diff --git a/cve-vulner-manager/common/common.go b/cve-vulner-manager/common/common.go index 9ae473dc6f9caee52a24962b633426725aa800ab..8a6631759d7872471432dfa02f9c560e577890bf 100644 --- a/cve-vulner-manager/common/common.go +++ b/cve-vulner-manager/common/common.go @@ -11,6 +11,7 @@ import ( "github.com/astaxie/beego" "github.com/astaxie/beego/config" "github.com/astaxie/beego/logs" + "github.com/astaxie/beego/orm" ) const DATE_FORMAT = "2006-01-02 15:04:05" @@ -349,6 +350,7 @@ type CveOriginData struct { type UploadData struct { Token string `json:"Token"` + Source int `json:"source"` CveData []CveOriginData } @@ -533,7 +535,7 @@ func IsContainSpecialChar(str string, flag int8) bool { } // Obtain token data from different communities and extract them into public data -func GetOwnerAndToken(organizationID int8) (owner, accessToken string) { +func GetOwnerAndToken(cve string, organizationID int8) (owner, accessToken string) { if organizationID == 2 { owner = beego.AppConfig.String("opengauss::gauss_owner") accessToken = beego.AppConfig.String("opengauss::git_gauss_token") @@ -547,6 +549,29 @@ func GetOwnerAndToken(organizationID int8) (owner, accessToken string) { owner = beego.AppConfig.String("gitee::owner") accessToken = beego.AppConfig.String("gitee::git_token") } + if organizationID == 1 && GetCveSource(cve) == 1 { + accessToken = beego.AppConfig.String("majun::token") + } + return +} + +type Source struct { + Source int `orm:"column(source)"` +} + +func GetCveSource(cve string) (source int) { + source = 0 + if len(cve) == 0 { + return + } + o := orm.NewOrm() + var res Source + err := o.Raw("select source from cve_origin_upstream where cve_num = ?", cve).QueryRow(&res) + if err != nil { + logs.Error(err) + return + } + source = res.Source return } diff --git a/cve-vulner-manager/conf/app.conf b/cve-vulner-manager/conf/app.conf index dff825d70fa0ae1a4dacc91fd0bfa3ce0c9e96c4..d14c0f4b3530d89b253a204b76949333abdd89c7 100644 --- a/cve-vulner-manager/conf/app.conf +++ b/cve-vulner-manager/conf/app.conf @@ -274,4 +274,7 @@ url = "http://127.0.0.1:8090/v1/cve/track" openlookeng_owner = open-loo-keng # git token git_openlookeng_token = "${GITEE_OPENLOOKENG_TOKEN||xxx}" -openlookeng_version = "master" \ No newline at end of file +openlookeng_version = "master" + +[majun] +token = "${GITEE_MAJUN_TOKEN||xxx}" \ No newline at end of file diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index dbc3ec127fb44d6f728e035ff3ee5932569f8dba..6638d19c3c35aecccd0bd923b8f76e961b2b6410 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -263,4 +263,7 @@ url = "http://cve-manager-agent.cve-manager-agent.svc.cluster.local/v1/cve/track openlookeng_owner = openlookeng # git token git_openlookeng_token = "${GITEE_OPENLOOKENG_TOKEN||xxx}" -openlookeng_version = "master" \ No newline at end of file +openlookeng_version = "master" + +[majun] +token = "${GITEE_MAJUN_TOKEN||xxx}" \ No newline at end of file diff --git a/cve-vulner-manager/controllers/hook.go b/cve-vulner-manager/controllers/hook.go index c476f68223d31aca908b9630db65a62ea7c158d8..f9c21d8e92d93d4798ea6ec52aeaa529cd57eff5 100644 --- a/cve-vulner-manager/controllers/hook.go +++ b/cve-vulner-manager/controllers/hook.go @@ -225,7 +225,7 @@ func (c *HookEventControllers) handleIssue() { } } if issueHook.Action == "open" { - owner, token := common.GetOwnerAndToken(organizationID) + owner, token := common.GetOwnerAndToken("", organizationID) issueTmp := models.IssueTemplate{IssueNum: issueHook.Iid, IssueId: issueHook.Issue.Id} err := models.GetIssueTemplateByColName(&issueTmp, "issue_num", "issue_id") if