search

RedHatOfficial / rhsecapi

Tools that utilize the Red Hat Security Data API
GNU General Public License v3.0
61 stars 27 forks source link

IAVM Mapper interface: fixup error-handling #42

Closed ryran closed 7 years ago

ryran commented 7 years ago

A good one works:

$ rhsecapi --loglevel info --q-iava 2016-B-0158 
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0158' ...
[NOTICE ] rhsda: 5 CVEs found with search

CVE-2016-0762
CVE-2016-5018
CVE-2016-6794
CVE-2016-6796
CVE-2016-6797

A fake one isn't in the index so gets expected output:

$ rhsecapi --loglevel info --q-iava 2016-B-JANK
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[ERROR  ] rhsda: IAVM Mapper (https://access.redhat.com/labs/iavmmapper) has no knowledge of '2016-B-JANK'

For help, open an issue at http://github.com/ryran/rhsecapi
Or post a comment at https://access.redhat.com/discussions/2713931

What about if an IAVA that is known by the global index but doesn't actually exist for some reason?

$ rhsecapi --loglevel info --q-iava 2016-B-0164
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0164' ...
[ERROR  ] rhsda: Login error; unable to get IAVA info

IAVA→CVE mapping data is not provided by the public RH Security Data API.
Instead, this uses the IAVM Mapper App (access.redhat.com/labs/iavmmapper).

Access to this data requires RH Customer Portal credentials be provided.
Create a ~/.netrc with the following contents:

machine access.redhat.com
  login YOUR-CUSTOMER-PORTAL-LOGIN
  password YOUR_PASSWORD_HERE

For help, open an issue at http://github.com/ryran/rhsecapi
Or post a comment at https://access.redhat.com/discussions/2713931
Traceback (most recent call last):
  File "/home/rsaw/bin/rhsecapi", line 417, in <module>
    main(opts)
  File "/home/rsaw/bin/rhsecapi", line 363, in main
    result = apiclient.get_iava(opts.q_iava)
  File "/g/dev-rhsecapi/rhsda.py", line 784, in get_iava
    logger.log(25, "{0} CVEs found with search".format(len(result['IAVM']['CVEs']['CVENumber'])))
TypeError: list indices must be integers, not str

Yeah so my error-handling didn't account for that. Will do.

ryran commented 7 years ago

Done.

$ rhsecapi --q-iava 2016-B-0164 -l debug
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/' ...
[DEBUG  ] rhsda: Return status: '200'; Content-Type: 'application/json; charset=utf-8'
[DEBUG  ] rhsda: IAVM Mapper app main index contains '2016-B-0164'
[INFO   ] rhsda: Getting 'https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0164' ...
[INFO   ] rhsda: 500 Server Error: Internal Server Error for url: https://access.redhat.com/labs/iavmmapper/api/iava/2016-B-0164
[ERROR  ] rhsda: IAVM Mapper app doesn't have entry for '2016-B-0164'

For help, open an issue at http://github.com/ryran/rhsecapi
Or post a comment at https://access.redhat.com/discussions/2713931