def paging(endpoint, request_json) -> tuple:
"""Split input list into pages"""
result_pages = {}
session = requests.Session()
success = True
while True:
r_json = utils.external_service_request(endpoint, request_json,
session, 'POST')
if r_json is None:
LOGGER.info("Downloading ERROR.")
success = False
break
response_to_list = list(r_json.items())
data_index = response_to_list[0][0]
data = response_to_list[0][1]
result_pages.setdefault(data_index, {}).update(data)
LOGGER.info(
"Downloading CVE/REPOs metadata (page: %s, page_size: %s, pages: %s)",
request_json['page'], r_json["page_size"], r_json['pages'])
if request_json['page'] >= r_json['pages']:
break
request_json['page'] += 1
session.close()
if success:
result_pages.update({
"page": r_json["page"],
"page_size": r_json["page_size"],
"pages": r_json["pages"]
})
return (success, result_pages)
def _patch_request_advisories(payload, x_rh_identity, patch_access):
"""Make Patch request for advisories"""
advisories_response_json = external_service_request(GetSystemsCves.patch_advisories_endpoint,
method='POST',
headers={'x-rh-identity': x_rh_identity},
service_access=patch_access,
data_json=payload)
return dict(advisories_response_json['data']) if advisories_response_json is not None else {}
def _patch_request_advisories(inv_id, advisories_list):
"""Make Patch request for advisories"""
if advisories_list:
query = ','.join(advisories_list)
full_endpoint = '%s/%s/advisories%s%s' % (GetSystemsCves.patch_advisories_endpoint, inv_id,
PATCH_ID_QUERY_FILTER, PATCH_FILTER_PREFIX)
endpoint_with_query = '%s%s' % (full_endpoint, query)
x_rh_identity = connexion.request.headers['x-rh-identity']
advisories_response_json = external_service_request(endpoint_with_query, method='GET', headers={'x-rh-identity': x_rh_identity})
return list(advisories_response_json['data']) if advisories_response_json is not None else None
return None
def _patch_request_advisories(patch_request_list):
"""Make Patch request for advisories"""
query = ','.join(patch_request_list)
endpoint_with_query = '%s%s' % (GetCves.patch_advisories_endpoint,
query)
x_rh_identity = connexion.request.headers['x-rh-identity']
advisories_response_json = external_service_request(
endpoint_with_query,
method='GET',
headers={'x-rh-identity': x_rh_identity})
return list(advisories_response_json['data']
) if advisories_response_json is not None else None
def sync_exploits():
"""Sync exploits data from ProdSec"""
LOGGER.info('Syncing CVE Exploits metadata')
headers = format_headers()
cert = create_cert()
data = external_service_request(CFG.bo_proxy_endpoint_exploits,
method='GET',
headers=headers,
verify=cert.name)
os.unlink(cert.name)
cves_with_exploits = set()
if data is not None:
for item in data:
cves = item.get('cves', [])
cves_with_exploits.update(cves)
else:
LOGGER.warning('Cannot sync exploits data')
return
cves_wo_exploits = set()
with DatabasePoolConnection() as conn:
with conn.cursor() as cur:
# Get all cve with exploits from our DB
cur.execute(
"select cve from cve_metadata where exploits = true")
for row in cur.fetchall():
cve = row[0]
# Check if CVE with exploits=true not present in ProdSec response
if cve not in cves_with_exploits:
# if false add it to list to change the status
cves_wo_exploits.add(cve)
if cves_with_exploits:
execute_values(
cur,
"update cve_metadata set exploits = true where cve in (%s)",
list(zip(cves_with_exploits)),
page_size=len(cves_with_exploits))
if cves_wo_exploits:
execute_values(
cur,
"update cve_metadata set exploits = false where cve in (%s)",
list(zip(cves_wo_exploits)),
page_size=len(cves_wo_exploits))
conn.commit()
LOGGER.info('Finished syncing CVE Exploits metadata')