[gentoo-commits] proj/security:ajak-cvetool commit in: bin/ - gentoo-commits

From:	John Helmert III <ajak@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/security:ajak-cvetool commit in: bin/
Date:	Mon, 05 Jul 2021 20:24:20
Message-Id:	`1625516436.5976eb82d7f4af4de9083914cfb728ed1a331e38.ajak@gentoo`

1

commit:     5976eb82d7f4af4de9083914cfb728ed1a331e38

2

Author:     John Helmert III <ajak <AT> gentoo <DOT> org>

3

AuthorDate: Mon Jul  5 20:10:05 2021 +0000

4

Commit:     John Helmert III <ajak <AT> gentoo <DOT> org>

5

CommitDate: Mon Jul  5 20:20:36 2021 +0000

6

URL:        https://gitweb.gentoo.org/proj/security.git/commit/?id=5976eb82

7

8

cvetool: reorganize cvetool code into python module and callable script

9

10

Signed-off-by: John Helmert III <ajak <AT> gentoo.org>

11

12

 bin/CVETool.py | 18 ++++++++++++++

13

 bin/cvetool    | 25 ++------------------

14

 bin/glsatool   | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

15

 3 files changed, 94 insertions(+), 23 deletions(-)

16

17

diff --git a/bin/CVETool.py b/bin/CVETool.py

18

index c5996f6..7a5c576 100644

19

--- a/bin/CVETool.py

20

+++ b/bin/CVETool.py

21

@@ -240,3 +240,21 @@ class CVETool:

22

         if jsondata:

23

             return response.json()

24

         return response.text

25

+

26

+

27

+def cvetool():

28

+    if len(sys.argv) == 1:

29

+        CVETool(None, 'usage', sys.argv[2:])

30

+

31

+    auth = None

32

+    authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')

33

+    if 'CVETOOL_AUTH' in os.environ:

34

+        auth = os.environ['CVETOOL_AUTH']

35

+    elif os.path.isfile(authpath):

36

+        with open(authpath, 'r') as authfile:

37

+            auth = authfile.readlines()[0]

38

+    elif 'CVETOOL_AUTH' not in os.environ and not sys.argv[1] == 'pw':

39

+        print('CVETOOL_AUTH environment variable missing. Generate its contents with the pw subcommand.')

40

+        sys.exit(1)

41

+

42

+    CVETool(auth, sys.argv[1], sys.argv[2:])

43

44

diff --git a/bin/cvetool b/bin/cvetool

45

index 7e30837..d5aa25f 100755

46

--- a/bin/cvetool

47

+++ b/bin/cvetool

48

@@ -2,32 +2,11 @@

49

 # Copyright 2016 Alex Legler

50

 # Distributed under the terms of the GNU General Public License v3

51

52

-import os

53

-import re

54

-import sys

55

-

56

-from CVETool import CVETool

57

-

58

-def main():

59

-    if len(sys.argv) == 1:

60

-        CVETool(None, 'usage', sys.argv[2:])

61

-

62

-    auth = None

63

-    authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')

64

-    if 'CVETOOL_AUTH' in os.environ:

65

-        auth = os.environ['CVETOOL_AUTH']

66

-    elif os.path.isfile(authpath):

67

-        with open(authpath, 'r') as authfile:

68

-            auth = authfile.readlines()[0]

69

-    elif 'CVETOOL_AUTH' not in os.environ and not sys.argv[1] == 'pw':

70

-        print('CVETOOL_AUTH environment variable missing. Generate its contents with the pw subcommand.')

71

-        sys.exit(1)

72

-

73

-    CVETool(auth, sys.argv[1], sys.argv[2:])

74

+from CVETool import CVETool, cvetool

75

76

77

 if __name__ == "__main__":

78

     try:

79

-        main()

80

+        cvetool()

81

     except KeyboardInterrupt:

82

         print('\n ! Exiting.')

83

84

diff --git a/bin/glsatool b/bin/glsatool

85

new file mode 100755

86

index 0000000..4582a40

87

--- /dev/null

88

+++ b/bin/glsatool

89

@@ -0,0 +1,74 @@

90

+#!/usr/bin/env python

91

+

92

+import argparse

93

+import os

94

+import re

95

+import typing

96

+

97

+import bugzilla

98

+import bracex

99

+import pkgcore.config

100

+from pkgcore.ebuild import atom

101

+import requests

102

+

103

+from cvetool import CVETool

104

+

105

+PKG_SEPARATORS = re.compile(r':\s|[\s,;(){}[\]]')

106

+GLSAMAKER_URI = 'https://glsamaker.gentoo.org'

107

+bgo = bugzilla.Bugzilla('https://bugs.gentoo.org')

108

+repo = pkgcore.config.load_config().repo['gentoo']

109

+

110

+

111

+class GLSATool:

112

+    """ Utility to ease GLSA handling in GLSAMaker """

113

+

114

+    def __init__(self, auth):

115

+        self.auth = auth

116

+

117

+    # https://github.com/mgorny/kuroneko/blob/master/kuroneko/scraper.py#L80

118

+    def find_package_specs(s: str) -> typing.Iterable[atom.atom]:

119

+        """Find potentially valid package specifications in given string."""

