summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core
diff options
context:
space:
mode:
authorPierre Le Magourou <pierre.lemagourou@softbankrobotics.com>2019-06-26 14:25:58 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-06-27 12:20:36 +0100
commite9147d16a2c1a5aacdba5b5a3d3bb054dd52dfb2 (patch)
treed6ce37b95584dd98fd79008ab0abf9b48d0a77dd /meta/recipes-core
parentcebda73b3fc33793c3ad42edec380c656680330d (diff)
downloadpoky-e9147d16a2c1a5aacdba5b5a3d3bb054dd52dfb2.tar.gz
cve-update-db: Manage proxy if needed.
If https_proxy environment variable is defined, manage proxy to be able to download meta and json data feeds from https://nvd.nist.gov (From OE-Core rev: 09be21f4d1793b1e26e78391f51bfc0a27b76deb) Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core')
-rw-r--r--meta/recipes-core/meta/cve-update-db.bb11
1 files changed, 9 insertions, 2 deletions
diff --git a/meta/recipes-core/meta/cve-update-db.bb b/meta/recipes-core/meta/cve-update-db.bb
index 1f48820cc6..4c896dc880 100644
--- a/meta/recipes-core/meta/cve-update-db.bb
+++ b/meta/recipes-core/meta/cve-update-db.bb
@@ -25,6 +25,7 @@ python do_populate_cve_db() {
25 BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-" 25 BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
26 YEAR_START = 2002 26 YEAR_START = 2002
27 JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz' 27 JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz'
28 proxy = d.getVar("https_proxy")
28 29
29 # Connect to database 30 # Connect to database
30 db_file = d.getVar("CVE_CHECK_DB_FILE") 31 db_file = d.getVar("CVE_CHECK_DB_FILE")
@@ -39,7 +40,10 @@ python do_populate_cve_db() {
39 json_url = year_url + ".json.gz" 40 json_url = year_url + ".json.gz"
40 41
41 # Retrieve meta last modified date 42 # Retrieve meta last modified date
42 with urllib.request.urlopen(meta_url) as r: 43 req = urllib.request.Request(meta_url)
44 if proxy:
45 req.set_proxy(proxy, 'https')
46 with urllib.request.urlopen(req) as r:
43 date_line = str(r.read().splitlines()[0]) 47 date_line = str(r.read().splitlines()[0])
44 last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1) 48 last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)
45 49
@@ -48,7 +52,10 @@ python do_populate_cve_db() {
48 meta = c.fetchone() 52 meta = c.fetchone()
49 if not meta or meta[0] != last_modified: 53 if not meta or meta[0] != last_modified:
50 # Update db with current year json file 54 # Update db with current year json file
51 with urllib.request.urlopen(json_url) as r, open(JSON_TMPFILE, 'wb') as tmpfile: 55 req = urllib.request.Request(json_url)
56 if proxy:
57 req.set_proxy(proxy, 'https')
58 with urllib.request.urlopen(req) as r, open(JSON_TMPFILE, 'wb') as tmpfile:
52 shutil.copyfileobj(r, tmpfile) 59 shutil.copyfileobj(r, tmpfile)
53 with gzip.open(JSON_TMPFILE, 'rt') as jsonfile: 60 with gzip.open(JSON_TMPFILE, 'rt') as jsonfile:
54 update_db(c, jsonfile) 61 update_db(c, jsonfile)