arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

custom http client for nvd, add publication date

Browse Source
This commit is contained in:
ErikThoreson 2017-12-05 12:51:32 -06:00
parent f8a1359a60
commit 70db22b996
2 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
ext/vulnmdsrc/nvd/nvd.go
View File

@ -57,8 +57,9 @@ type NVDMetadata struct {
} }
type NVDmetadataCVSSv2 struct { type NVDmetadataCVSSv2 struct {
Vectors string PublishedDateTime string
Score float64 Vectors string
Score float64
} }
func init() { func init() {
@ -82,6 +83,7 @@ func (a *appender) BuildCache(datastore database.Datastore) error {
// Get data feeds. // Get data feeds.
dataFeedReaders, dataFeedHashes, err := getDataFeeds(a.dataFeedHashes, a.localPath) dataFeedReaders, dataFeedHashes, err := getDataFeeds(a.dataFeedHashes, a.localPath)
if err != nil { if err != nil {
log.Info(err)
return err return err
} }
a.dataFeedHashes = dataFeedHashes a.dataFeedHashes = dataFeedHashes
@ -160,8 +162,17 @@ func getDataFeeds(dataFeedHashes map[string]string, localPath string) (map[strin
} }
} }
//A custom HTTP client limiting the amound of Idle connections is helpful when retrieving the feeds from nvd.nist.gov due to the number of timeouts.
var netClient = &http.Client{}
tr := &http.Transport{
MaxIdleConns: 20,
MaxIdleConnsPerHost: 20,
}
netClient = &http.Client{Transport: tr}
// Download data feed. // Download data feed.
r, err := http.Get(fmt.Sprintf(dataFeedURL, dataFeedName)) r, err := netClient.Get(fmt.Sprintf(dataFeedURL, dataFeedName))
if err != nil { if err != nil {
log.WithError(err).WithField(logDataFeedName, dataFeedName).Error("could not download NVD data feed") log.WithError(err).WithField(logDataFeedName, dataFeedName).Error("could not download NVD data feed")
return dataFeedReaders, dataFeedHashes, commonerr.ErrCouldNotDownload return dataFeedReaders, dataFeedHashes, commonerr.ErrCouldNotDownload

10
ext/vulnmdsrc/nvd/xml.go
View File

@ -26,8 +26,9 @@ type nvd struct {
} }
type nvdEntry struct { type nvdEntry struct {
Name string `xml:"http://scap.nist.gov/schema/vulnerability/0.4 cve-id"` Name string `xml:"http://scap.nist.gov/schema/vulnerability/0.4 cve-id"`
CVSS nvdCVSS `xml:"http://scap.nist.gov/schema/vulnerability/0.4 cvss"` CVSS nvdCVSS `xml:"http://scap.nist.gov/schema/vulnerability/0.4 cvss"`
PublishedDateTime string `xml:"http://scap.nist.gov/schema/vulnerability/0.4 published-datetime"`
} }
type nvdCVSS struct { type nvdCVSS struct {
@ -64,8 +65,9 @@ func init() {
func (n nvdEntry) Metadata() *NVDMetadata { func (n nvdEntry) Metadata() *NVDMetadata {
metadata := &NVDMetadata{ metadata := &NVDMetadata{
CVSSv2: NVDmetadataCVSSv2{ CVSSv2: NVDmetadataCVSSv2{
Vectors: n.CVSS.BaseMetrics.String(), PublishedDateTime: n.PublishedDateTime,
Score: n.CVSS.BaseMetrics.Score, Vectors: n.CVSS.BaseMetrics.String(),
Score: n.CVSS.BaseMetrics.Score,
}, },
} }