120

+        words = set()

121

+        # consider all possible expansions

122

+        for exp in bracex.iexpand(s):

123

+            words.update(PKG_SEPARATORS.split(exp))

124

+        for w in words:

125

+            # skip anything that couldn't be cat/pkg early

126

+            if '/' not in w:

127

+                continue

128

+            try:

129

+                yield atom.atom(w)

130

+            except MalformedAtom:

131

+                continue

132

+

133

+    def new_glsa(auth, title, bugs):

134

+        post = requests.post(GLSAMAKER_URI + '/glsas',

135

+                             data={'title': title + ' [DRAFT]',

136

+                                   'bugs': ','.join(bugs),

137

+                                   'access': 'public',

138

+                                   'import_references': '1',

139

+                                   'what': 'request',  # ???

140

+                                   'authenticity_token': 'k75YYdGlcL+dlZS7RKXSVxKaKl2tiiMvwWlReFtKzt3NCKDE2AeskkrZ851xJB7uCBRUTpstV+/aqUTEx3MfIQ=='},

141

+                             headers={'Authorization': 'Basic ' + auth})

142

+        if not post.ok:

143

+            import pdb; pdb.set_trace()

144

+

145

+

146

+def get_auth():

147

+    authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')

148

+    if 'CVETOOL_AUTH' in os.environ:

149

+        return os.environ['CVETOOL_AUTH']

150

+    elif os.path.isfile(authpath):

151

+        with open(authpath, 'r') as authfile:

152

+            return authfile.readlines()[0]

153

+

154

+

155

+if __name__ == '__main__':

156

+    parser = argparse.ArgumentParser()

157

+    parser.add_argument('-b', '--bugs', required=True, nargs='+')

158

+    parser.add_argument('-t', '--title', required=True)

159

+    args = parser.parse_args()

160

+    auth = get_auth()

161

+    for bug in args.bugs:

162

+        CVETool(auth, 'dobug', [bug])

163

+    new_glsa(auth, args.title, args.bugs)

