diff --git a/src/analyze.rs b/src/analyze.rs index c84979d..4c79c43 100644 --- a/src/analyze.rs +++ b/src/analyze.rs @@ -16,10 +16,14 @@ pub struct AnalyzerResult<'a> { pub pass: usize, pub fail: usize, pub error: usize, - pub analysis_results: Vec> + pub analysis_results: Vec>, } -pub fn default_analysis<'a>(nmap_run: &'a Run, mapping: &'a Mapping, portspecs: &'a PortSpecs) -> AnalyzerResult<'a> { +pub fn default_analysis<'a>( + nmap_run: &'a Run, + mapping: &'a Mapping, + portspecs: &'a PortSpecs, +) -> AnalyzerResult<'a> { let analyzer = Analyzer::new(&nmap_run, &mapping, &portspecs); let analysis_results = analyzer.analyze(); @@ -28,9 +32,15 @@ pub fn default_analysis<'a>(nmap_run: &'a Run, mapping: &'a Mapping, portspecs: let mut error = 0; for ar in &analysis_results { match ar.result { - AnalysisResult::Pass => {pass += 1;}, - AnalysisResult::Fail => {fail += 1;}, - AnalysisResult::Error{ .. } => {error += 1;}, + AnalysisResult::Pass => { + pass += 1; + } + AnalysisResult::Fail => { + fail += 1; + } + AnalysisResult::Error { .. } => { + error += 1; + } } } @@ -54,7 +64,7 @@ pub struct Analysis<'a> { pub enum AnalysisResult { Pass, Fail, - Error{ reason: String }, + Error { reason: String }, } #[derive(Debug, PartialEq, Serialize)] @@ -78,11 +88,7 @@ pub struct Analyzer<'a> { } impl<'a> Analyzer<'a> { - pub fn new( - nmap_run: &'a Run, - mapping: &'a Mapping, - portspecs: &'a PortSpecs, - ) -> Analyzer<'a> { + pub fn new(nmap_run: &'a Run, mapping: &'a Mapping, portspecs: &'a PortSpecs) -> Analyzer<'a> { let scanned_host_by_ip = run_to_scanned_hosts_by_ip(&nmap_run); let portspec_by_ip = portspec_by_ip(&mapping, &portspecs); @@ -95,16 +101,16 @@ impl<'a> Analyzer<'a> { pub fn analyze(&self) -> Vec> { self.scanned_host_by_ip .iter() - .map(|(ip, host)| { - match self.portspec_by_ip.get(ip) { - Some(ps) => analyze_host(ip, host, ps), - None => Analysis { - ip, - portspec_name: None, - result: AnalysisResult::Error{reason: "no port spec found for this IP address".to_owned()}, - port_results: Vec::new(), - } - } + .map(|(ip, host)| match self.portspec_by_ip.get(ip) { + Some(ps) => analyze_host(ip, host, ps), + None => Analysis { + ip, + portspec_name: None, + result: AnalysisResult::Error { + reason: "no port spec found for this IP address".to_owned(), + }, + port_results: Vec::new(), + }, }) .collect() } @@ -124,7 +130,7 @@ fn portspec_by_ip<'a>( portspec: &'a PortSpecs, ) -> BTreeMap<&'a IpAddr, &'a portspec::PortSpec> { let pss = portspecs_to_portspec_by_name(portspec); - let mut psbi= BTreeMap::new(); + let mut psbi = BTreeMap::new(); for m in &mapping.mappings { let key: &str = &m.port_spec; @@ -257,21 +263,19 @@ mod tests { #[test] fn analyzer_no_mapping_for_ip() { let portspecs = portspec::PortSpecs { - port_specs: vec![ - portspec::PortSpec { - name: "Unused Group".to_owned(), - ports: vec![ - portspec::Port { - id: 22, - state: portspec::PortState::Closed, - }, - portspec::Port { - id: 25, - state: portspec::PortState::Open, - }, - ], - }, - ] + port_specs: vec![portspec::PortSpec { + name: "Unused Group".to_owned(), + ports: vec![ + portspec::Port { + id: 22, + state: portspec::PortState::Closed, + }, + portspec::Port { + id: 25, + state: portspec::PortState::Open, + }, + ], + }], }; let nmap = nmap_data(); let mapping = mapping_data(); @@ -282,9 +286,13 @@ mod tests { assert_that(&analysis).has_length(2); let res0 = &analysis[0]; - assert_that!