperation()) {
        case EQUALS:
          items.addAll(getItems((String) pObj.getBase().getValue()));
          break;

        case NOT_EQUAL:
          for (String base : revisions.keySet()) {
            if (!base.equals((String) pObj.getBase().getValue())) {
              items.addAll(getItems(base));
            }
          }
          break;

        case LESS_THAN:
          for (String base : revisions.keySet()) {
            if (Integer.parseInt(base) < iBase) {
              items.addAll(getItems(base));
            }
          }
          break;

        case LESS_THAN_OR_EQUAL:
          for (String base : revisions.keySet()) {
            if (Integer.parseInt(base) <= iBase) {
              items.addAll(getItems(base));
            }
          }
          break;

        case GREATER_THAN:
          for (String base : revisions.keySet()) {
            if (Integer.parseInt(base) > iBase) {
              items.addAll(getItems(base));
            }
          }
          break;

        case GREATER_THAN_OR_EQUAL:
          for (String base : revisions.keySet()) {
            if (Integer.parseInt(base) >= iBase) {
              items.addAll(getItems(base));
            }
          }
          break;

        case PATTERN_MATCH:
          Pattern p = StringTools.pattern((String) pObj.getBase().getValue());
          for (String base : revisions.keySet()) {
            if (p.matcher(base).find()) {
              items.addAll(getItems(base));
            }
          }
          break;

        default:
          String msg =
              JOVALMsg.getMessage(
                  JOVALMsg.ERROR_UNSUPPORTED_OPERATION, pObj.getBase().getOperation());
          throw new CollectException(msg, FlagEnumeration.NOT_COLLECTED);
      }
    } catch (NumberFormatException e) {
      MessageType msg = Factories.common.createMessageType();
      msg.setLevel(MessageLevelEnumeration.ERROR);
      msg.setValue(e.getMessage());
      rc.addMessage(msg);
      session.getLogger().warn(JOVALMsg.getMessage(JOVALMsg.ERROR_EXCEPTION), e);
    } catch (PatternSyntaxException e) {
      MessageType msg = Factories.common.createMessageType();
      msg.setLevel(MessageLevelEnumeration.ERROR);
      msg.setValue(JOVALMsg.getMessage(JOVALMsg.ERROR_PATTERN, e.getMessage()));
      rc.addMessage(msg);
      session.getLogger().warn(JOVALMsg.getMessage(JOVALMsg.ERROR_EXCEPTION), e);
    }

    return items;
  }
示例#3
0
  /**
   * Read the Portable Execution format header information from the IFileEx, or directly from the
   * file itself, and convey it to the item.
   */
  private void addHeaderInfo(FileObject fObj, IFile file, FileItem item) throws IOException {
    session.getLogger().trace(JOVALMsg.STATUS_PE_READ, file.toString());
    IFileEx extended = file.getExtended();
    Map<String, String> peHeaders = null;
    if (file.isFile() && file.length() == 0) {
      MessageType msg = Factories.common.createMessageType();
      msg.setLevel(MessageLevelEnumeration.INFO);
      msg.setValue(JOVALMsg.getMessage(JOVALMsg.STATUS_PE_EMPTY));
      item.getMessage().add(msg);
    } else if (extended instanceof IWindowsFileInfo) {
      peHeaders = ((IWindowsFileInfo) extended).getPEHeaders();
    } else if (file.isFile()) {
      try {
        Header header = new Header(file);
        peHeaders = new HashMap<String, String>();
        String cs = Integer.toString(header.getNTHeader().getImageOptionalHeader().getChecksum());
        peHeaders.put(IWindowsFileInfo.PE_MS_CHECKSUM, cs);
        String key = VsVersionInfo.LANGID_KEY;
        VsVersionInfo versionInfo = header.getVersionInfo();
        VsFixedFileInfo value = null;
        if (versionInfo != null) {
          value = versionInfo.getValue();
          key = versionInfo.getDefaultTranslation();
        }
        if (value != null) {
          String version = versionInfo.getValue().getFileVersion().toString();
          peHeaders.put(IWindowsFileInfo.PE_VERSION, version);
          StringTokenizer tok = new StringTokenizer(version, ".");
          if (tok.countTokens() == 4) {
            peHeaders.put(IWindowsFileInfo.PE_VERSION_MAJOR_PART, tok.nextToken());
            peHeaders.put(IWindowsFileInfo.PE_VERSION_MINOR_PART, tok.nextToken());
            peHeaders.put(IWindowsFileInfo.PE_VERSION_BUILD_PART, tok.nextToken());
            peHeaders.put(IWindowsFileInfo.PE_VERSION_PRIVATE_PART, tok.nextToken());
          }
          String locale = LanguageConstants.getLocaleString(key);
          if (locale != null) {
            peHeaders.put(IWindowsFileInfo.PE_LANGUAGE, LanguageConstants.getLocaleString(key));
          }
          Map<String, String> stringTable = versionInfo.getStringTable(key);
          if (stringTable.containsKey("CompanyName")) {
            peHeaders.put(IWindowsFileInfo.PE_COMPANY_NAME, stringTable.get("CompanyName"));
          }
          if (stringTable.containsKey("InternalName")) {
            peHeaders.put(IWindowsFileInfo.PE_INTERNAL_NAME, stringTable.get("InternalName"));
          }
          if (stringTable.containsKey("ProductName")) {
            peHeaders.put(IWindowsFileInfo.PE_PRODUCT_NAME, stringTable.get("ProductName"));
          }
          if (stringTable.containsKey("OriginalFilename")) {
            peHeaders.put(IWindowsFileInfo.PE_ORIGINAL_NAME, stringTable.get("OriginalFilename"));
          }
          if (stringTable.containsKey("ProductVersion")) {
            peHeaders.put(IWindowsFileInfo.PE_PRODUCT_VERSION, stringTable.get("ProductVersion"));
          }
        }
      } catch (IllegalArgumentException e) {
        MessageType msg = Factories.common.createMessageType();
        msg.setLevel(MessageLevelEnumeration.ERROR);
        msg.setValue(e.getMessage());
        item.getMessage().add(msg);
      }
    }

