NVDCVE_URL ?= "https://services.nvd.nist.gov/rest/json/cves/2.0"
+# If you have a NVD API key (https://nvd.nist.gov/developers/request-an-api-key)
+# then setting this to get higher rate limits.
+NVDCVE_API_KEY ?= ""
+
# CVE database update interval, in seconds. By default: once a day (24*60*60).
# Use 0 to force the update
# Use a negative value to skip the update
import http
import time
- headers = {}
+ request = urllib.request.Request(url + "?" + urllib.parse.urlencode(args))
if api_key:
- headers['apiKey'] = api_key
-
- bb.note("Requesting %s" % str(args))
-
- data = urllib.parse.urlencode(args)
-
- full_request = url + '?' + data
+ request.add_header("apiKey", api_key)
+ bb.note("Requesting %s" % request.full_url)
for attempt in range(5):
try:
- r = urllib.request.urlopen(full_request)
+ r = urllib.request.urlopen(request)
if (r.headers['content-encoding'] == 'gzip'):
buf = r.read()
r.close()
except Exception as e:
- bb.note("CVE database: received error (%s), retrying (request: %s)" % (e, full_request))
+ bb.note("CVE database: received error (%s), retrying" % (e))
time.sleep(6)
pass
else:
bb.note("Updating entries")
index = 0
url = d.getVar("NVDCVE_URL")
+ api_key = d.getVar("NVDCVE_API_KEY") or None
+
while True:
req_args['startIndex'] = index
- raw_data = nvd_request_next(url, None, req_args)
+ raw_data = nvd_request_next(url, api_key, req_args)
if raw_data is None:
# We haven't managed to download data
return False
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
