[gentoo-commits] proj/security:ajak-cvetool commit in: bin/ - gentoo-commits

From:	John Helmert III <ajak@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/security:ajak-cvetool commit in: bin/
Date:	Wed, 07 Jul 2021 01:06:33
Message-Id:	`1625614362.b95debb109f03769167713f63d572e5857709b39.ajak@gentoo`

1

commit:     b95debb109f03769167713f63d572e5857709b39

2

Author:     John Helmert III <ajak <AT> gentoo <DOT> org>

3

AuthorDate: Tue Jul  6 23:32:42 2021 +0000

4

Commit:     John Helmert III <ajak <AT> gentoo <DOT> org>

5

CommitDate: Tue Jul  6 23:32:42 2021 +0000

6

URL:        https://gitweb.gentoo.org/proj/security.git/commit/?id=b95debb1

7

8

glsatool: reorganize into module and script (like cvetool)

9

10

Signed-off-by: John Helmert III <ajak <AT> gentoo.org>

11

12

 bin/{glsatool => GLSATool.py} |   4 +-

13

 bin/glsatool                  | 116 ++----------------------------------------

14

 2 files changed, 6 insertions(+), 114 deletions(-)

15

16

diff --git a/bin/glsatool b/bin/GLSATool.py

17

old mode 100755

18

new mode 100644

19

similarity index 98%

20

copy from bin/glsatool

21

copy to bin/GLSATool.py

22

index 6755f32..c7fc804

23

--- a/bin/glsatool

24

+++ b/bin/GLSATool.py

25

@@ -1,5 +1,3 @@

26

-#!/usr/bin/env python

27

-

28

 from configparser import ConfigParser

29

 import argparse

30

 import os

31

@@ -104,7 +102,7 @@ def bgo_key():

32

     return apikey

33

34

35

-if __name__ == '__main__':

36

+def glsatool():

37

     parser = argparse.ArgumentParser()

38

     parser.add_argument('-b', '--bugs', required=True, nargs='+')

39

     parser.add_argument('-t', '--title', required=True)

40

41

diff --git a/bin/glsatool b/bin/glsatool

42

index 6755f32..2f8e88a 100755

43

--- a/bin/glsatool

44

+++ b/bin/glsatool

45

@@ -1,115 +1,9 @@

46

 #!/usr/bin/env python

47

48

-from configparser import ConfigParser

49

-import argparse

50

-import os

51

-import re

52

-

53

-import bugzilla

54

-import requests

55

-from bs4 import BeautifulSoup as bs

56

-

57

-from CVETool import CVETool

58

-

59

-GLSAMAKER_URI = 'https://glsamaker.gentoo.org'

60

-

61

-

62

-class GLSATool:

63

-    """ Utility to ease GLSA handling in GLSAMaker """

64

-

65

-    def __init__(self, glsamaker_key, bgo_key):

66

-        self.auth = glsamaker_key

67

-        self.bgo = bugzilla.Bugzilla('https://bugs.gentoo.org',

68

-                                     api_key=bgo_key, force_rest=True)

69

-

70

-    def get_csrf_token(self):

71

-        soup = bs(self.request('/glsas/new'), features='lxml')

72

-        csrf_token = \

73

-            soup.find('input', {'name': 'authenticity_token'})['value']

74

-        return csrf_token

75

-

76

-    def request(self, path, method='GET', data=None):

77

-        if method == 'GET':

78

-            response = requests.get(GLSAMAKER_URI + path,

79

-                                    headers={'Authorization':

80

-                                             'Basic ' + self.auth})

81

-        elif method == 'POST':

82

-            if data:

83

-                response = requests.post(GLSAMAKER_URI + path,

84

-                                         data=data,

85

-                                         headers={'Authorization':

86

-                                                  'Basic ' + self.auth})

87

-            else:

88

-                response = requests.post(GLSAMAKER_URI + path,

89

-                                         headers={'Authorization':

90

-                                                  'Basic ' + self.auth})

91

-        if not response.ok:

92

-            raise RuntimeError(path + ': ' + str(response.status_code))

93

-        return response.text

94

-

95

-    def new_whiteboard(self, old_whiteboard):

96

-        regex = re.compile('[A-C~][0-4] \[.*\]')

97

-        severity = old_whiteboard[:2]

98

-        new = ['glsa']

99

-

100

-        if not regex.match(old_whiteboard):

101

-            # Don't even try to operate on a whiteboard with a strange

102

-            # format

103

-            raise RuntimeError("Bad whiteboard! '" + old_whiteboard + "'")

