diff --git a/README.md b/README.md index 6c0296d..8103d3e 100644 --- a/README.md +++ b/README.md @@ -407,7 +407,7 @@ CVE-2015-0235 ``` $ rhsecapi --loglevel info --q-iava not-a-real-iava [INFO ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ... -[ERROR ] rhsda: Login error; unable to get IAVA info +[ERROR ] rhsda: Login error IAVA→CVE mapping data is not provided by the public RH Security Data API. Instead, this uses the IAVM Mapper App (access.redhat.com/labs/iavmmapper). @@ -426,16 +426,14 @@ $ vim ~/.netrc $ rhsecapi --loglevel info --q-iava not-a-real-iava [INFO ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ... -[ERROR ] rhsda: IAVM Mapper (https://access.redhat.com/labs/iavmmapper) has no knowledge of 'not-a-real-iava' +[ERROR ] rhsda: IAVM Mapper app main index doesn't contain 'not-a-real-iava' For help, open an issue at http://github.com/ryran/rhsecapi Or post a comment at https://access.redhat.com/discussions/2713931 ``` ``` -$ rhsecapi --loglevel info --q-iava 2016-A-0287 -[INFO ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ... -[INFO ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-A-0287' ... +$ rhsecapi --q-iava 2016-A-0287 [NOTICE ] rhsda: 4 CVEs found with search CVE-2015-7940 @@ -467,9 +465,28 @@ $ rhsecapi --q-iava 2016-A-0287 --json --loglevel warning ``` ``` -$ rhsecapi --q-iava 2016-A-0287 --extract-search --count +$ rhsecapi --q-iava 2016-A-0287 --loglevel debug --extract-search --product linux.6 --count +[INFO ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ... +[DEBUG ] rhsda: Return status: '200'; Content-Type: 'application/json; charset=utf-8' +[DEBUG ] rhsda: IAVM Mapper app main index contains '2016-A-0287' +[INFO ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-A-0287' ... +[DEBUG ] rhsda: Return status: '200'; Content-Type: 'application/json; charset=utf-8' [NOTICE ] rhsda: 4 CVEs found with search +[INFO ] rhsda: Using 4 worker threads +[DEBUG ] rhsda: Requested fields string: 'BASE' +[DEBUG ] rhsda: Enabled fields: 'threat_severity, public_date, bugzilla, affected_release, package_state' +[INFO ] rhsda: Getting 'https://access.redhat.com/labs/securitydataapi/cve/CVE-2015-7940.json' ... +[INFO ] rhsda: Getting 'https://access.redhat.com/labs/securitydataapi/cve/CVE-2016-2107.json' ... +[INFO ] rhsda: Getting 'https://access.redhat.com/labs/securitydataapi/cve/CVE-2016-4979.json' ... +[INFO ] rhsda: Getting 'https://access.redhat.com/labs/securitydataapi/cve/CVE-2016-5604.json' ... +[DEBUG ] rhsda: Return status: '200'; Content-Type: 'application/json; charset=utf-8' +[DEBUG ] rhsda: Return status: '200'; Content-Type: 'application/json; charset=utf-8' +[INFO ] rhsda: Hiding CVE-2015-7940 due to negative product match +[DEBUG ] rhsda: Return status: '200'; Content-Type: 'application/json; charset=utf-8' +[DEBUG ] rhsda: Return status: '404'; Content-Type: 'text/html;charset=UTF-8' +[INFO ] rhsda: 404 Client Error: Not Found for url: https://access.redhat.com/labs/securitydataapi/cve/CVE-2016-5604.json [NOTICE ] rhsda: Valid Red Hat CVE results retrieved: 3 of 4 +[NOTICE ] rhsda: Results matching spotlight-product option: 2 of 4 [NOTICE ] rhsda: Invalid CVE queries: 1 of 4 ``` diff --git a/rhsda.py b/rhsda.py index 333d14a..1f56993 100644 --- a/rhsda.py +++ b/rhsda.py @@ -744,17 +744,19 @@ def _iavm_query(self, url): r = requests.get(url, auth=()) except requests.exceptions.ConnectionError as e: self._err_print_support_urls(e) - return [] + raise except requests.exceptions.RequestException as e: self._err_print_support_urls(e) - return [] + raise except requests.exceptions.HTTPError as e: self._err_print_support_urls(e) - return [] - try: + raise + r.raise_for_status() + logger.debug("Return status: '{0}'; Content-Type: '{1}'".format(r.status_code, r.headers['Content-Type'])) + if 'application/json' in r.headers['Content-Type']: result = r.json() - except: - logger.error("Login error; unable to get IAVA info") + elif 'Login - Red Hat Customer Portal' in r.content: + logger.error("Login error") print("\nIAVA→CVE mapping data is not provided by the public RH Security Data API.\n" "Instead, this uses the IAVM Mapper App (access.redhat.com/labs/iavmmapper).\n\n" "Access to this data requires RH Customer Portal credentials be provided.\n" @@ -770,17 +772,27 @@ def _iavm_query(self, url): def get_iava(self, iavaId): """Validate IAVA number and return json.""" + # Get main IAVA master index url = 'https://access.redhat.com/labs/iavmmapper/api/iava/' result = self._iavm_query(url) - if result: - if iavaId not in result: - logger.error("IAVM Mapper (https://access.redhat.com/labs/iavmmapper) has no knowledge of '{0}'".format(iavaId)) - self._err_print_support_urls() - return [] + if not result: + # If no result, we're not logged in & error has already been logged + return [] + if iavaId in result: + logger.debug("IAVM Mapper app main index contains '{0}'".format(iavaId)) else: + logger.error("IAVM Mapper app main index doesn't contain '{0}'".format(iavaId)) + self._err_print_support_urls() return [] + # Get specific IAVA now url += '{0}'.format(iavaId) - result = self._iavm_query(url) + try: + result = self._iavm_query(url) + except requests.exceptions.HTTPError as e: + logger.info(e) + logger.error("IAVM Mapper app doesn't have entry for '{0}'".format(iavaId)) + self._err_print_support_urls() + return [] logger.log(25, "{0} CVEs found with search".format(len(result['IAVM']['CVEs']['CVENumber']))) return result diff --git a/rhsecapi.py b/rhsecapi.py index 9bd39fa..a3677a6 100755 --- a/rhsecapi.py +++ b/rhsecapi.py @@ -37,7 +37,7 @@ # Globals prog = 'rhsecapi' vers = {} -vers['version'] = '1.0.0_rc2' +vers['version'] = '1.0.0_rc3' vers['date'] = '2016/18/10'