1	commit: 5976eb82d7f4af4de9083914cfb728ed1a331e38
2	Author: John Helmert III <ajak <AT> gentoo <DOT> org>
3	AuthorDate: Mon Jul 5 20:10:05 2021 +0000
4	Commit: John Helmert III <ajak <AT> gentoo <DOT> org>
5	CommitDate: Mon Jul 5 20:20:36 2021 +0000
6	URL: https://gitweb.gentoo.org/proj/security.git/commit/?id=5976eb82
7
8	cvetool: reorganize cvetool code into python module and callable script
9
10	Signed-off-by: John Helmert III <ajak <AT> gentoo.org>
11
12	bin/CVETool.py \| 18 ++++++++++++++
13	bin/cvetool \| 25 ++------------------
14	bin/glsatool \| 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
15	3 files changed, 94 insertions(+), 23 deletions(-)
16
17	diff --git a/bin/CVETool.py b/bin/CVETool.py
18	index c5996f6..7a5c576 100644
19	--- a/bin/CVETool.py
20	+++ b/bin/CVETool.py
21	@@ -240,3 +240,21 @@ class CVETool:
22	if jsondata:
23	return response.json()
24	return response.text
25	+
26	+
27	+def cvetool():
28	+ if len(sys.argv) == 1:
29	+ CVETool(None, 'usage', sys.argv[2:])
30	+
31	+ auth = None
32	+ authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')
33	+ if 'CVETOOL_AUTH' in os.environ:
34	+ auth = os.environ['CVETOOL_AUTH']
35	+ elif os.path.isfile(authpath):
36	+ with open(authpath, 'r') as authfile:
37	+ auth = authfile.readlines()[0]
38	+ elif 'CVETOOL_AUTH' not in os.environ and not sys.argv[1] == 'pw':
39	+ print('CVETOOL_AUTH environment variable missing. Generate its contents with the pw subcommand.')
40	+ sys.exit(1)
41	+
42	+ CVETool(auth, sys.argv[1], sys.argv[2:])
43
44	diff --git a/bin/cvetool b/bin/cvetool
45	index 7e30837..d5aa25f 100755
46	--- a/bin/cvetool
47	+++ b/bin/cvetool
48	@@ -2,32 +2,11 @@
49	# Copyright 2016 Alex Legler
50	# Distributed under the terms of the GNU General Public License v3
51
52	-import os
53	-import re
54	-import sys
55	-
56	-from CVETool import CVETool
57	-
58	-def main():
59	- if len(sys.argv) == 1:
60	- CVETool(None, 'usage', sys.argv[2:])
61	-
62	- auth = None
63	- authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')
64	- if 'CVETOOL_AUTH' in os.environ:
65	- auth = os.environ['CVETOOL_AUTH']
66	- elif os.path.isfile(authpath):
67	- with open(authpath, 'r') as authfile:
68	- auth = authfile.readlines()[0]
69	- elif 'CVETOOL_AUTH' not in os.environ and not sys.argv[1] == 'pw':
70	- print('CVETOOL_AUTH environment variable missing. Generate its contents with the pw subcommand.')
71	- sys.exit(1)
72	-
73	- CVETool(auth, sys.argv[1], sys.argv[2:])
74	+from CVETool import CVETool, cvetool
75
76
77	if __name__ == "__main__":
78	try:
79	- main()
80	+ cvetool()
81	except KeyboardInterrupt:
82	print('\n ! Exiting.')
83
84	diff --git a/bin/glsatool b/bin/glsatool
85	new file mode 100755
86	index 0000000..4582a40
87	--- /dev/null
88	+++ b/bin/glsatool
89	@@ -0,0 +1,74 @@
90	+#!/usr/bin/env python
91	+
92	+import argparse
93	+import os
94	+import re
95	+import typing
96	+
97	+import bugzilla
98	+import bracex
99	+import pkgcore.config
100	+from pkgcore.ebuild import atom
101	+import requests
102	+
103	+from cvetool import CVETool
104	+
105	+PKG_SEPARATORS = re.compile(r':\s\|[\s,;(){}[\]]')
106	+GLSAMAKER_URI = 'https://glsamaker.gentoo.org'
107	+bgo = bugzilla.Bugzilla('https://bugs.gentoo.org')
108	+repo = pkgcore.config.load_config().repo['gentoo']
109	+
110	+
111	+class GLSATool:
112	+ """ Utility to ease GLSA handling in GLSAMaker """
113	+
114	+ def __init__(self, auth):
115	+ self.auth = auth
116	+
117	+ # https://github.com/mgorny/kuroneko/blob/master/kuroneko/scraper.py#L80
118	+ def find_package_specs(s: str) -> typing.Iterable[atom.atom]:
119	+ """Find potentially valid package specifications in given string."""
120	+ words = set()
121	+ # consider all possible expansions
122	+ for exp in bracex.iexpand(s):
123	+ words.update(PKG_SEPARATORS.split(exp))
124	+ for w in words:
125	+ # skip anything that couldn't be cat/pkg early
126	+ if '/' not in w:
127	+ continue
128	+ try:
129	+ yield atom.atom(w)
130	+ except MalformedAtom:
131	+ continue
132	+
133	+ def new_glsa(auth, title, bugs):
134	+ post = requests.post(GLSAMAKER_URI + '/glsas',
135	+ data={'title': title + ' [DRAFT]',
136	+ 'bugs': ','.join(bugs),
137	+ 'access': 'public',
138	+ 'import_references': '1',
139	+ 'what': 'request', # ???
140	+ 'authenticity_token': 'k75YYdGlcL+dlZS7RKXSVxKaKl2tiiMvwWlReFtKzt3NCKDE2AeskkrZ851xJB7uCBRUTpstV+/aqUTEx3MfIQ=='},
141	+ headers={'Authorization': 'Basic ' + auth})
142	+ if not post.ok:
143	+ import pdb; pdb.set_trace()
144	+
145	+
146	+def get_auth():
147	+ authpath = os.path.join(os.path.expanduser('~'), '.config', 'cvetool_auth')
148	+ if 'CVETOOL_AUTH' in os.environ:
149	+ return os.environ['CVETOOL_AUTH']
150	+ elif os.path.isfile(authpath):
151	+ with open(authpath, 'r') as authfile:
152	+ return authfile.readlines()[0]
153	+
154	+
155	+if __name__ == '__main__':
156	+ parser = argparse.ArgumentParser()
157	+ parser.add_argument('-b', '--bugs', required=True, nargs='+')
158	+ parser.add_argument('-t', '--title', required=True)
159	+ args = parser.parse_args()
160	+ auth = get_auth()
161	+ for bug in args.bugs:
162	+ CVETool(auth, 'dobug', [bug])
163	+ new_glsa(auth, args.title, args.bugs)

Gentoo Archives: gentoo-commits