From 9555ef7122c23b1455f73f75f311b5b711d102f4 Mon Sep 17 00:00:00 2001 From: Pierre Le Magourou Date: Wed, 6 Nov 2019 17:37:23 +0200 Subject: cve-update-db: Manage proxy if needed. If https_proxy environment variable is defined, manage proxy to be able to download meta and json data feeds from https://nvd.nist.gov (From OE-Core rev: 09be21f4d1793b1e26e78391f51bfc0a27b76deb) (From OE-Core rev: 3af4399ea35b5c4b87d656f09dd2afed11791f0a) Signed-off-by: Pierre Le Magourou Signed-off-by: Richard Purdie --- meta/recipes-core/meta/cve-update-db.bb | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-db.bb b/meta/recipes-core/meta/cve-update-db.bb index 1f48820cc6..4c896dc880 100644 --- a/meta/recipes-core/meta/cve-update-db.bb +++ b/meta/recipes-core/meta/cve-update-db.bb @@ -25,6 +25,7 @@ python do_populate_cve_db() { BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-" YEAR_START = 2002 JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz' + proxy = d.getVar("https_proxy") # Connect to database db_file = d.getVar("CVE_CHECK_DB_FILE") @@ -39,7 +40,10 @@ python do_populate_cve_db() { json_url = year_url + ".json.gz" # Retrieve meta last modified date - with urllib.request.urlopen(meta_url) as r: + req = urllib.request.Request(meta_url) + if proxy: + req.set_proxy(proxy, 'https') + with urllib.request.urlopen(req) as r: date_line = str(r.read().splitlines()[0]) last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1) @@ -48,7 +52,10 @@ python do_populate_cve_db() { meta = c.fetchone() if not meta or meta[0] != last_modified: # Update db with current year json file - with urllib.request.urlopen(json_url) as r, open(JSON_TMPFILE, 'wb') as tmpfile: + req = urllib.request.Request(json_url) + if proxy: + req.set_proxy(proxy, 'https') + with urllib.request.urlopen(req) as r, open(JSON_TMPFILE, 'wb') as tmpfile: shutil.copyfileobj(r, tmpfile) with gzip.open(JSON_TMPFILE, 'rt') as jsonfile: update_db(c, jsonfile) -- cgit v1.2.3-54-g00ecf