err == nil && issueTmp.TemplateId > 0 { @@ -569,7 +569,7 @@ func handleIssueStateChange(issueHook *models.IssuePayload) error { models.UpdateIssueTemplate(&issueTmp, "Status", "StatusName") return errors.New("The current issue has been rejected and will not be processed") } - owner, token := common.GetOwnerAndToken(cveCenter.OrganizationID) + owner, token := common.GetOwnerAndToken(cveCenter.CveNum, cveCenter.OrganizationID) issueTmp.StatusName = issueHook.Issue.StateName logs.Info("Initiating issue status modification, sponsor: @", issueHook.Sender.UserName, ", Modify status: ", issueHook.Issue.StateName, ", data: ", issueHook) @@ -654,7 +654,7 @@ func VerifyIssueAsPr(issueTmp *models.IssueTemplate, cveCenter models.VulnCenter } affectProductList := make([]string, 0) tmpAffectBranchsxList := make([]string, 0) - owner, token := common.GetOwnerAndToken(cveCenter.OrganizationID) + owner, token := common.GetOwnerAndToken(cveCenter.CveNum, cveCenter.OrganizationID) if cveCenter.OrganizationID == 4 { affectedBranchs = beego.AppConfig.String("openlookeng::openlookeng_version") affectBranchsxList = taskhandler.CreateBrandAndTags(token, owner, path, cveCenter.OrganizationID) @@ -1600,7 +1600,7 @@ func handleIssueComment(payload models.CommentPayload) { logs.Error("GetVulnCenterByCid, vcErr: ", vcErr, ",CveId: ", issueTmp.CveId) return } - owner, accessToken := common.GetOwnerAndToken(vc.OrganizationID) + owner, accessToken := common.GetOwnerAndToken(vc.CveNum, vc.OrganizationID) if vc.OrganizationID == 2 { if len(path) < 2 { path = beego.AppConfig.String("opengauss::gauss_issue_path") @@ -3122,7 +3122,7 @@ func AddGitIssue(issueHook *models.IssuePayload, desc, product string) error { } } } - owner, accessToken := common.GetOwnerAndToken(organizationID) + owner, accessToken := common.GetOwnerAndToken("", organizationID) for _, cve := range cveList { item.CveNumber = cve // Check whether the current cve has created an issue @@ -3217,7 +3217,7 @@ func DelOrgIssue(issueHook *models.IssuePayload, organizationID int8) { // Entry function for handling issue status func gitAddIssueProc(issueHook *models.IssuePayload, organizationID int8) error { - owner, token := common.GetOwnerAndToken(organizationID) + owner, token := common.GetOwnerAndToken("", organizationID) path := issueHook.Repository.Path // The amount of data processed at a time prcNum, err := beego.AppConfig.Int("crontab::prcnum") @@ -3281,7 +3281,7 @@ func AddIssueComment(token, owner, path, issueNum, assignee string, issueId int6 if cveErr != nil { return cveErr } - owner, token = common.GetOwnerAndToken(cveCenter.OrganizationID) + owner, token = common.GetOwnerAndToken(cveCenter.CveNum, cveCenter.OrganizationID) if cveCenter.OrganizationID == 4 { cveList := strings.Split(cveCenter.CveVersion, ",") if len(cveList) > 0 { diff --git a/cve-vulner-manager/controllers/upload.go b/cve-vulner-manager/controllers/upload.go index b2a6a6eafb6a27f1bb9ed6d83d6b4d866cc4651a..69306dd9114870ba2007edeb14d7e0430938ddce 100644 --- a/cve-vulner-manager/controllers/upload.go +++ b/cve-vulner-manager/controllers/upload.go @@ -198,7 +198,7 @@ func (u *UserUploadController) Post() { return } for _, CveDataDict := range uploaddata.CveData { - resDataList := AddOrgUpstream(CveDataDict) + resDataList := AddOrgUpstream(uploaddata.Source, CveDataDict) if len(resDataList) > 0 { ResDataList = append(ResDataList, resDataList...) } @@ -216,11 +216,11 @@ func (u *UserUploadController) Post() { return } -func AddOrgUpstream(CveDataDict common.CveOriginData) (ResDataList []ResultData) { +func AddOrgUpstream(source int,CveDataDict