1 |
commit: b95debb109f03769167713f63d572e5857709b39 |
2 |
Author: John Helmert III <ajak <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Jul 6 23:32:42 2021 +0000 |
4 |
Commit: John Helmert III <ajak <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jul 6 23:32:42 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/security.git/commit/?id=b95debb1 |
7 |
|
8 |
glsatool: reorganize into module and script (like cvetool) |
9 |
|
10 |
Signed-off-by: John Helmert III <ajak <AT> gentoo.org> |
11 |
|
12 |
bin/{glsatool => GLSATool.py} | 4 +- |
13 |
bin/glsatool | 116 ++---------------------------------------- |
14 |
2 files changed, 6 insertions(+), 114 deletions(-) |
15 |
|
16 |
diff --git a/bin/glsatool b/bin/GLSATool.py |
17 |
old mode 100755 |
18 |
new mode 100644 |
19 |
similarity index 98% |
20 |
copy from bin/glsatool |
21 |
copy to bin/GLSATool.py |
22 |
index 6755f32..c7fc804 |
23 |
--- a/bin/glsatool |
24 |
+++ b/bin/GLSATool.py |
25 |
@@ -1,5 +1,3 @@ |
26 |
-#!/usr/bin/env python |
27 |
- |
28 |
from configparser import ConfigParser |
29 |
import argparse |
30 |
import os |
31 |
@@ -104,7 +102,7 @@ def bgo_key(): |
32 |
return apikey |
33 |
|
34 |
|
35 |
-if __name__ == '__main__': |
36 |
+def glsatool(): |
37 |
parser = argparse.ArgumentParser() |
38 |
parser.add_argument('-b', '--bugs', required=True, nargs='+') |
39 |
parser.add_argument('-t', '--title', required=True) |
40 |
|
41 |
diff --git a/bin/glsatool b/bin/glsatool |
42 |
index 6755f32..2f8e88a 100755 |
43 |
--- a/bin/glsatool |
44 |
+++ b/bin/glsatool |
45 |
@@ -1,115 +1,9 @@ |
46 |
#!/usr/bin/env python |
47 |
|
48 |
-from configparser import ConfigParser |
49 |
-import argparse |
50 |
-import os |
51 |
-import re |
52 |
- |
53 |
-import bugzilla |
54 |
-import requests |
55 |
-from bs4 import BeautifulSoup as bs |
56 |
- |
57 |
-from CVETool import CVETool |
58 |
- |
59 |
-GLSAMAKER_URI = 'https://glsamaker.gentoo.org' |
60 |
- |
61 |
- |
62 |
-class GLSATool: |
63 |
- """ Utility to ease GLSA handling in GLSAMaker """ |
64 |
- |
65 |
- def __init__(self, glsamaker_key, bgo_key): |
66 |
- self.auth = glsamaker_key |
67 |
- self.bgo = bugzilla.Bugzilla('https://bugs.gentoo.org', |
68 |
- api_key=bgo_key, force_rest=True) |
69 |
- |
70 |
- def get_csrf_token(self): |
71 |
- soup = bs(self.request('/glsas/new'), features='lxml') |
72 |
- csrf_token = \ |
73 |
- soup.find('input', {'name': 'authenticity_token'})['value'] |
74 |
- return csrf_token |
75 |
- |
76 |
- def request(self, path, method='GET', data=None): |
77 |
- if method == 'GET': |
78 |
- response = requests.get(GLSAMAKER_URI + path, |
79 |
- headers={'Authorization': |
80 |
- 'Basic ' + self.auth}) |
81 |
- elif method == 'POST': |
82 |
- if data: |
83 |
- response = requests.post(GLSAMAKER_URI + path, |
84 |
- data=data, |
85 |
- headers={'Authorization': |
86 |
- 'Basic ' + self.auth}) |
87 |
- else: |
88 |
- response = requests.post(GLSAMAKER_URI + path, |
89 |
- headers={'Authorization': |
90 |
- 'Basic ' + self.auth}) |
91 |
- if not response.ok: |
92 |
- raise RuntimeError(path + ': ' + str(response.status_code)) |
93 |
- return response.text |
94 |
- |
95 |
- def new_whiteboard(self, old_whiteboard): |
96 |
- regex = re.compile('[A-C~][0-4] \[.*\]') |
97 |
- severity = old_whiteboard[:2] |
98 |
- new = ['glsa'] |
99 |
- |
100 |
- if not regex.match(old_whiteboard): |
101 |
- # Don't even try to operate on a whiteboard with a strange |
102 |
- # format |
103 |
- raise RuntimeError("Bad whiteboard! '" + old_whiteboard + "'") |
104 |
- |
105 |
- # Iterate over words within the [] part of whiteboard |
106 |
- for word in re.sub('[\[\]]', '', old_whiteboard[2:]).split(): |
107 |
- if 'glsa' not in word: |
108 |
- new += [word] |
109 |
- if 'cve' not in new: |
110 |
- new.append('cve') |
111 |
- return severity + ' [' + ' '.join(new) + ']' |
112 |
- |
113 |
- def update_bugs(self, bugs): |
114 |
- for bug in self.bgo.getbugs(bugs): |
115 |
- update = {'whiteboard': self.new_whiteboard(bug.whiteboard), |
116 |
- 'comment': {'comment': 'GLSA request filed.'}} |
117 |
- print('https://bugs.gentoo.org/{}: {} -> {}' |
118 |
- .format(str(bug.id), bug.whiteboard, update['whiteboard'])) |
119 |
- self.bgo.update_bugs([bug.id], update) |
120 |
- |
121 |
- def new_glsa(self, title, bugs): |
122 |
- data = { |
123 |
- 'title': title + ' [DRAFT]', |
124 |
- 'bugs': ','.join(bugs), |
125 |
- 'access': 'public', |
126 |
- 'import_references': '1', |
127 |
- 'what': 'request', # ??? |
128 |
- 'authenticity_token': self.get_csrf_token() |
129 |
- } |
130 |
- self.request('/glsas', method='POST', data=data) |
131 |
- print("GLSA request filed") |
132 |
- self.update_bugs(bugs) |
133 |
- |
134 |
- |
135 |
-def glsamaker_key(): |
136 |
- authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth') |
137 |
- if 'CVETOOL_AUTH' in os.environ: |
138 |
- return os.environ['CVETOOL_AUTH'] |
139 |
- if os.path.isfile(authpath): |
140 |
- with open(authpath, 'r') as authfile: |
141 |
- return authfile.readlines()[0] |
142 |
- |
143 |
- |
144 |
-def bgo_key(): |
145 |
- bugzrc = os.path.expanduser("~/.bugzrc") |
146 |
- config = ConfigParser() |
147 |
- config.read(bugzrc) |
148 |
- apikey = config['default']['key'] |
149 |
- return apikey |
150 |
- |
151 |
+from GLSATool import glsatool |
152 |
|
153 |
if __name__ == '__main__': |
154 |
- parser = argparse.ArgumentParser() |
155 |
- parser.add_argument('-b', '--bugs', required=True, nargs='+') |
156 |
- parser.add_argument('-t', '--title', required=True) |
157 |
- args = parser.parse_args() |
158 |
- auth = glsamaker_key() |
159 |
- for bug in args.bugs: |
160 |
- CVETool(auth, 'dobug', [bug]) |
161 |
- GLSATool(auth, bgo_key()).new_glsa(args.title, args.bugs) |
162 |
+ try: |
163 |
+ glsatool() |
164 |
+ except KeyboardInterrupt: |
165 |
+ print('\n ! Exiting.') |