Mercurial > farol > farol
comparison farol/main.py @ 155:0a5b5b5549cb
Add Proxy Configuration
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Mon, 17 Nov 2014 16:41:57 +0100 |
parents | 105bb08570ed |
children | 5df0bef667ea 57b65e7765c1 |
comparison
equal
deleted
inserted
replaced
154:3b93e8e7876b | 155:0a5b5b5549cb |
---|---|
30 from xml.etree import ElementTree as ET | 30 from xml.etree import ElementTree as ET |
31 | 31 |
32 import farolluz | 32 import farolluz |
33 from farolluz.cvrf import CVRF, ValidationError | 33 from farolluz.cvrf import CVRF, ValidationError |
34 from farolluz.parsers.cvrf import parse | 34 from farolluz.parsers.cvrf import parse |
35 from farolluz.py2 import urlopen | |
36 from farolluz.renderer import render as render_cvrf | 35 from farolluz.renderer import render as render_cvrf |
37 from farolluz.utils import utcnow | 36 from farolluz.utils import utcnow |
38 | 37 |
39 import flask | 38 import flask |
40 from flask import (Flask, request, render_template, redirect, url_for, flash, | 39 from flask import (Flask, request, render_template, redirect, url_for, flash, |
107 exports=[('CVRF', 100), ('OpenVAS NASL from RHSA', 85), ('OVAL', 5) ], | 106 exports=[('CVRF', 100), ('OpenVAS NASL from RHSA', 85), ('OVAL', 5) ], |
108 use_cases=[('Create a security advisory and publish as CVRF', 100), | 107 use_cases=[('Create a security advisory and publish as CVRF', 100), |
109 ('Edit a security advisory in CVRF format', 100)] | 108 ('Edit a security advisory in CVRF format', 100)] |
110 ) | 109 ) |
111 | 110 |
112 def set_url(url): | 111 def download_url(url): |
113 try: content = urlopen(url).read() | 112 proxy_host = app.config.get('PROXY_HOST', '') |
113 if proxy_host: | |
114 proxy = urllib2.ProxyHandler({'http': proxy_host, 'https': proxy_host}) | |
115 opener = urllib2.build_opener(proxy) | |
116 urllib2.install_opener(opener) | |
117 try: content = urllib2.urlopen(url).read() | |
114 except urllib2.HTTPError as e: | 118 except urllib2.HTTPError as e: |
115 flash('Unable to retrieve %s: %s' % (url, e)) | 119 flash('Unable to retrieve %s: %s' % (url, e)) |
116 return | 120 return |
117 set_text(content) | 121 set_text(content) |
118 | 122 |
127 int(index) | 131 int(index) |
128 except ValueError: | 132 except ValueError: |
129 flash('Wrong RHSA id: %s' % id_) | 133 flash('Wrong RHSA id: %s' % id_) |
130 return | 134 return |
131 # Process it | 135 # Process it |
132 set_url("https://www.redhat.com/security/data/cvrf/%(year)s/cvrf-rhsa-%(year)s-%(index)s.xml" % {'year': year, 'index': index}) | 136 download_url("https://www.redhat.com/security/data/cvrf/%(year)s/cvrf-rhsa-%(year)s-%(index)s.xml" % {'year': year, 'index': index}) |
133 | 137 |
134 def set_oracle(id_): | 138 def set_oracle(id_): |
135 try: int(id_) | 139 try: int(id_) |
136 except ValueError: | 140 except ValueError: |
137 flash('Wrong Oracle id: %s' % id_) | 141 flash('Wrong Oracle id: %s' % id_) |
138 return | 142 return |
139 set_url("http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/%s.xml" % id_) | 143 download_url("http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/%s.xml" % id_) |
140 | 144 |
141 def set_cisco(id_): | 145 def set_cisco(id_): |
142 if id_.count('-') < 2: | 146 if id_.count('-') < 2: |
143 flash('Wrong cisco id: %s' % id_) | 147 flash('Wrong cisco id: %s' % id_) |
144 return | 148 return |
145 kind, date, name = id_.split('-', 2) | 149 kind, date, name = id_.split('-', 2) |
146 try: kind = {'sa': 'Advisory', 'sr': 'Response'}[kind] | 150 try: kind = {'sa': 'Advisory', 'sr': 'Response'}[kind] |
147 except KeyError: | 151 except KeyError: |
148 flash('Wrong cisco id: %s' % id_) | 152 flash('Wrong cisco id: %s' % id_) |
149 return | 153 return |
150 set_url("http://tools.cisco.com/security/center/contentxml/CiscoSecurity%(kind)s/cisco-%(id)s/cvrf/cisco-%(id)s_cvrf.xml" % {'kind': kind, 'id': id_}) | 154 download_url("http://tools.cisco.com/security/center/contentxml/CiscoSecurity%(kind)s/cisco-%(id)s/cvrf/cisco-%(id)s_cvrf.xml" % {'kind': kind, 'id': id_}) |
151 | 155 |
152 def set_text(text): | 156 def set_text(text): |
153 try: doc = parse(text) | 157 try: doc = parse(text) |
154 except ET.ParseError as e: | 158 except ET.ParseError as e: |
155 flash('Unable to parse Document: %s' % e) | 159 flash('Unable to parse Document: %s' % e) |
169 set_cisco(request.form['id']) | 173 set_cisco(request.form['id']) |
170 elif 'nasl' in request.form: | 174 elif 'nasl' in request.form: |
171 flash("I'm not able to parse NASL scripts yet", 'danger') | 175 flash("I'm not able to parse NASL scripts yet", 'danger') |
172 return redirect(url_for('new')) | 176 return redirect(url_for('new')) |
173 elif 'url' in request.form: | 177 elif 'url' in request.form: |
174 set_url(request.form['url']) | 178 download_url(request.form['url']) |
175 elif 'local' in request.files: | 179 elif 'local' in request.files: |
176 upload = request.files['local'] | 180 upload = request.files['local'] |
177 fpath = os.path.join(app.instance_path, 'tmp', | 181 fpath = os.path.join(app.instance_path, 'tmp', |
178 secure_filename(upload.filename)) | 182 secure_filename(upload.filename)) |
179 if not os.path.exists(os.path.dirname(fpath)): | 183 if not os.path.exists(os.path.dirname(fpath)): |