Mercurial > farol > farol
comparison farol/main.py @ 155:0a5b5b5549cb
Add Proxy Configuration
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Mon, 17 Nov 2014 16:41:57 +0100 |
| parents | 105bb08570ed |
| children | 5df0bef667ea 57b65e7765c1 |
comparison
equal
deleted
inserted
replaced
| 154:3b93e8e7876b | 155:0a5b5b5549cb |
|---|---|
| 30 from xml.etree import ElementTree as ET | 30 from xml.etree import ElementTree as ET |
| 31 | 31 |
| 32 import farolluz | 32 import farolluz |
| 33 from farolluz.cvrf import CVRF, ValidationError | 33 from farolluz.cvrf import CVRF, ValidationError |
| 34 from farolluz.parsers.cvrf import parse | 34 from farolluz.parsers.cvrf import parse |
| 35 from farolluz.py2 import urlopen | |
| 36 from farolluz.renderer import render as render_cvrf | 35 from farolluz.renderer import render as render_cvrf |
| 37 from farolluz.utils import utcnow | 36 from farolluz.utils import utcnow |
| 38 | 37 |
| 39 import flask | 38 import flask |
| 40 from flask import (Flask, request, render_template, redirect, url_for, flash, | 39 from flask import (Flask, request, render_template, redirect, url_for, flash, |
| 107 exports=[('CVRF', 100), ('OpenVAS NASL from RHSA', 85), ('OVAL', 5) ], | 106 exports=[('CVRF', 100), ('OpenVAS NASL from RHSA', 85), ('OVAL', 5) ], |
| 108 use_cases=[('Create a security advisory and publish as CVRF', 100), | 107 use_cases=[('Create a security advisory and publish as CVRF', 100), |
| 109 ('Edit a security advisory in CVRF format', 100)] | 108 ('Edit a security advisory in CVRF format', 100)] |
| 110 ) | 109 ) |
| 111 | 110 |
| 112 def set_url(url): | 111 def download_url(url): |
| 113 try: content = urlopen(url).read() | 112 proxy_host = app.config.get('PROXY_HOST', '') |
| 113 if proxy_host: | |
| 114 proxy = urllib2.ProxyHandler({'http': proxy_host, 'https': proxy_host}) | |
| 115 opener = urllib2.build_opener(proxy) | |
| 116 urllib2.install_opener(opener) | |
| 117 try: content = urllib2.urlopen(url).read() | |
| 114 except urllib2.HTTPError as e: | 118 except urllib2.HTTPError as e: |
| 115 flash('Unable to retrieve %s: %s' % (url, e)) | 119 flash('Unable to retrieve %s: %s' % (url, e)) |
| 116 return | 120 return |
| 117 set_text(content) | 121 set_text(content) |
| 118 | 122 |
| 127 int(index) | 131 int(index) |
| 128 except ValueError: | 132 except ValueError: |
| 129 flash('Wrong RHSA id: %s' % id_) | 133 flash('Wrong RHSA id: %s' % id_) |
| 130 return | 134 return |
| 131 # Process it | 135 # Process it |
| 132 set_url("https://www.redhat.com/security/data/cvrf/%(year)s/cvrf-rhsa-%(year)s-%(index)s.xml" % {'year': year, 'index': index}) | 136 download_url("https://www.redhat.com/security/data/cvrf/%(year)s/cvrf-rhsa-%(year)s-%(index)s.xml" % {'year': year, 'index': index}) |
| 133 | 137 |
| 134 def set_oracle(id_): | 138 def set_oracle(id_): |
| 135 try: int(id_) | 139 try: int(id_) |
| 136 except ValueError: | 140 except ValueError: |
| 137 flash('Wrong Oracle id: %s' % id_) | 141 flash('Wrong Oracle id: %s' % id_) |
| 138 return | 142 return |
| 139 set_url("http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/%s.xml" % id_) | 143 download_url("http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/%s.xml" % id_) |
| 140 | 144 |
| 141 def set_cisco(id_): | 145 def set_cisco(id_): |
| 142 if id_.count('-') < 2: | 146 if id_.count('-') < 2: |
| 143 flash('Wrong cisco id: %s' % id_) | 147 flash('Wrong cisco id: %s' % id_) |
| 144 return | 148 return |
| 145 kind, date, name = id_.split('-', 2) | 149 kind, date, name = id_.split('-', 2) |
| 146 try: kind = {'sa': 'Advisory', 'sr': 'Response'}[kind] | 150 try: kind = {'sa': 'Advisory', 'sr': 'Response'}[kind] |
| 147 except KeyError: | 151 except KeyError: |
| 148 flash('Wrong cisco id: %s' % id_) | 152 flash('Wrong cisco id: %s' % id_) |
| 149 return | 153 return |
| 150 set_url("http://tools.cisco.com/security/center/contentxml/CiscoSecurity%(kind)s/cisco-%(id)s/cvrf/cisco-%(id)s_cvrf.xml" % {'kind': kind, 'id': id_}) | 154 download_url("http://tools.cisco.com/security/center/contentxml/CiscoSecurity%(kind)s/cisco-%(id)s/cvrf/cisco-%(id)s_cvrf.xml" % {'kind': kind, 'id': id_}) |
| 151 | 155 |
| 152 def set_text(text): | 156 def set_text(text): |
| 153 try: doc = parse(text) | 157 try: doc = parse(text) |
| 154 except ET.ParseError as e: | 158 except ET.ParseError as e: |
| 155 flash('Unable to parse Document: %s' % e) | 159 flash('Unable to parse Document: %s' % e) |
| 169 set_cisco(request.form['id']) | 173 set_cisco(request.form['id']) |
| 170 elif 'nasl' in request.form: | 174 elif 'nasl' in request.form: |
| 171 flash("I'm not able to parse NASL scripts yet", 'danger') | 175 flash("I'm not able to parse NASL scripts yet", 'danger') |
| 172 return redirect(url_for('new')) | 176 return redirect(url_for('new')) |
| 173 elif 'url' in request.form: | 177 elif 'url' in request.form: |
| 174 set_url(request.form['url']) | 178 download_url(request.form['url']) |
| 175 elif 'local' in request.files: | 179 elif 'local' in request.files: |
| 176 upload = request.files['local'] | 180 upload = request.files['local'] |
| 177 fpath = os.path.join(app.instance_path, 'tmp', | 181 fpath = os.path.join(app.instance_path, 'tmp', |
| 178 secure_filename(upload.filename)) | 182 secure_filename(upload.filename)) |
| 179 if not os.path.exists(os.path.dirname(fpath)): | 183 if not os.path.exists(os.path.dirname(fpath)): |