fix: improve dhclient checker and add dhcpd checker

[ffontaine]

• isc:dhcp CPE ID is not only related to ISC DHCP client but also to ISC DHCP server as both components have the same source code
• Drop second pattern which is not used to find version in RPM
• Add debian and OpenWRT test packages as well as additional signatures
• Add dhcpd checker

Signed-off-by: Fabrice Fontaine fabrice.fontaine@orange.com

[terriko]

Interesting fixes needed on this one. I wonder if it would make more sense to merge them? but this looks good for now.

[terriko]

Whoops, hit approve too soon.

FAILED test/test_scanner.py::TestScanner::test_version_in_package[http://archive.ubuntu.com/ubuntu/pool/universe/b/busybox/-busybox_1.18.5-1ubuntu4_amd64.deb-busybox-1.18.5-other_products63] - AssertionError: dhcp found in busybox_1.18.5-1ubuntu4_amd64.deb. If that's expected, make sure to add dhcp to the expected list of other_products.
assert 'dhcp' not in {'busybox', 'dhcp', 'dhcpd'}

I guess we can probably just add dhcp to other_products in the dhcpd tests to fix this. Although, as I said, I wouldn't be adverse to combining the checkers given the way the source works here.

[ffontaine]

Indeed, ISC DHCP client and server share a part of their source code as well as isc:dhcp CPE ID. However, they also have different signatures and additional dedicated CPE IDs (isc:dhcp_client and isc:dhcpd). So, I think we should keep checkers separate.

[codecov-commenter]

Codecov Report

Merging #2642 (325b40d) into main (02e4438) will decrease coverage by 0.08%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main    #2642      +/-   ##
==========================================
- Coverage   82.72%   82.65%   -0.08%     
==========================================
  Files         634      636       +2     
  Lines        9970     9980      +10     
  Branches     1334     1334              
==========================================
+ Hits         8248     8249       +1     
- Misses       1383     1388       +5     
- Partials      339      343       +4     

Flag	Coverage Δ
longtests	82.13% <100.00%> (+<0.01%)	⬆️
win-longtests	80.03% <100.00%> (-0.08%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
cve_bin_tool/checkers/__init__.py	95.55% <ø> (ø)
test/test_data/dhclient.py	100.00% <ø> (ø)
cve_bin_tool/checkers/dhclient.py	100.00% <100.00%> (ø)
cve_bin_tool/checkers/dhcpd.py	100.00% <100.00%> (ø)
test/test_data/dhcpd.py	100.00% <100.00%> (ø)
cve_bin_tool/data_sources/osv_source.py	79.43% <0.00%> (-11.22%)	⬇️
cve_bin_tool/cve_scanner.py	77.90% <0.00%> (-3.49%)	⬇️
cve_bin_tool/output_engine/console.py	93.60% <0.00%> (-1.61%)	⬇️
cve_bin_tool/cli.py	68.15% <0.00%> (+0.31%)	⬆️
cve_bin_tool/data_sources/nvd_source.py	61.29% <0.00%> (+4.43%)	⬆️
... and 1 more

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[terriko]

Okay, let's keep them separate and get this merged. Thank you!