summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2019-12-08 18:35:54 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-12-16 23:11:10 (GMT)
commit309153313092159d4103d4bfa396241461bc3d8d (patch)
tree29f163854b4dcb251e66d4f2be4eed542169b0ab
parent7da85f3a884758fedfb31b2bc277c5e892833400 (diff)
downloadpoky-309153313092159d4103d4bfa396241461bc3d8d.tar.gz
cve-update-db-native: clean up proxy handling
urllib handles adding proxy handlers if the proxies are set in the environment, so call bb.utils.export_proxies() to do that and remove the manual setup. (From OE-Core rev: 6b73004668b3b71c9c38814b79fbb58c893ed434) (From OE-Core rev: aa197b91e1770925ae1a31ee7334b593bfcdc9e3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-core/meta/cve-update-db-native.bb31
1 files changed, 5 insertions, 26 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 08b18f0..db1d69a 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -21,10 +21,12 @@ python do_populate_cve_db() {
21 """ 21 """
22 Update NVD database with json data feed 22 Update NVD database with json data feed
23 """ 23 """
24 24 import bb.utils
25 import sqlite3, urllib, urllib.parse, shutil, gzip 25 import sqlite3, urllib, urllib.parse, shutil, gzip
26 from datetime import date 26 from datetime import date
27 27
28 bb.utils.export_proxies(d)
29
28 BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-" 30 BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
29 YEAR_START = 2002 31 YEAR_START = 2002
30 32
@@ -40,16 +42,6 @@ python do_populate_cve_db() {
40 except OSError: 42 except OSError:
41 pass 43 pass
42 44
43 proxy = d.getVar("https_proxy")
44 if proxy:
45 # instantiate an opener but do not install it as the global
46 # opener unless if we're really sure it's applicable for all
47 # urllib requests
48 proxy_handler = urllib.request.ProxyHandler({'https': proxy})
49 proxy_opener = urllib.request.build_opener(proxy_handler)
50 else:
51 proxy_opener = None
52
53 cve_f = open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') 45 cve_f = open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a')
54 46
55 if not os.path.isdir(db_dir): 47 if not os.path.isdir(db_dir):
@@ -67,15 +59,7 @@ python do_populate_cve_db() {
67 json_url = year_url + ".json.gz" 59 json_url = year_url + ".json.gz"
68 60
69 # Retrieve meta last modified date 61 # Retrieve meta last modified date
70 62 response = urllib.request.urlopen(meta_url)
71 response = None
72
73 if proxy_opener:
74 response = proxy_opener.open(meta_url)
75 else:
76 req = urllib.request.Request(meta_url)
77 response = urllib.request.urlopen(req)
78
79 if response: 63 if response:
80 for l in response.read().decode("utf-8").splitlines(): 64 for l in response.read().decode("utf-8").splitlines():
81 key, value = l.split(":", 1) 65 key, value = l.split(":", 1)
@@ -95,12 +79,7 @@ python do_populate_cve_db() {
95 79
96 # Update db with current year json file 80 # Update db with current year json file
97 try: 81 try:
98 if proxy_opener: 82 response = urllib.request.urlopen(json_url)
99 response = proxy_opener.open(json_url)
100 else:
101 req = urllib.request.Request(json_url)
102 response = urllib.request.urlopen(req)
103
104 if response: 83 if response:
105 update_db(c, gzip.decompress(response.read()).decode('utf-8')) 84 update_db(c, gzip.decompress(response.read()).decode('utf-8'))
106 c.execute("insert or replace into META values (?, ?)", [year, last_modified]) 85 c.execute("insert or replace into META values (?, ?)", [year, last_modified])