fix tests

Author: jostaub

docs/content/en/connecting_your_tools/parsers/file/openvas.md

@@ -15,3 +15,9 @@ By default, DefectDojo identifies duplicate Findings using these [hashcode field
 - line
 - file path
 - description
+
+### Parser V2 Changes
+Version 2 comes with multiple improvments:
+- Increased parsing Consistensy between the xml and csv parser
+- Combined findings where the only differences are in fields that can’t be rehashed due to inconsistent values between scans e.g fields with timestamps or packet ids.
+- Parser now combines multiple identical findings with different endpoints into one findings with multiple endpoints (instead of multiple findings with one endpoint each)

docs/content/en/connecting_your_tools/parsers/file/openvas_v2.md

@@ -1348,7 +1348,7 @@ def saml2_attrib_map_format(din):
     "Qualys Hacker Guardian Scan": ["title", "severity", "description"],
     "Cyberwatch scan (Galeax)": ["title", "description", "severity"],
     "Cycognito Scan": ["title", "severity"],
-    "OpenVAS Parser v2": ["title", "unique_id_from_tool", "vuln_id_from_tool"],
+    "OpenVAS Parser v2": ["title", "severity", "vuln_id_from_tool"],
 }
 
 # Override the hardcoded settings here via the env var

dojo/settings/settings.dist.py

@@ -119,7 +119,12 @@ def requires_tool_type(scan_type):
                 module = import_module(f"dojo.tools.{module_name}.parser")
                 for attribute_name in dir(module):
                     attribute = getattr(module, attribute_name)
-                    if isclass(attribute) and attribute_name.lower() == module_name.replace("_", "") + "parser":
+                    # Allow parser class names with optional v[number] suffix (e.g., OpenVASParser, OpenVASParserV2)
+                    expected_base = module_name.replace("_", "") + "parser"
+                    if isclass(attribute) and (
+                        attribute_name.lower() == expected_base or 
+                        re.match(rf"^{re.escape(expected_base)}v\d+$", attribute_name.lower())
+                    ):
                         register(attribute)
         except:
             logger.exception(f"failed to load {module_name}")

dojo/tools/factory.py

@@ -1,5 +1,7 @@
-from dojo.tools.openvas.csv_parser import OpenVASCSVParser
-from dojo.tools.openvas.xml_parser import OpenVASXMLParser
+from dojo.tools.openvas.parser_v1.csv_parser import OpenVASCSVParser
+from dojo.tools.openvas.parser_v1.xml_parser import OpenVASXMLParser
+from dojo.tools.openvas.parser_v2.csv_parser import OpenVASCSVParserV2
+from dojo.tools.openvas.parser_v2.xml_parser import OpenVASXMLParserV2
 
 
 class OpenVASParser:
@@ -18,3 +20,21 @@ def get_findings(self, filename, test):
         if str(filename.name).endswith(".xml"):
             return OpenVASXMLParser().get_findings(filename, test)
         return None
+
+
+class OpenVASParserV2:
+    def get_scan_types(self):
+        return ["OpenVAS Parser v2"]
+
+    def get_label_for_scan_types(self, scan_type):
+        return scan_type
+
+    def get_description_for_scan_types(self, scan_type):
+        return "Import CSV or XML output of Greenbone OpenVAS report."
+
+    def get_findings(self, filename, test):
+        if str(filename.name).endswith(".csv"):
+            return OpenVASCSVParserV2().get_findings(filename, test)
+        if str(filename.name).endswith(".xml"):
+            return OpenVASXMLParserV2().get_findings(filename, test)
+        return None

dojo/tools/openvas/parser.py

@@ -36,8 +36,6 @@ def update_finding(finding: Finding, aux_info: OpenVASFindingAuxData):
 def deduplicate(dupes: dict[str, Finding], finding: Finding):
     """Combine multiple openvas findings into one defectdojo finding with multiple endpoints"""
     finding_hash = dedup_finding_hash(finding)
-    # deliberately missuse unique_id_from_tool to save some original values
-    finding.unique_id_from_tool = id_from_tool_finding_hash(finding)
 
     if finding_hash not in dupes:
         dupes[finding_hash] = finding
@@ -70,28 +68,13 @@ def deduplicate(dupes: dict[str, Finding], finding: Finding):
 def id_from_tool_finding_hash(finding: Finding):
     """Generate a hash that complements final hash generating outside of this parser"""
     endpoint = finding.unsaved_endpoints[0]
-    hash_data = [
-        str(endpoint.protocol),
-        str(endpoint.userinfo),
-        str(endpoint.port),  # keep findings on different port seperate as it may be different applications
-        str(endpoint.path),
-        str(endpoint.fragment),
-        finding.severity,  # allows changing severity of finding after import
-    ]
-    return hashlib.sha256("|".join(hash_data).encode("utf-8")).hexdigest()
 
+    if "endpoints" in HASHCODE_FIELDS_PER_SCANNER["OpenVAS Parser v2"]:
+        pass
 
-def dedup_finding_hash(finding: Finding):
-    """Generate a hash for a finding that is used for deduplication of findings inside the current report"""
-    endpoint = finding.unsaved_endpoints[0]
     hash_data = [
         str(endpoint.protocol),
-        str(endpoint.userinfo),
-        str(endpoint.port),
-        str(endpoint.path),
-        str(endpoint.fragment),
-        finding.title,
-        finding.vuln_id_from_tool,
-        finding.severity,
+        str(endpoint.port),  # keep findings on different port seperate as it may be different applications
+        finding.severity,  # allows changing severity of finding after import
     ]
     return hashlib.sha256("|".join(hash_data).encode("utf-8")).hexdigest()