    EntityItemStringType msChecksumType = Factories.sc.core.createEntityItemStringType();
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_MS_CHECKSUM)) {
      msChecksumType.setValue(peHeaders.get(IWindowsFileInfo.PE_MS_CHECKSUM));
    } else {
      msChecksumType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setMsChecksum(msChecksumType);

    EntityItemStringType languageType = Factories.sc.core.createEntityItemStringType();
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_LANGUAGE)) {
      languageType.setValue(peHeaders.get(IWindowsFileInfo.PE_LANGUAGE));
    } else {
      languageType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setLanguage(languageType);

    EntityItemVersionType versionType = Factories.sc.core.createEntityItemVersionType();
    versionType.setDatatype(SimpleDatatypeEnumeration.VERSION.value());
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_VERSION_MAJOR_PART)) {
      int major = Integer.parseInt(peHeaders.get(IWindowsFileInfo.PE_VERSION_MAJOR_PART));
      int minor = 0, build = 0, priv = 0;
      if (peHeaders.containsKey(IWindowsFileInfo.PE_VERSION_MINOR_PART)) {
        minor = Integer.parseInt(peHeaders.get(IWindowsFileInfo.PE_VERSION_MINOR_PART));
      }
      if (peHeaders.containsKey(IWindowsFileInfo.PE_VERSION_BUILD_PART)) {
        build = Integer.parseInt(peHeaders.get(IWindowsFileInfo.PE_VERSION_BUILD_PART));
      }
      if (peHeaders.containsKey(IWindowsFileInfo.PE_VERSION_PRIVATE_PART)) {
        priv = Integer.parseInt(peHeaders.get(IWindowsFileInfo.PE_VERSION_PRIVATE_PART));
      }
      if (major == 0 && minor == 0 && build == 0 && priv == 0) {
        versionType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
      } else {
        versionType.setValue(new Version(major, minor, build, priv).toString());
      }
    } else {
      versionType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setFileVersion(versionType);

    EntityItemStringType companyType = Factories.sc.core.createEntityItemStringType();
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_COMPANY_NAME)) {
      companyType.setValue(peHeaders.get(IWindowsFileInfo.PE_COMPANY_NAME));
    } else {
      companyType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setCompany(companyType);

    EntityItemStringType internalNameType = Factories.sc.core.createEntityItemStringType();
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_INTERNAL_NAME)) {
      internalNameType.setValue(peHeaders.get(IWindowsFileInfo.PE_INTERNAL_NAME));
    } else {
      internalNameType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setInternalName(internalNameType);

    EntityItemStringType productNameType = Factories.sc.core.createEntityItemStringType();
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_PRODUCT_NAME)) {
      productNameType.setValue(peHeaders.get(IWindowsFileInfo.PE_PRODUCT_NAME));
    } else {
      productNameType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setProductName(productNameType);

    EntityItemStringType originalFilenameType = Factories.sc.core.createEntityItemStringType();
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_ORIGINAL_NAME)) {
      originalFilenameType.setValue(peHeaders.get(IWindowsFileInfo.PE_ORIGINAL_NAME));
    } else {
      originalFilenameType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setOriginalFilename(originalFilenameType);

