[oe-commits] [openembedded-core] 10/49: cve-update-db: Manage proxy if needed.

git at git.openembedded.org git at git.openembedded.org
Wed Nov 6 20:44:57 UTC 2019 

This is an automated email from the git hooks/post-receive script.

rpurdie pushed a commit to branch sumo-next
in repository openembedded-core.

commit 3af4399ea35b5c4b87d656f09dd2afed11791f0a
Author: Pierre Le Magourou <pierre.lemagourou at softbankrobotics.com>
AuthorDate: Wed Nov 6 17:37:23 2019 +0200

    cve-update-db: Manage proxy if needed.
    
    If https_proxy environment variable is defined, manage proxy to be able
    to download meta and json data feeds from https://nvd.nist.gov
    
    (From OE-Core rev: 09be21f4d1793b1e26e78391f51bfc0a27b76deb)
    
    Signed-off-by: Pierre Le Magourou <pierre.lemagourou at softbankrobotics.com>
    Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
 meta/recipes-core/meta/cve-update-db.bb | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/meta/cve-update-db.bb b/meta/recipes-core/meta/cve-update-db.bb
index 1f48820..4c896dc 100644
--- a/meta/recipes-core/meta/cve-update-db.bb
+++ b/meta/recipes-core/meta/cve-update-db.bb
@@ -25,6 +25,7 @@ python do_populate_cve_db() {
     BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
     YEAR_START = 2002
     JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz'
+    proxy = d.getVar("https_proxy")
 
     # Connect to database
     db_file = d.getVar("CVE_CHECK_DB_FILE")
@@ -39,7 +40,10 @@ python do_populate_cve_db() {
         json_url = year_url + ".json.gz"
 
         # Retrieve meta last modified date
-        with urllib.request.urlopen(meta_url) as r:
+        req = urllib.request.Request(meta_url)
+        if proxy:
+            req.set_proxy(proxy, 'https')
+        with urllib.request.urlopen(req) as r:
             date_line = str(r.read().splitlines()[0])
             last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)
 
@@ -48,7 +52,10 @@ python do_populate_cve_db() {
         meta = c.fetchone()
         if not meta or meta[0] != last_modified:
             # Update db with current year json file
-            with urllib.request.urlopen(json_url) as r, open(JSON_TMPFILE, 'wb') as tmpfile:
+            req = urllib.request.Request(json_url)
+            if proxy:
+                req.set_proxy(proxy, 'https')
+            with urllib.request.urlopen(req) as r, open(JSON_TMPFILE, 'wb') as tmpfile:
                 shutil.copyfileobj(r, tmpfile)
             with gzip.open(JSON_TMPFILE, 'rt') as jsonfile:
                 update_db(c, jsonfile)

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Openembedded-commits mailing list