(&res0.result).is_equal_to(AnalysisResult::Error{reason: "no port spec found for this IP address".to_owned()}); + assert_that!(&res0.result).is_equal_to(AnalysisResult::Error { + reason: "no port spec found for this IP address".to_owned(), + }); let res1 = &analysis[1]; - assert_that!(&res1.result).is_equal_to(AnalysisResult::Error{reason: "no port spec found for this IP address".to_owned()}); + assert_that!(&res1.result).is_equal_to(AnalysisResult::Error { + reason: "no port spec found for this IP address".to_owned(), + }); } #[test] @@ -847,11 +855,14 @@ mod tests { Host { id: "i-0".to_owned(), hostname: "ec2-192.168.0.3".to_owned(), - ips: vec!["192.168.0.3".parse().unwrap(), "192.168.0.3".parse().unwrap()], + ips: vec![ + "192.168.0.3".parse().unwrap(), + "192.168.0.3".parse().unwrap(), + ], name: "Group B server".to_owned(), port_spec: "Group B".to_owned(), }, - ] + ], } } diff --git a/src/lib.rs b/src/lib.rs index 0dba079..20ace39 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -21,7 +21,7 @@ pub mod nmap; pub mod output; pub mod portspec; -pub use analyze::{Analyzer, AnalyzerResult, Analysis, AnalysisResult, default_analysis}; +pub use analyze::{default_analysis, Analysis, AnalysisResult, Analyzer, AnalyzerResult}; pub use mapping::Mapping; pub use nmap::Run; pub use portspec::PortSpecs; @@ -43,16 +43,18 @@ error_chain! { pub trait FromFile { fn from_file, E>(path: P) -> ::std::result::Result - where Self: Sized + FromStr, E: error_chain::ChainedError { + where + Self: Sized + FromStr, + E: error_chain::ChainedError, + { + let contents = Self::string_from_file(path).chain_err(|| ErrorKind::InvalidFileFormat)?; - let contents = Self::string_from_file(path) - .chain_err(|| ErrorKind::InvalidFileFormat)?; - - Self::from_str(&contents) - .chain_err(|| ErrorKind::InvalidFileFormat) + Self::from_str(&contents).chain_err(|| ErrorKind::InvalidFileFormat) } - fn string_from_file>(path: P) -> ::std::result::Result { + fn string_from_file>( + path: P, + ) -> ::std::result::Result { let path: &Path = path.as_ref(); let mut file = File::open(path)?; @@ -77,4 +79,3 @@ where let s = String::deserialize(deserializer)?; T::from_str(&s).map_err(de::Error::custom) } - diff --git a/src/main.rs b/src/main.rs index 82fade1..8b4f66e 100644 --- a/src/main.rs +++ b/src/main.rs @@ -8,8 +8,8 @@ extern crate nmap_analyze; extern crate structopt; use clams::prelude::*; -use nmap_analyze::*; use nmap_analyze::output::{OutputConfig, OutputDetail, OutputFormat}; +use nmap_analyze::*; use std::path::{Path, PathBuf}; use structopt::StructOpt; @@ -25,7 +25,8 @@ error_chain!