From 2bd56b2474c6180338d2ad1b485352c88e84a250 Mon Sep 17 00:00:00 2001
From: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Date: Wed, 6 Nov 2019 17:37:25 +0200
Subject: cve-update-db: Catch request.urlopen errors.

If the NVD url is not accessible, print a warning on top of the CVE
report, and continue. The database will not be fully updated, but
cve_check can still run on the previous database.

(From OE-Core rev: 0325dd72714f0b447558084f481b77f0ec850eed)

(From OE-Core rev: ae743789d893e950583014f38f0ad246aa4fe034)

Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/classes/cve-check.bbclass | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'meta/classes')

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 1e7e8dd441..81071e3f19 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -51,14 +51,15 @@ python do_cve_check () {
     Check recipe for patched and unpatched CVEs
     """
 
-    if os.path.exists(d.getVar("CVE_CHECK_TMP_FILE")):
+    if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
         patched_cves = get_patches_cves(d)
         patched, unpatched = check_cves(d, patched_cves)
         if patched or unpatched:
             cve_data = get_cve_info(d, patched + unpatched)
             cve_write_data(d, patched, unpatched, cve_data)
     else:
-        bb.note("Failed to update CVE database, skipping CVE check")
+        bb.note("No CVE database found, skipping CVE check")
+
 }
 
 addtask cve_check after do_unpack before do_build
-- 
cgit v1.2.3-54-g00ecf