104

-

105

-        # Iterate over words within the [] part of whiteboard

106

-        for word in re.sub('[\[\]]', '', old_whiteboard[2:]).split():

107

-            if 'glsa' not in word:

108

-                new += [word]

109

-        if 'cve' not in new:

110

-            new.append('cve')

111

-        return severity + ' [' + ' '.join(new) + ']'

112

-

113

-    def update_bugs(self, bugs):

114

-        for bug in self.bgo.getbugs(bugs):

115

-            update = {'whiteboard': self.new_whiteboard(bug.whiteboard),

116

-                      'comment': {'comment': 'GLSA request filed.'}}

117

-            print('https://bugs.gentoo.org/{}: {} -> {}'

118

-                  .format(str(bug.id), bug.whiteboard, update['whiteboard']))

119

-            self.bgo.update_bugs([bug.id], update)

120

-

121

-    def new_glsa(self, title, bugs):

122

-        data = {

123

-            'title': title + ' [DRAFT]',

124

-            'bugs': ','.join(bugs),

125

-            'access': 'public',

126

-            'import_references': '1',

127

-            'what': 'request',  # ???

128

-            'authenticity_token': self.get_csrf_token()

129

-        }

130

-        self.request('/glsas', method='POST', data=data)

131

-        print("GLSA request filed")

132

-        self.update_bugs(bugs)

133

-

134

-

135

-def glsamaker_key():

136

-    authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')

137

-    if 'CVETOOL_AUTH' in os.environ:

138

-        return os.environ['CVETOOL_AUTH']

139

-    if os.path.isfile(authpath):

140

-        with open(authpath, 'r') as authfile:

141

-            return authfile.readlines()[0]

142

-

143

-

144

-def bgo_key():

145

-    bugzrc = os.path.expanduser("~/.bugzrc")

146

-    config = ConfigParser()

147

-    config.read(bugzrc)

148

-    apikey = config['default']['key']

149

-    return apikey

150

-

151

+from GLSATool import glsatool

152

153

 if __name__ == '__main__':

154

-    parser = argparse.ArgumentParser()

155

-    parser.add_argument('-b', '--bugs', required=True, nargs='+')

156

-    parser.add_argument('-t', '--title', required=True)

157

-    args = parser.parse_args()

158

-    auth = glsamaker_key()

159

-    for bug in args.bugs:

160

-        CVETool(auth, 'dobug', [bug])

161

-    GLSATool(auth, bgo_key()).new_glsa(args.title, args.bugs)

162

+    try:

163

+        glsatool()

164

+    except KeyboardInterrupt:

165

+        print('\n ! Exiting.')