{ } #[derive(StructOpt, Debug)] -#[structopt(name = "nmap-analyze", +#[structopt( + name = "nmap-analyze", about = "analyze nmap xml output and compares port states with specification", raw(setting = "structopt::clap::AppSettings::ColoredHelp") )] @@ -40,10 +41,19 @@ struct Args { #[structopt(short = "p", long = "portspec", parse(from_os_str))] portspec: PathBuf, /// Select output format - #[structopt(short = "o", long = "output", default_value = "human", raw(possible_values = r#"&["human", "json", "none"]"#))] + #[structopt( + short = "o", + long = "output", + default_value = "human", + raw(possible_values = r#"&["human", "json", "none"]"#) + )] output_format: OutputFormat, /// Select output detail level for human output - #[structopt(long = "output-detail", default_value = "fail", raw(possible_values = r#"&["fail", "all"]"#))] + #[structopt( + long = "output-detail", + default_value = "fail", + raw(possible_values = r#"&["fail", "all"]"#) + )] output_detail: OutputDetail, /// Do not use colored output #[structopt(long = "no-color")] @@ -67,7 +77,13 @@ fn run() -> Result { color: !args.no_color, }; - run_nmap_analyze(&args.nmap, &args.mapping, &args.portspec, &output_config, args.silent) + run_nmap_analyze( + &args.nmap, + &args.mapping, + &args.portspec, + &output_config, + args.silent, + ) } fn setup(name: &str, args: &Args) { @@ -75,7 +91,8 @@ fn setup(name: &str, args: &Args) { let level: Level = args.verbosity.into(); if !args.silent { - eprintln!("{} version={}, log level={:?}", + eprintln!( + "{} version={}, log level={:?}", name, env!("CARGO_PKG_VERSION"), &level @@ -83,35 +100,35 @@ fn setup(name: &str, args: &Args) { } let log_config = LogConfig::new( - std::io::stderr(), - false, - Level(log::LevelFilter::Error), - vec![ - ModLevel { + std::io::stderr(), + false, + Level(log::LevelFilter::Error), + vec![ModLevel { module: name.to_owned(), level, - }, - ], - None, + }], + None, ); - init_logging(log_config) - .expect("Failed to initialize logging"); + init_logging(log_config).expect("Failed to initialize logging"); } -fn run_nmap_analyze>(nmap_file: T, mapping_file: T, portspecs_file: T, output_config: &OutputConfig, silent: bool) -> Result { +fn run_nmap_analyze>( + nmap_file: T, + mapping_file: T, + portspecs_file: T, + output_config: &OutputConfig, + silent: bool, +) -> Result { info!("Loading port specification file"); - let portspecs = PortSpecs::from_file(portspecs_file.as_ref()) - .chain_err(|| ErrorKind::InvalidFile)?; + let portspecs = + PortSpecs::from_file(portspecs_file.as_ref()).chain_err(|| ErrorKind::InvalidFile)?; info!("Loading mappings file"); - let mapping = Mapping::from_file(mapping_file.as_ref()) - .chain_err(|| ErrorKind::InvalidFile)?; + let mapping = Mapping::from_file(mapping_file.as_ref()).chain_err(|| ErrorKind::InvalidFile)?; info!("Loading nmap file"); - let nmap_run = Run::from_file(nmap_file.as_ref()) - .chain_err(|| ErrorKind::InvalidFile)?; + let nmap_run = Run::from_file(nmap_file.as_ref()).chain_err(|| ErrorKind::InvalidFile)?; info!("Checking nmap sanity"); - nmap_run.is_sane() - .chain_err(|| ErrorKind::InvalidFile)?; + nmap_run.is_sane().chain_err(|| ErrorKind::InvalidFile)?; info!("Analyzing"); let analyzer_result = default_analysis(&nmap_run, &mapping, &portspecs); @@ -124,7 +141,8 @@ fn run_nmap_analyze>(nmap_file: T, mapping_file: T, portspecs_fil info!