Mercurial Repositories > eric / annotate

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/snmpSecurity.py@f5f5f5803935 (annotated)

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/snmpSecurity.py

Tue, 10 Dec 2024 15:46:34 +0100

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Tue, 10 Dec 2024 15:46:34 +0100
branch
eric7
changeset 11090
f5f5f5803935
parent 10683
779cda568acb
child 11147
dee6e106b4d3
permissions
-rw-r--r--

Updated copyright for 2025.

9325
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
11090
f5f5f5803935 Updated copyright for 2025.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10683
diff changeset
3 # Copyright (c) 2022 - 2025 Detlev Offenbach <detlev@die-offenbachs.de>
9325
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing checks for the insecure use of SNMP.
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 #
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 # This is a modified version of the one found in the bandit package.
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12 #
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
13 # Original Copyright (c) 2018 SolarWinds, Inc.
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14 #
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 # SPDX-License-Identifier: Apache-2.0
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 #
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
19 def getChecks():
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21 Public method to get a dictionary with checks handled by this module.
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23 @return dictionary containing checker lists containing checker function and
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 list of codes
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25 @rtype dict
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
26 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
27 return {
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28 "Call": [
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
29 (checkInsecureVersion, ("S508",)),
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
30 (checkWeakCryptography, ("S509",)),
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
31 ],
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
32 }
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
33
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
34
10683
779cda568acb Changed the source code and the source code documentation to improve the indication of unused method/function arguments.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
35 def checkInsecureVersion(reportError, context, _config):
9325
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
36 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 Function to check for the use of insecure SNMP version like
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38 v1, v2c.
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
39
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 @param reportError function to be used to report errors
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 @type func
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42 @param context security context object
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 @type SecurityContext
10683
779cda568acb Changed the source code and the source code documentation to improve the indication of unused method/function arguments.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
44 @param _config dictionary with configuration data (unused)
9325
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
45 @type dict
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47 if context.callFunctionNameQual == "pysnmp.hlapi.CommunityData" and (
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
48 context.checkCallArgValue("mpModel", 0)
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
49 or context.check_call_arg_value("mpModel", 1)
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
50 ):
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
51 # We called community data. Lets check our args
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52 reportError(
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53 context.node.lineno - 1,
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54 context.node.col_offset,
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55 "S508",
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 "M",
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57 "H",
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
58 )
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60
10683
779cda568acb Changed the source code and the source code documentation to improve the indication of unused method/function arguments.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
61 def checkWeakCryptography(reportError, context, _config):
9325
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
62 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
63 Function to check for the use of insecure SNMP cryptography
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64 (i.e. v3 using noAuthNoPriv).
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 @param reportError function to be used to report errors
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
67 @type func
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
68 @param context security context object
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
69 @type SecurityContext
10683
779cda568acb Changed the source code and the source code documentation to improve the indication of unused method/function arguments.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
70 @param _config dictionary with configuration data (unused)
9325
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
71 @type dict
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
72 """
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 if (
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 context.callFunctionNameQual == "pysnmp.hlapi.UsmUserData"
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
75 and context.callArgsCount < 3
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
76 ):
8157eb19aba5 Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
77 reportError(context.node.lineno - 1, context.node.col_offset, "S509", "M", "H")

Mercurial Repository: eric

eric ide

mercurial