1	commit: b95debb109f03769167713f63d572e5857709b39
2	Author: John Helmert III <ajak <AT> gentoo <DOT> org>
3	AuthorDate: Tue Jul 6 23:32:42 2021 +0000
4	Commit: John Helmert III <ajak <AT> gentoo <DOT> org>
5	CommitDate: Tue Jul 6 23:32:42 2021 +0000
6	URL: https://gitweb.gentoo.org/proj/security.git/commit/?id=b95debb1
7
8	glsatool: reorganize into module and script (like cvetool)
9
10	Signed-off-by: John Helmert III <ajak <AT> gentoo.org>
11
12	bin/{glsatool => GLSATool.py} \| 4 +-
13	bin/glsatool \| 116 ++----------------------------------------
14	2 files changed, 6 insertions(+), 114 deletions(-)
15
16	diff --git a/bin/glsatool b/bin/GLSATool.py
17	old mode 100755
18	new mode 100644
19	similarity index 98%
20	copy from bin/glsatool
21	copy to bin/GLSATool.py
22	index 6755f32..c7fc804
23	--- a/bin/glsatool
24	+++ b/bin/GLSATool.py
25	@@ -1,5 +1,3 @@
26	-#!/usr/bin/env python
27	-
28	from configparser import ConfigParser
29	import argparse
30	import os
31	@@ -104,7 +102,7 @@ def bgo_key():
32	return apikey
33
34
35	-if __name__ == '__main__':
36	+def glsatool():
37	parser = argparse.ArgumentParser()
38	parser.add_argument('-b', '--bugs', required=True, nargs='+')
39	parser.add_argument('-t', '--title', required=True)
40
41	diff --git a/bin/glsatool b/bin/glsatool
42	index 6755f32..2f8e88a 100755
43	--- a/bin/glsatool
44	+++ b/bin/glsatool
45	@@ -1,115 +1,9 @@
46	#!/usr/bin/env python
47
48	-from configparser import ConfigParser
49	-import argparse
50	-import os
51	-import re
52	-
53	-import bugzilla
54	-import requests
55	-from bs4 import BeautifulSoup as bs
56	-
57	-from CVETool import CVETool
58	-
59	-GLSAMAKER_URI = 'https://glsamaker.gentoo.org'
60	-
61	-
62	-class GLSATool:
63	- """ Utility to ease GLSA handling in GLSAMaker """
64	-
65	- def __init__(self, glsamaker_key, bgo_key):
66	- self.auth = glsamaker_key
67	- self.bgo = bugzilla.Bugzilla('https://bugs.gentoo.org',
68	- api_key=bgo_key, force_rest=True)
69	-
70	- def get_csrf_token(self):
71	- soup = bs(self.request('/glsas/new'), features='lxml')
72	- csrf_token = \
73	- soup.find('input', {'name': 'authenticity_token'})['value']
74	- return csrf_token
75	-
76	- def request(self, path, method='GET', data=None):
77	- if method == 'GET':
78	- response = requests.get(GLSAMAKER_URI + path,
79	- headers={'Authorization':
80	- 'Basic ' + self.auth})
81	- elif method == 'POST':
82	- if data:
83	- response = requests.post(GLSAMAKER_URI + path,
84	- data=data,
85	- headers={'Authorization':
86	- 'Basic ' + self.auth})
87	- else:
88	- response = requests.post(GLSAMAKER_URI + path,
89	- headers={'Authorization':
90	- 'Basic ' + self.auth})
91	- if not response.ok:
92	- raise RuntimeError(path + ': ' + str(response.status_code))
93	- return response.text
94	-
95	- def new_whiteboard(self, old_whiteboard):
96	- regex = re.compile('[A-C~][0-4] \[.*\]')
97	- severity = old_whiteboard[:2]
98	- new = ['glsa']
99	-
100	- if not regex.match(old_whiteboard):
101	- # Don't even try to operate on a whiteboard with a strange
102	- # format
103	- raise RuntimeError("Bad whiteboard! '" + old_whiteboard + "'")
104	-
105	- # Iterate over words within the [] part of whiteboard
106	- for word in re.sub('[\[\]]', '', old_whiteboard[2:]).split():
107	- if 'glsa' not in word:
108	- new += [word]
109	- if 'cve' not in new:
110	- new.append('cve')
111	- return severity + ' [' + ' '.join(new) + ']'
112	-
113	- def update_bugs(self, bugs):
114	- for bug in self.bgo.getbugs(bugs):
115	- update = {'whiteboard': self.new_whiteboard(bug.whiteboard),
116	- 'comment': {'comment': 'GLSA request filed.'}}
117	- print('https://bugs.gentoo.org/{}: {} -> {}'
118	- .format(str(bug.id), bug.whiteboard, update['whiteboard']))
119	- self.bgo.update_bugs([bug.id], update)
120	-
121	- def new_glsa(self, title, bugs):
122	- data = {
123	- 'title': title + ' [DRAFT]',
124	- 'bugs': ','.join(bugs),
125	- 'access': 'public',
126	- 'import_references': '1',
127	- 'what': 'request', # ???
128	- 'authenticity_token': self.get_csrf_token()
129	- }
130	- self.request('/glsas', method='POST', data=data)
131	- print("GLSA request filed")
132	- self.update_bugs(bugs)
133	-
134	-
135	-def glsamaker_key():
136	- authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')
137	- if 'CVETOOL_AUTH' in os.environ:
138	- return os.environ['CVETOOL_AUTH']
139	- if os.path.isfile(authpath):
140	- with open(authpath, 'r') as authfile:
141	- return authfile.readlines()[0]
142	-
143	-
144	-def bgo_key():
145	- bugzrc = os.path.expanduser("~/.bugzrc")
146	- config = ConfigParser()
147	- config.read(bugzrc)
148	- apikey = config['default']['key']
149	- return apikey
150	-
151	+from GLSATool import glsatool
152
153	if __name__ == '__main__':
154	- parser = argparse.ArgumentParser()
155	- parser.add_argument('-b', '--bugs', required=True, nargs='+')
156	- parser.add_argument('-t', '--title', required=True)
157	- args = parser.parse_args()
158	- auth = glsamaker_key()
159	- for bug in args.bugs:
160	- CVETool(auth, 'dobug', [bug])
161	- GLSATool(auth, bgo_key()).new_glsa(args.title, args.bugs)
162	+ try:
163	+ glsatool()
164	+ except KeyboardInterrupt:
165	+ print('\n ! Exiting.')

Gentoo Archives: gentoo-commits