("Summarizing"); if !silent { - println!("Analyzer result summary: {}={}, {}={}, {}={}", + println!( + "Analyzer result summary: {}={}, {}={}, {}={}", "passed".green(), analyzer_result.pass, "failed".red(), @@ -135,19 +153,21 @@ fn run_nmap_analyze>(nmap_file: T, mapping_file: T, portspecs_fil } match analyzer_result { - AnalyzerResult{ fail: 0, error: 0, .. } => { - Ok(0) - }, - AnalyzerResult{ fail: x, error: 0, .. } if x > 0 => { + AnalyzerResult { + fail: 0, error: 0, .. + } => Ok(0), + AnalyzerResult { + fail: x, error: 0, .. + } + if x > 0 => + { Ok(11) - }, - AnalyzerResult{ error: x, .. } if x > 0 => { - Ok(12) - }, - AnalyzerResult{ .. } => { + } + AnalyzerResult { error: x, .. } if x > 0 => Ok(12), + AnalyzerResult { .. } => { error!("This not possible and just to satify the compiler"); Ok(13) - }, + } } } @@ -156,16 +176,15 @@ fn output(output_config: &OutputConfig, analyzer_result: &AnalyzerResult) -> Res OutputFormat::Human => { use nmap_analyze::output::HumanOutput; analyzer_result.output_tty(output_config) - }, + } OutputFormat::Json => { use nmap_analyze::output::JsonOutput; let stdout = ::std::io::stdout(); let mut writer = stdout.lock(); analyzer_result.output(output_config, &mut writer) - }, + } OutputFormat::None => Ok(()), }.map_err(|e| e.into()) } quick_main!(run); - diff --git a/src/mapping.rs b/src/mapping.rs index 7aea2e3..948a6f7 100644 --- a/src/mapping.rs +++ b/src/mapping.rs @@ -31,8 +31,7 @@ impl FromStr for Mapping { impl Mapping { fn from_bytes(buffer: &[u8]) -> Result { - serde_json::from_slice(buffer) - .chain_err(|| ErrorKind::InvalidMappings) + serde_json::from_slice(buffer).chain_err(|| ErrorKind::InvalidMappings) } } @@ -57,10 +56,7 @@ where let v = Vec::deserialize(deserializer)?; let res: ::std::result::Result, _> = v .into_iter() - .map(|a: &str| - IpAddr::from_str(a) - .map_err(Error::custom) - ) + .map(|a: &str| IpAddr::from_str(a).map_err(Error::custom)) .collect(); res diff --git a/src/nmap.rs b/src/nmap.rs index 9fceaa7..0ff4cbc 100644 --- a/src/nmap.rs +++ b/src/nmap.rs @@ -1,4 +1,4 @@ -use super::{FromFile, SanityCheck, from_str}; +use super::{from_str, FromFile, SanityCheck}; use serde_xml_rs; use std::net::IpAddr; @@ -69,7 +69,7 @@ impl SanityCheck for Run { fn is_sane(&self) -> Result<()> { if !self.has_dd_options() { return Err(Error::from_kind(ErrorKind::InsaneNmapFile( - "nmap has been run without -dd option; use nmap -dd ..".to_owned() + "nmap has been run without -dd option; use nmap -dd ..".to_owned(), ))); } diff --git a/src/output.rs b/src/output.rs index 3f70d8c..78c4146 100644 --- a/src/output.rs +++ b/src/output.rs @@ -1,4 +1,4 @@ -use analyze::{AnalyzerResult, AnalysisResult, PortAnalysisResult, PortAnalysisReason}; +use analyze::{AnalysisResult, AnalyzerResult, PortAnalysisReason, PortAnalysisResult}; use prettytable::cell::Cell; use prettytable::row::Row; @@ -34,11 +34,11 @@ pub enum OutputFormat { impl FromStr for OutputFormat { type Err = Error; fn from_str(s: &str) -> ::std::result::Result { - match s.to_lowercase().as_ref() { + match s.to_lowercase().as_ref() { "human" => Ok(OutputFormat::Human), "json" => Ok(OutputFormat::Json), "none" => Ok(OutputFormat::None), - _ => Err(ErrorKind::InvalidOutputFormat(s.to_string()).into()) + _ => Err(ErrorKind::InvalidOutputFormat(s.to_string()).into()), } } } @@ -52,10 +52,10 @@ pub enum OutputDetail { impl FromStr for OutputDetail { type Err = Error; fn from_str(s: &str) -> ::std::result::Result { - match s.to_lowercase().as_ref() { + match s.to_lowercase().as_ref() { "fail" => Ok(OutputDetail::Fail), "all" => Ok(OutputDetail::All), - _ => Err(ErrorKind::InvalidOutputDetail(s.to_string()).into()) + _ => Err(ErrorKind::InvalidOutputDetail(s.to_string()).into()), } } } @@ -78,9 +78,9 @@ pub trait HumanOutput { impl<'a> JsonOutput for AnalyzerResult<'a> { fn output(&self, _: &OutputConfig, writer: &mut T) -> Result<()> { - let json_str = serde_json::to_string(self) - .chain_err(|| ErrorKind::OutputFailed)?; - writer.write(json_str.as_bytes()) + let json_str = serde_json::to_string(self).chain_err(|| ErrorKind::OutputFailed)?; + writer + .write(json_str.as_bytes()) .chain_err(|| ErrorKind::OutputFailed)?; Ok(()) @@ -89,7 +89,9 @@ impl<'a> JsonOutput for AnalyzerResult<'a> { impl<'a> HumanOutput for AnalyzerResult<'a> { fn output(&self, output_config: &OutputConfig, writer: &mut T) -> Result<()> { - self.build_table(output_config).print(writer).chain_err(|| ErrorKind::OutputFailed) + self.build_table(output_config) + .print(writer) + .chain_err(|| ErrorKind::OutputFailed) } fn output_tty(&self, output_config: &OutputConfig) -> Result<()> { @@ -99,7 +101,8 @@ impl<'a> HumanOutput for AnalyzerResult<'a> { } else { let stdout = ::std::io::stdout(); let mut writer = stdout.lock(); - self.build_table(output_config).print(&mut writer) + self.build_table(output_config) + .print(&mut writer) .chain_err(|| ErrorKind::OutputFailed) } } @@ -132,7 +135,7 @@ impl<'a> AnalyzerResult<'a> { match a.result { AnalysisResult::Error { ref reason } => Cell::new(reason), _ => Cell::new(""), - } + }, ]); table.add_row(row); @@ -166,7 +169,9 @@ fn analysis_result_to_cell(result: &AnalysisResult) -> Cell { match result { AnalysisResult::Pass => Cell::new("Pass").with_style(Attr::ForegroundColor(color::GREEN)), AnalysisResult::Fail => Cell::new("Fail").with_style(Attr::ForegroundColor(color::RED)), - AnalysisResult::Error{ .. } => Cell::new("Error").with_style(Attr::ForegroundColor(color::RED)), + AnalysisResult::Error { .. } => { + Cell::new("Error").with_style(Attr::ForegroundColor(color::RED)) + } } } @@ -182,18 +187,30 @@ fn port_analysis_result_to_port_string(result: &PortAnalysisResult) -> String { fn port_analysis_result_to_port_result_cell(result: &PortAnalysisResult) -> Cell { match result { - PortAnalysisResult::Pass(_) => Cell::new("passed").with_style(Attr::ForegroundColor(color::GREEN)), - PortAnalysisResult::Fail(_, _) => Cell::new("failed").with_style(Attr::ForegroundColor(color::RED)), - PortAnalysisResult::NotScanned(_) => Cell::new("not scanned").with_style(Attr::ForegroundColor(color::YELLOW)), - PortAnalysisResult::Unknown(_) => Cell::new("unknown").with_style(Attr::ForegroundColor(color::RED)), + PortAnalysisResult::Pass(_) => { + Cell::new("passed").with_style(Attr::ForegroundColor(color::GREEN)) + } + PortAnalysisResult::Fail(_, _) => { + Cell::new("failed").with_style(Attr::ForegroundColor(color::RED)) + } + PortAnalysisResult::NotScanned(_) => { + Cell::new("not