Module: CertBot::MailAgent

Defined in:

lib/cert_bot/mail_agent.rb

Overview

Module to handle the mail creation and propagation of the message for a given rss item

Class Method Summary

• .call_smtp(message, config) ⇒ Object private
• .create_introduction_string(update_status) ⇒ String private

  private method to create the mail introduction based on the update state of the advisory.

• .retrieve_affected_products(wid) ⇒ String private

  private method to retrieve the affected products and create an output string for the mail.

• .retrieve_cves(wid) ⇒ String private

  private method to retrieve the cves and create an output string for the mail.

• .retrieve_cvss_score(wid) ⇒ String private

  private method to retrieve the cvss score and create an output string for the mail.

• .send_mail(item, config_file) ⇒ String

  method to generate a mail for a given item of the rss feed.

Class Method Details

.call_smtp(message, config) ⇒ Object (private)

# File 'lib/cert_bot/mail_agent.rb', line 96

private_class_method def self.call_smtp(message, config)
  Net::SMTP.start(config.config_hash["address"], config.config_hash["port"], helo: config.config_hash["helo"], 
                  user: config.config_hash["user"], secret: config.config_hash["password"], 
                  authtype: config.config_hash["authtype"], tls_verify: config.config_hash["tls_verify"],
                  tls_hostname: config.config_hash["tls_hostname"]) do |smtp|
    smtp.send_message(message, config.config_hash["from"], config.config_hash["to"])
  end
  nil
end

.create_introduction_string(update_status) ⇒ String (private)

private method to create the mail introduction based on the update state of the advisory

Parameters:

• update_status (Symbol) —

  the update status of the advisory

Returns:

• (String) —

  the output string for the mail text

# File 'lib/cert_bot/mail_agent.rb', line 45

private_class_method def self.create_introduction_string(update_status)
  if (CertBot::Data::UpdateStatus.get_mapping_for(update_status) == :new)
    return "Our CERT RSS Feed received a new security advisory:\n\n"
  end
  "Our CERT RSS Feed received an updated security advisory:\n\n"
end

.retrieve_affected_products(wid) ⇒ String (private)

private method to retrieve the affected products and create an output string for the mail

Parameters:

• wid (String) —

  the id of the advisory

Returns:

• (String) —

  the output string for the mail text

# File 'lib/cert_bot/mail_agent.rb', line 77

private_class_method def self.retrieve_affected_products(wid)
  product_list = CertBot::AdvisoryParser.retrieve_affected_products(wid)

  affected_products = "Affected versions:\n"
  product_list.each { |product|
    6.times { affected_products.concat(" ") }
    affected_products.concat(product["name"]).concat("\n")
  }
  affected_products
end

.retrieve_cves(wid) ⇒ String (private)

private method to retrieve the cves and create an output string for the mail

Parameters:

• wid (String) —

  the id of the advisory

Returns:

• (String) —

  the output string for the mail text

# File 'lib/cert_bot/mail_agent.rb', line 55

private_class_method def self.retrieve_cves(wid)
  cve_list = CertBot::AdvisoryParser.retrieve_cves(wid)

  cves = "CVEs:"
  counter = 0
  cve_list.each { |cve_id|
    cves.concat(" ").concat(cve_id)
    counter += 1

    # write only 5 cve per line then make linebreak
    if (counter == 5)
      cves.concat("\n")
      5.times { cves.concat(" ") }
      counter = 0
    end
  }
  cves
end

.retrieve_cvss_score(wid) ⇒ String (private)

private method to retrieve the cvss score and create an output string for the mail

Parameters:

• wid (String) —

  the id of the advisory

Returns:

• (String) —

  the output string for the mail text

# File 'lib/cert_bot/mail_agent.rb', line 91

private_class_method def self.retrieve_cvss_score(wid)
  cvss_score = CertBot::AdvisoryParser.retrieve_cvss_score(wid)
  "CVSS Score (#{cvss_score["version"]}): #{cvss_score["temporalscore"]/10.0}\n"
end

.send_mail(item, config_file) ⇒ String

method to generate a mail for a given item of the rss feed

Parameters:

• item (RSS:Item) —

  the rss item for a feed entry

• config_file (String) —

  the file path to the configuration file

Returns:

• (String) —

  them mail message

# File 'lib/cert_bot/mail_agent.rb', line 15

def self.send_mail(item, config_file)
  wid = item.link.split("=")[1]
  timestamp = item.pubDate.localtime
  config = CertBot::Configuration.new(Pathname.new(config_file))
  update_status = CertBot::AdvisoryParser.retrieve_update_status(wid)
  
  message = "From: CERT RSS <#{config.config_hash["from"]}>\n"
  message.concat("To: #{config.config_hash["to"]}\n")
  message.concat("Subject: CERT Report (#{wid}) - #{item.title.split(":")[0]}\n\n")
  message.concat(create_introduction_string(update_status))
  message.concat("Title: #{item.title}\n")
  message.concat("Description: #{item.description}\n")
  message.concat("Link: #{item.link}\n")
  message.concat("Date: #{timestamp}\n")
  message.concat("Status: #{update_status}\n")
  message.concat("Severity: #{item.category.content}\n")
  message.concat(retrieve_cvss_score(wid))
  message.concat("#{retrieve_cves(wid)}")
  message.concat("\n#{retrieve_affected_products(wid)}")
  message.concat("WID: #{wid}\n\n")
  message.concat("Best wishes,\n")
  message.concat("Your CERT Bot.")

  call_smtp(message, config)
  message
end