common.CveOriginData) (ResDataList []ResultData) { defer common.Catchs() logs.Info("Each request parameter: ", CveDataDict) // Record data flow - AddOrgUpstreamRecord(CveDataDict) + AddOrgUpstreamRecord(source,CveDataDict) var ResData ResultData ids := CveDataDict.Ids if len(ids) < 1 { @@ -276,6 +276,7 @@ func AddOrgUpstream(CveDataDict common.CveOriginData) (ResDataList []ResultData) if cveNum != "" { cveNum = common.DeletePreAndSufSpace(cveNum) } + orCve.Source = source orCve.CveNum = cveNum orCve.Version = version orCve.UpdateType = updateType @@ -391,7 +392,7 @@ func checkPackageAndVersion(packName string, orCve *models.OriginUpstream) { } } -func AddOrgUpstreamRecord(CveDataDict common.CveOriginData) { +func AddOrgUpstreamRecord(source int,CveDataDict common.CveOriginData) { orCve := models.OriginUpstreamRecord{} ids := CveDataDict.Ids cveNum := CveDataDict.CveNum @@ -400,6 +401,7 @@ func AddOrgUpstreamRecord(CveDataDict common.CveOriginData) { if len(CveDataDict.CvePackName) > 0 { cvePackName = strings.Join(CveDataDict.CvePackName, ",") } + orCve.Source = source packName := "" if len(CveDataDict.PackName) > 0 { packName = strings.Join(CveDataDict.PackName, ",") diff --git a/cve-vulner-manager/cve-timed-task/tabletask/crawltask.go b/cve-vulner-manager/cve-timed-task/tabletask/crawltask.go index e83d887d9691742b096c7e24c1fb6b130fc2b7d9..d6c5dbb2c6cb62c3b8a1d05610a6ef1e0041a229 100644 --- a/cve-vulner-manager/cve-timed-task/tabletask/crawltask.go +++ b/cve-vulner-manager/cve-timed-task/tabletask/crawltask.go @@ -3,7 +3,9 @@ package tabletask import ( "strings" "time" + "cvevulner/cve-timed-task/util" + "github.com/antchfx/htmlquery" "github.com/astaxie/beego/logs" "github.com/pkg/errors" @@ -29,6 +31,20 @@ type XpathList struct { ScoreType string } +type CVE struct { + Result CVEDetail `json:"result"` +} + +type CVEDetail struct { + CVEItem []CVEItems `json:"CVE_Items"` +} + +type CVEItems struct { + PublishedDate string `json:"publishedDate"` +} + +const CVEurl = "https://services.nvd.nist.gov/rest/json/cve/1.0/%v" + // Crawling Grab cve specific information func Crawling(url string) (XpathList, error) { xpathList := XpathList{} @@ -68,7 +84,7 @@ func Crawling(url string) (XpathList, error) { } else { w, err := time.ParseInLocation("01/02/2006", repairTime, time.Local) if err == nil { - xpathList.RepairTime = w.Format("2006-01-02 15:04:05") + xpathList.RepairTime = w.Format("2006-01-02 15:04") } else { logs.Error(err.Error()) } diff --git a/cve-vulner-manager/cve-timed-task/tabletask/repeat_task.go b/cve-vulner-manager/cve-timed-task/tabletask/repeat_task.go index d18cf0c35da141b08d59ae19ad25066dedda7d59..f986a1a01131c4431dc27bfa7016e366d200d1c5 100644 --- a/cve-vulner-manager/cve-timed-task/tabletask/repeat_task.go +++ b/cve-vulner-manager/cve-timed-task/tabletask/repeat_task.go @@ -32,6 +32,10 @@ func RepeatTask() { logs.Error("Crawling error:", err, url) continue } + rep := GetRepair(v.CveNum) + if len(rep) > 0 { + crawlList.RepairTime = rep + } nvdScore, err := strconv.ParseFloat(crawlList.NvdScore, 64) if err != nil { logs.Error(err.Error()) @@ -85,6 +89,10 @@ func GetPublishedDateTask() { logs.Error("Crawling error:", err, url) continue } + rep := GetRepair(v.CveNum) + if len(rep) > 0 { + crawlList.RepairTime = rep + } if crawlList.RepairTime != "" { err = db_models.UpdateCveVulnCenter(crawlList.RepairTime, strconv.FormatInt(v.CveId, 10), ormModel) if err != nil { diff --git a/cve-vulner-manager/cve-timed-task/tabletask/run_task.go b/cve-vulner-manager/cve-timed-task/tabletask/run_task.go index 