scanned").with_style(Attr::ForegroundColor(color::YELLOW)) + } + PortAnalysisResult::Unknown(_) => { + Cell::new("unknown").with_style(Attr::ForegroundColor(color::RED)) + } } } fn port_analysis_result_to_port_result_reason(result: &PortAnalysisResult) -> String { match result { PortAnalysisResult::Pass(_) => "", - PortAnalysisResult::Fail(_, PortAnalysisReason::OpenButClosed) => "expected Open, found Closed", - PortAnalysisResult::Fail(_, PortAnalysisReason::ClosedButOpen) => "expected Closed, found Open", + PortAnalysisResult::Fail(_, PortAnalysisReason::OpenButClosed) => { + "expected Open, found Closed" + } + PortAnalysisResult::Fail(_, PortAnalysisReason::ClosedButOpen) => { + "expected Closed, found Open" + } PortAnalysisResult::Fail(_, PortAnalysisReason::Unknown) => "unknown", PortAnalysisResult::NotScanned(_) => "", PortAnalysisResult::Unknown(_) => "", diff --git a/src/portspec.rs b/src/portspec.rs index 140069c..84994bb 100644 --- a/src/portspec.rs +++ b/src/portspec.rs @@ -1,4 +1,4 @@ -use super::{FromFile, from_str}; +use super::{from_str, FromFile}; use serde_yaml; use std::str::FromStr; @@ -34,8 +34,7 @@ impl FromStr for PortSpecs { impl PortSpecs { fn from_bytes(buffer: &[u8]) -> Result { - serde_yaml::from_slice(buffer) - .chain_err(|| ErrorKind::InvalidPortSpecs) + serde_yaml::from_slice(buffer).chain_err(|| ErrorKind::InvalidPortSpecs) } } diff --git a/tests/use_case.rs b/tests/use_case.rs index 54a9d04..6b9caa9 100644 --- a/tests/use_case.rs +++ b/tests/use_case.rs @@ -1,8 +1,8 @@ extern crate nmap_analyze; extern crate spectral; -use nmap_analyze::*; use nmap_analyze::output::{OutputConfig, OutputDetail, OutputFormat}; +use nmap_analyze::*; use spectral::prelude::*; @@ -28,8 +28,10 @@ fn run_nmap_analyze_human_failed_output() { "##; use nmap_analyze::output::HumanOutput; - let portspecs = PortSpecs::from_file("tests/portspecs.yml").expect("Failed to load portspecs file"); - let mapping = Mapping::from_file("tests/portspec_mapping.json").expect("Failed to mappings file"); + let portspecs = + PortSpecs::from_file("tests/portspecs.yml").expect("Failed to load portspecs file"); + let mapping = + Mapping::from_file("tests/portspec_mapping.json").expect("Failed to mappings file"); let nmap_run = Run::from_file("tests/nmap-dd_all_ports.xml").expect("Failed to load nmap file"); nmap_run.is_sane().expect("Nmap file is not sane"); @@ -43,9 +45,12 @@ fn run_nmap_analyze_human_failed_output() { let mut buffer = String::from("\n"); // \n allows for nicer expected raw string formatting. unsafe { - analyzer_result.output(&output_config, &mut buffer.as_mut_vec()).expect("Output failed") + analyzer_result + .output(&output_config, &mut buffer.as_mut_vec()) + .expect("Output failed") } - asserting("Output is correct").that(&buffer.as_ref()).is_equal_to(expected_output); + asserting("Output is correct") + .that(&buffer.as_ref()) + .is_equal_to(expected_output); } -