diff options
Diffstat (limited to 'meta/recipes-core')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db.bb | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/meta/recipes-core/meta/cve-update-db.bb b/meta/recipes-core/meta/cve-update-db.bb index 3e5bae8b1d..ae8f1a958b 100644 --- a/meta/recipes-core/meta/cve-update-db.bb +++ b/meta/recipes-core/meta/cve-update-db.bb | |||
@@ -28,6 +28,7 @@ python do_populate_cve_db() { | |||
28 | db_file = db_dir + '/nvd-json.db' | 28 | db_file = db_dir + '/nvd-json.db' |
29 | json_tmpfile = db_dir + '/nvd.json.gz' | 29 | json_tmpfile = db_dir + '/nvd.json.gz' |
30 | proxy = d.getVar("https_proxy") | 30 | proxy = d.getVar("https_proxy") |
31 | cve_f = open(d.getVar("TMPDIR") + '/cve_check', 'a') | ||
31 | 32 | ||
32 | if not os.path.isdir(db_dir): | 33 | if not os.path.isdir(db_dir): |
33 | os.mkdir(db_dir) | 34 | os.mkdir(db_dir) |
@@ -47,9 +48,13 @@ python do_populate_cve_db() { | |||
47 | req = urllib.request.Request(meta_url) | 48 | req = urllib.request.Request(meta_url) |
48 | if proxy: | 49 | if proxy: |
49 | req.set_proxy(proxy, 'https') | 50 | req.set_proxy(proxy, 'https') |
50 | with urllib.request.urlopen(req) as r: | 51 | try: |
51 | date_line = str(r.read().splitlines()[0]) | 52 | with urllib.request.urlopen(req, timeout=1) as r: |
52 | last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1) | 53 | date_line = str(r.read().splitlines()[0]) |
54 | last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1) | ||
55 | except: | ||
56 | cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n') | ||
57 | break | ||
53 | 58 | ||
54 | # Compare with current db last modified date | 59 | # Compare with current db last modified date |
55 | c.execute("select DATE from META where YEAR = '%d'" % year) | 60 | c.execute("select DATE from META where YEAR = '%d'" % year) |
@@ -59,19 +64,26 @@ python do_populate_cve_db() { | |||
59 | req = urllib.request.Request(json_url) | 64 | req = urllib.request.Request(json_url) |
60 | if proxy: | 65 | if proxy: |
61 | req.set_proxy(proxy, 'https') | 66 | req.set_proxy(proxy, 'https') |
62 | with urllib.request.urlopen(req) as r, open(json_tmpfile, 'wb') as tmpfile: | 67 | try: |
63 | shutil.copyfileobj(r, tmpfile) | 68 | with urllib.request.urlopen(req, timeout=1) as r, \ |
69 | open(json_tmpfile, 'wb') as tmpfile: | ||
70 | shutil.copyfileobj(r, tmpfile) | ||
71 | except: | ||
72 | cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n') | ||
73 | break | ||
74 | |||
64 | with gzip.open(json_tmpfile, 'rt') as jsonfile: | 75 | with gzip.open(json_tmpfile, 'rt') as jsonfile: |
65 | update_db(c, jsonfile) | 76 | update_db(c, jsonfile) |
66 | c.execute("insert or replace into META values (?, ?)", | 77 | c.execute("insert or replace into META values (?, ?)", |
67 | [year, last_modified]) | 78 | [year, last_modified]) |
68 | 79 | ||
80 | # Update success, set the date to cve_check file. | ||
81 | if year == date.today().year: | ||
82 | cve_f.write('CVE database update : %s\n\n' % date.today()) | ||
83 | |||
84 | cve_f.close() | ||
69 | conn.commit() | 85 | conn.commit() |
70 | conn.close() | 86 | conn.close() |
71 | |||
72 | cve_check_tmp_file = d.getVar("TMPDIR") + '/cve_check' | ||
73 | with open(cve_check_tmp_file, 'a'): | ||
74 | os.utime(cve_check_tmp_file, None) | ||
75 | } | 87 | } |
76 | 88 | ||
77 | # DJB2 hash algorithm | 89 | # DJB2 hash algorithm |