    EntityItemVersionType productVersionType = Factories.sc.core.createEntityItemVersionType();
    productVersionType.setDatatype(SimpleDatatypeEnumeration.VERSION.value());
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_PRODUCT_VERSION)) {
      productVersionType.setValue(peHeaders.get(IWindowsFileInfo.PE_PRODUCT_VERSION));
    } else {
      productVersionType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setProductVersion(productVersionType);

    EntityItemStringType developmentClassType = Factories.sc.core.createEntityItemStringType();
    if (peHeaders != null && peHeaders.containsKey(IWindowsFileInfo.PE_VERSION)) {
      try {
        developmentClassType.setValue(
            getDevelopmentClass(peHeaders.get(IWindowsFileInfo.PE_VERSION)));
      } catch (IllegalArgumentException e) {
        MessageType msg = Factories.common.createMessageType();
        msg.setLevel(MessageLevelEnumeration.INFO);
        msg.setValue(JOVALMsg.getMessage(JOVALMsg.STATUS_PE_DEVCLASS, e.getMessage()));
        item.getMessage().add(msg);
        developmentClassType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
      }
    } else {
      developmentClassType.setStatus(StatusEnumeration.DOES_NOT_EXIST);
    }
    item.setDevelopmentClass(developmentClassType);
  }
示例#4
0
  public Collection<XinetdItem> getItems(ObjectType obj, IRequestContext rc)
      throws CollectException {
    init();
    Collection<XinetdItem> items = new ArrayList<XinetdItem>();
    List<Service> list = new ArrayList<Service>();
    XinetdObject xObj = (XinetdObject) obj;
    try {
      String protocol = (String) xObj.getProtocol().getValue();
      OperationEnumeration op = xObj.getProtocol().getOperation();
      Pattern p = null;
      if (op == OperationEnumeration.PATTERN_MATCH) {
        p = StringTools.pattern(protocol);
      }
      for (Service service : services.values()) {
        String serviceProtocol = "";
        try {
          serviceProtocol = service.getString(Property.PROTOCOL);
        } catch (NoSuchElementException e) {
        }
        switch (op) {
          case EQUALS:
            if (protocol.equals(serviceProtocol)) {
              list.add(service);
            }
            break;
          case CASE_INSENSITIVE_EQUALS:
            if (protocol.equalsIgnoreCase(serviceProtocol)) {
              list.add(service);
            }
            break;
          case NOT_EQUAL:
            if (!protocol.equals(serviceProtocol)) {
              list.add(service);
            }
            break;
          case PATTERN_MATCH:
            if (p.matcher(serviceProtocol).find()) {
              list.add(service);
            }
            break;
          default:
            String msg = JOVALMsg.getMessage(JOVALMsg.ERROR_UNSUPPORTED_OPERATION, op);
            throw new CollectException(msg, FlagEnumeration.NOT_COLLECTED);
        }
      }

      String name = (String) xObj.getServiceName().getValue();
      op = xObj.getServiceName().getOperation();
      if (op == OperationEnumeration.PATTERN_MATCH) {
        p = StringTools.pattern(name);
      }
      for (Service service : list) {
        String serviceName = service.getName();
        switch (op) {
          case EQUALS:
            if (name.equals(serviceName)) {
              items.add(makeItem(service));
            }
            break;
          case CASE_INSENSITIVE_EQUALS:
            if (name.equalsIgnoreCase(serviceName)) {
              items.add(makeItem(service));
            }
            break;
          case NOT_EQUAL:
            if (!name.equals(serviceName)) {
              items.add(makeItem(service));
            }
            break;
          case PATTERN_MATCH:
            if (p.matcher(serviceName).find()) {
              items.add(makeItem(service));
            }
            break;
          default:
            String msg = JOVALMsg.getMessage(JOVALMsg.ERROR_UNSUPPORTED_OPERATION, op);
            throw new CollectException(msg, FlagEnumeration.NOT_COLLECTED);
        }
      }
    } catch (PatternSyntaxException e) {
      MessageType msg = Factories.common.createMessageType();
      msg.setLevel(MessageLevelEnumeration.ERROR);
      msg.setValue(JOVALMsg.getMessage(JOVALMsg.ERROR_PATTERN, e.getMessage()));
      rc.addMessage(msg);
      session.getLogger().warn(JOVALMsg.getMessage(JOVALMsg.ERROR_EXCEPTION), e);
    }
    return items;
  }