diff options
Diffstat (limited to 'meta/recipes-core')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db.bb | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/meta/recipes-core/meta/cve-update-db.bb b/meta/recipes-core/meta/cve-update-db.bb index 4c896dc880..3e5bae8b1d 100644 --- a/meta/recipes-core/meta/cve-update-db.bb +++ b/meta/recipes-core/meta/cve-update-db.bb | |||
@@ -6,7 +6,6 @@ PACKAGES = "" | |||
6 | 6 | ||
7 | inherit nopackages | 7 | inherit nopackages |
8 | 8 | ||
9 | deltask do_fetch | ||
10 | deltask do_unpack | 9 | deltask do_unpack |
11 | deltask do_patch | 10 | deltask do_patch |
12 | deltask do_configure | 11 | deltask do_configure |
@@ -24,11 +23,16 @@ python do_populate_cve_db() { | |||
24 | 23 | ||
25 | BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-" | 24 | BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-" |
26 | YEAR_START = 2002 | 25 | YEAR_START = 2002 |
27 | JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz' | 26 | |
27 | db_dir = d.getVar("DL_DIR") + '/CVE_CHECK' | ||
28 | db_file = db_dir + '/nvd-json.db' | ||
29 | json_tmpfile = db_dir + '/nvd.json.gz' | ||
28 | proxy = d.getVar("https_proxy") | 30 | proxy = d.getVar("https_proxy") |
29 | 31 | ||
32 | if not os.path.isdir(db_dir): | ||
33 | os.mkdir(db_dir) | ||
34 | |||
30 | # Connect to database | 35 | # Connect to database |
31 | db_file = d.getVar("CVE_CHECK_DB_FILE") | ||
32 | conn = sqlite3.connect(db_file) | 36 | conn = sqlite3.connect(db_file) |
33 | c = conn.cursor() | 37 | c = conn.cursor() |
34 | 38 | ||
@@ -55,9 +59,9 @@ python do_populate_cve_db() { | |||
55 | req = urllib.request.Request(json_url) | 59 | req = urllib.request.Request(json_url) |
56 | if proxy: | 60 | if proxy: |
57 | req.set_proxy(proxy, 'https') | 61 | req.set_proxy(proxy, 'https') |
58 | with urllib.request.urlopen(req) as r, open(JSON_TMPFILE, 'wb') as tmpfile: | 62 | with urllib.request.urlopen(req) as r, open(json_tmpfile, 'wb') as tmpfile: |
59 | shutil.copyfileobj(r, tmpfile) | 63 | shutil.copyfileobj(r, tmpfile) |
60 | with gzip.open(JSON_TMPFILE, 'rt') as jsonfile: | 64 | with gzip.open(json_tmpfile, 'rt') as jsonfile: |
61 | update_db(c, jsonfile) | 65 | update_db(c, jsonfile) |
62 | c.execute("insert or replace into META values (?, ?)", | 66 | c.execute("insert or replace into META values (?, ?)", |
63 | [year, last_modified]) | 67 | [year, last_modified]) |
@@ -65,8 +69,9 @@ python do_populate_cve_db() { | |||
65 | conn.commit() | 69 | conn.commit() |
66 | conn.close() | 70 | conn.close() |
67 | 71 | ||
68 | with open(d.getVar("CVE_CHECK_TMP_FILE"), 'a'): | 72 | cve_check_tmp_file = d.getVar("TMPDIR") + '/cve_check' |
69 | os.utime(d.getVar("CVE_CHECK_TMP_FILE"), None) | 73 | with open(cve_check_tmp_file, 'a'): |
74 | os.utime(cve_check_tmp_file, None) | ||
70 | } | 75 | } |
71 | 76 | ||
72 | # DJB2 hash algorithm | 77 | # DJB2 hash algorithm |
@@ -120,7 +125,7 @@ def update_db(c, json_filename): | |||
120 | 125 | ||
121 | 126 | ||
122 | 127 | ||
123 | addtask do_populate_cve_db before do_cve_check | 128 | addtask do_populate_cve_db before do_fetch |
124 | do_populate_cve_db[nostamp] = "1" | 129 | do_populate_cve_db[nostamp] = "1" |
125 | 130 | ||
126 | EXCLUDE_FROM_WORLD = "1" | 131 | EXCLUDE_FROM_WORLD = "1" |