[OE-core] [PATCH] cve-update-db: Manage proxy if needed.
Pierre Le Magourou
lemagoup at gmail.com
Wed Jun 26 12:25:58 UTC 2019
From: Pierre Le Magourou <pierre.lemagourou at softbankrobotics.com>
If https_proxy environment variable is defined, manage proxy to be able
to download meta and json data feeds from https://nvd.nist.gov
Signed-off-by: Pierre Le Magourou <pierre.lemagourou at softbankrobotics.com>
---
meta/recipes-core/meta/cve-update-db.bb | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-core/meta/cve-update-db.bb b/meta/recipes-core/meta/cve-update-db.bb
index 5778e00e79..bcc8d4ab1a 100644
--- a/meta/recipes-core/meta/cve-update-db.bb
+++ b/meta/recipes-core/meta/cve-update-db.bb
@@ -24,6 +24,7 @@ python do_populate_cve_db() {
BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
YEAR_START = 2002
JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz'
+ proxy = d.getVar("https_proxy")
# Connect to database
db_file = d.getVar("CVE_CHECK_DB_FILE")
@@ -38,7 +39,10 @@ python do_populate_cve_db() {
json_url = year_url + ".json.gz"
# Retrieve meta last modified date
- with urllib.request.urlopen(meta_url) as r:
+ req = urllib.request.Request(meta_url)
+ if proxy:
+ req.set_proxy(proxy, 'https')
+ with urllib.request.urlopen(req) as r:
date_line = str(r.read().splitlines()[0])
last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)
@@ -47,7 +51,10 @@ python do_populate_cve_db() {
meta = c.fetchone()
if not meta or meta[0] != last_modified:
# Update db with current year json file
- with urllib.request.urlopen(json_url) as r, open(JSON_TMPFILE, 'wb') as tmpfile:
+ req = urllib.request.Request(json_url)
+ if proxy:
+ req.set_proxy(proxy, 'https')
+ with urllib.request.urlopen(req) as r, open(JSON_TMPFILE, 'wb') as tmpfile:
shutil.copyfileobj(r, tmpfile)
with gzip.open(JSON_TMPFILE, 'rt') as jsonfile:
update_db(c, jsonfile)
--
2.11.0
More information about the Openembedded-core
mailing list