cve-update-db: Manage proxy if needed.

If https_proxy environment variable is defined, manage proxy to be able to download meta and json data feeds from https://nvd.nist.gov (From OE-Core rev: 09be21f4d1793b1e26e78391f51bfc0a27b76deb) Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-08 17:19:20 +00:00 · 2019-06-26 14:25:58 +02:00
parent cebda73b3f
commit e9147d16a2
1 changed files with 9 additions and 2 deletions
@@ -25,6 +25,7 @@ python do_populate_cve_db() {
    BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
    YEAR_START = 2002
    JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz'
+    proxy = d.getVar("https_proxy")

    # Connect to database
    db_file = d.getVar("CVE_CHECK_DB_FILE")
@@ -39,7 +40,10 @@ python do_populate_cve_db() {
        json_url = year_url + ".json.gz"

        # Retrieve meta last modified date
-        with urllib.request.urlopen(meta_url) as r:
+        req = urllib.request.Request(meta_url)
+        if proxy:
+            req.set_proxy(proxy, 'https')
+        with urllib.request.urlopen(req) as r:
            date_line = str(r.read().splitlines()[0])
            last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)

@@ -48,7 +52,10 @@ python do_populate_cve_db() {
        meta = c.fetchone()
        if not meta or meta[0] != last_modified:
            # Update db with current year json file
-            with urllib.request.urlopen(json_url) as r, open(JSON_TMPFILE, 'wb') as tmpfile:
+            req = urllib.request.Request(json_url)
+            if proxy:
+                req.set_proxy(proxy, 'https')
+            with urllib.request.urlopen(req) as r, open(JSON_TMPFILE, 'wb') as tmpfile:
                shutil.copyfileobj(r, tmpfile)
            with gzip.open(JSON_TMPFILE, 'rt') as jsonfile:
                update_db(c, jsonfile)