002ed6dc6cf98a99af093c40b07b00e9cab8f95c..787b16664ae470a71404d14e8eaa4bdbfbf7c06f 100644 --- a/cve-vulner-manager/cve-timed-task/tabletask/run_task.go +++ b/cve-vulner-manager/cve-timed-task/tabletask/run_task.go @@ -145,6 +145,10 @@ func HandleDate() { } continue } + rep := GetRepair(cveNum) + if len(rep) > 0 { + crawlList.RepairTime = rep + } nvdScore, err := strconv.ParseFloat(crawlList.NvdScore, 64) if err != nil { logs.Error(err.Error()) @@ -203,6 +207,10 @@ func HandleDate() { } continue } + rep := GetRepair(cveNum) + if len(rep) > 0 { + crawlList.RepairTime = rep + } if crawlList.NvdScore != "" || crawlList.CveDesc != "" { nvdScore, err := strconv.ParseFloat(crawlList.NvdScore, 64) if err != nil { diff --git a/cve-vulner-manager/cve-timed-task/tabletask/supplement_cve.go b/cve-vulner-manager/cve-timed-task/tabletask/supplement_cve.go index ae920160b2cf66edfa4bbc0d468c06f4c5d44408..9f17c2851f515b6e0466dbd99fb8c1719e341e20 100644 --- a/cve-vulner-manager/cve-timed-task/tabletask/supplement_cve.go +++ b/cve-vulner-manager/cve-timed-task/tabletask/supplement_cve.go @@ -1,7 +1,10 @@ package tabletask import ( + "encoding/json" "fmt" + "io/ioutil" + "net/http" "strconv" "strings" "time" @@ -103,6 +106,30 @@ func RemoveRepeatedElement(arr []Compare) (newArr []Compare) { return } +func GetRepair(cve string) string { + var rep string = "" + resp, err := http.Get(fmt.Sprintf(CVEurl, cve)) + if err != nil { + return "" + } + defer resp.Body.Close() + body, err := ioutil.ReadAll(resp.Body) + if err != nil || body == nil { + return "" + } + var res CVE + err = json.Unmarshal(body, &res) + if err == nil { + if res.Result.CVEItem != nil && len(res.Result.CVEItem) > 0 { + w, timeerr := time.Parse("2006-01-02T15:04Z", res.Result.CVEItem[0].PublishedDate) + if timeerr == nil { + rep = w.Add(8 * time.Hour).Format("2006-01-02 15:04") + } + } + } + return rep +} + // UpdateCveVuln update data func UpdateCveVuln(url string, cve models.VulnCenter, ormModel orm.Ormer) error { cveNum := strings.TrimSpace(cve.CveNum) @@ -128,6 +155,10 @@ func UpdateCveVuln(url string, cve models.VulnCenter, ormModel orm.Ormer) error logs.Error("crawling data error:", err, url) return err } + rep := GetRepair(cve.CveNum) + if len(rep) > 0 { + listx.RepairTime = rep + } if (listx.CveDesc == "" || len(listx.CveDesc) < 2) && (listx.NvdScore == "") && (listx.RepairTime == "" || len(listx.RepairTime) > 2) { @@ -136,11 +167,12 @@ func UpdateCveVuln(url string, cve models.VulnCenter, ormModel orm.Ormer) error } if repairTime == "" && listx.RepairTime != "" && len(listx.RepairTime) > 2 { - if len(listx.RepairTime) > 10 { - repairTime = listx.RepairTime[:10] - } else { - repairTime = listx.RepairTime - } + //if len(listx.RepairTime) > 10 { + // repairTime = listx.RepairTime[:10] + //} else { + // repairTime = listx.RepairTime + //} + repairTime = listx.RepairTime err = db_models.UpdateVulnCenterTypeOne(models.VulnCenter{ RepairTime: repairTime, UpdateTime: updateTime, @@ -211,8 +243,8 @@ func UpdateCveVuln(url string, cve models.VulnCenter, ormModel orm.Ormer) error } templateResult, err := db_models.GetIssueTemplateTypeOne(models.IssueTemplate{ - CveId: cveId, - CveNum: cveNum, + CveId: cveId, + CveNum: cveNum, }, ormModel) if err != nil { logs.Error(" db_models.GetIssueTemplateTypeOne error:", err) diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go index 228bee46c27bc8d5326e3e143f5e6e5c203f0ff0..6f8941515f3186a5ef1c802c242a0d34677a1893 100644 --- a/cve-vulner-manager/models/modeldb.go +++ b/cve-vulner-manager/models/modeldb.go @@ -1,11 +1,12 @@ package models import ( + "time" + "github.com/astaxie/beego" "github.com/astaxie/beego/config" "github.com/astaxie/beego/logs" "github.com/astaxie/beego/orm" - "time" ) type AuthTokenInfo struct { @@ -342,6 +343,7 @@ type OriginUpstream struct { 4:包名版本号通过SA获取、版本号为修复版本号、修复版本以下都视为受影响版本; 5:包名版本号通过SA获取并通过别名匹配、版本号为修复版本号、修复版本以下都视为受影响版本; 6:版本号未匹配、包名通过以上任意方式匹配、可信度最低"` + Source int `orm:"default(0);column(source)" description:"漏洞来源,0: Vtopia; 1: Majun"` CreateTime string `orm:"size(32);column(create_time)"` UpdateTime string `orm:"size(32);column(update_time);null"` DeleteTime string `orm:"size(32);column(delete_time);null"` @@ -953,24 +955,25 @@ type OriginUpstreamRecord struct { FirstPerTime string `orm:"size(32);column(first_per_time)" description:"cve首次披露时间"` FirstGetTime string `orm:"size(32);column(first_get_time)" description:"cve受影响后首次感知时间"` VulStatus string `orm:"size(64);column(vul_status);null" description:"漏洞状态,REJECT, DISPUTED"` - Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化; + Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化; 2:数据已处理;3:错误数据;4:版本信息错误;5:cve年份不符合要求;6:低可信度数据已发邮件"` AffectedScope string `orm:"size(512);column(affected_scope);null" description:"影响范围推理"` Version string `orm:"size(64);column(version);index" description:"包对应的版本号"` AttackLink string `orm:"size(512);column(attack_link);null" description:"攻击链路推理"` IsExit int8 `orm:"default(1);column(is_exit)" description:"1: 当前包对应在src-openEuler有对应仓库; 0: 无;2:临时值"` - Credibility int `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据; + Credibility int `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据; 1:包名通过别名匹配、版本号为漏洞库原始数据; 2:包名版本号都通过漏洞描述获取; 3:包名通过漏洞描述获取并通过别名匹配、版本号为漏洞描述获取; 4:包名版本号通过SA获取、版本号为修复版本号、修复版本以下都视为受影响版本; 5:包名版本号通过SA获取并通过别名匹配、版本号为修复版本号、修复版本以下都视为受影响版本; 6:版本号未匹配、包名通过以上任意方式匹配、可信度最低"` - OrgData string `orm:"type(text);column(org_data);null" description:"原始数据"` - CreateTime string `orm:"size(32);column(create_time)"` - SysStatus int8 `orm:"default(0);column(sys_status)" description:"0:cve新增;1:数据已变化; + OrgData string `orm:"type(text);column(org_data);null" description:"原始数据"` + CreateTime string `orm:"size(32);column(create_time)"` + SysStatus int8 `orm:"default(0);column(sys_status)" description:"0:cve新增;1:数据已变化; 2:数据已处理;3:错误数据;4:版本信息错误;5:cve年份不符合要求;6:低可信度数据已发邮件"` - ErrDesc string `orm:"null;type(text);column(err_desc);null" description:"数据同步失败的错误描述"` + ErrDesc string `orm:"null;type(text);column(err_desc);null" description:"数据同步失败的错误描述"` + Source int `orm:"default(0);column(source)" description:"漏洞来源,0: Vtopia; 1: Majun"` } type OpenLookengSecurityReviewer struct { diff --git a/cve-vulner-manager/models/uploadcve.go b/cve-vulner-manager/models/uploadcve.go index 9a49418b9d2c1ef4e16a4ca30a2e50c7beca89dc..585a0857d664373bf9b604bda9bac04a2f03e2f6 100644 --- a/cve-vulner-manager/models/uploadcve.go +++ b/cve-vulner-manager/models/uploadcve.go @@ -591,6 +591,7 @@ func CreateOriginCve(CveData common.CveOriginData, ou *OriginUpstream, od *Origi logs.Info("update datas: ", ou) ou.CveId = ouse.CveId ou.Ids = ouse.Ids + ou.Source = ouse.Source ou.CreateTime = ouse.CreateTime if num, err := o.Update(ou); err == nil { logs.Info("CreateOriginCve, Update cve_origin_upstream success, num: ", num, ", cveNum: ", ou.Ids) diff --git a/cve-vulner-manager/task/grabissue.go b/cve-vulner-manager/task/grabissue.go index 1c007d3f2e6e596c8074e7dbe40d58b8c52b104a..08ee36d496a112a9510af187df7ced7caf00d9e6 100644 --- a/cve-vulner-manager/task/grabissue.go +++ b/cve-vulner-manager/task/grabissue.go @@ -1,14 +1,16 @@ package task import ( + "errors" + "strconv" + "strings" + "cvevulner/common" "cvevulner/taskhandler" - "errors" + "github.com/astaxie/beego" "github.com/astaxie/beego/config" "github.com/astaxie/beego/logs" - "strconv" - "strings" ) //GetIssueData get the issue data @@ -30,7 +32,7 @@ func GetIssueData() error { logs.Error("err: ", err) continue } - owner, giteeToken := common.GetOwnerAndToken(int8(organizationID)) + owner, giteeToken := common.GetOwnerAndToken("", int8(organizationID)) // Synchronize gitee data to cve errx := taskhandler.GrabIssueByOrg(giteeToken, owner) if errx != nil { diff --git a/cve-vulner-manager/task/issue.go b/cve-vulner-manager/task/issue.go index 71e7ddb8258a60fad61bda0878551c38c9d52777..645af753c8e9c53f5249574c6101dccc7c410596 100644 --- a/cve-vulner-manager/task/issue.go +++ b/cve-vulner-manager/task/issue.go @@ -92,7 +92,7 @@ func IssueLabelCheck() error { logs.Error("cveErr: ", cveErr) continue } - owner, token := common.GetOwnerAndToken(cveCenter.OrganizationID) + owner, token := common.GetOwnerAndToken(cveCenter.CveNum, cveCenter.OrganizationID) sn := models.SecurityNotice{CveId: issue.CveId, CveNum: issue.CveNum} snErr := sn.Read("cve_id", "cve_num") if snErr != nil { @@ -266,7 +266,7 @@ func SetIssueProcParams() error { deadLine := taskhandler.CvePlanCloseTime(its.CreateTime, cveLevel, false,true) planAt := common.GetSpecifiedTime(its.CreateTime, 0, false, true) priority := taskhandler.GetIssuePriority(cveLevel) - owner, accessToken := common.GetOwnerAndToken(vl.OrganizationID) + owner, accessToken := common.GetOwnerAndToken(vl.CveNum, vl.OrganizationID) issueErr, issueBody := taskhandler.GetGiteeIssue(accessToken, owner, its.Repo, its.IssueNum) if issueErr == nil && issueBody != nil { if s, ok := issueBody["created_at"].(string); ok { diff --git a/cve-vulner-manager/task/issuetask.go b/cve-vulner-manager/task/issuetask.go index 8e51e70029b6a7a252dc8b7398a76aaa279ea5aa..c6b7d78e0562a3931e45d0f2ae80d6c9782ad69d 100644 --- a/cve-vulner-manager/task/issuetask.go +++ b/cve-vulner-manager/task/issuetask.go @@ -182,7 +182,7 @@ func addUnlimitedIssue(beforeTime string, prcnum, years, toolYears, manYears, fl "err: ", lockErr, ",data: ", issueValue) continue } - owner, accessToken := common.GetOwnerAndToken(issueValue.OrganizationID) + owner, accessToken := common.GetOwnerAndToken(issueValue.CveNum, issueValue.OrganizationID) // Determine whether the issue has been processed goi, oks := models.QueryIssueCveByNum(issueValue.CveNum, issueValue.PackName, issueValue.OrganizationID) if oks { @@ -330,7 +330,7 @@ func addLimitedIssue(beforeTime string, prcnum int, years, toolYears, manYears i " process the next data, err: ", lockErr, ",data: ", issueValue) continue } - owner, accessToken := common.GetOwnerAndToken(issueValue.OrganizationID) + owner, accessToken := common.GetOwnerAndToken(issueValue.CveNum, issueValue.OrganizationID) goi, oks := models.QueryIssueCveByNum(issueValue.CveNum, issueValue.PackName, issueValue.OrganizationID) if oks { if strings.ToLower(goi.State) == "closed" || strings.ToLower(goi.State) == "rejected" || diff --git a/cve-vulner-manager/taskhandler/createissue.go b/cve-vulner-manager/taskhandler/createissue.go index 72a8381871f5cc397e52273e044d61be9354d847..baa2a7d6829922262c6524fc4889ba3393b07447 100644 --- a/cve-vulner-manager/taskhandler/createissue.go +++ b/cve-vulner-manager/taskhandler/createissue.go @@ -485,7 +485,7 @@ func UpdateIssueToGit(accessToken, owner, path string, models.UpdateIssueStatus(cve, 2) return "", errors.New("The current issue has been suspended/rejected and will not be processed") } - owner, accessToken = common.GetOwnerAndToken(cve.OrganizationID) + owner, accessToken = common.GetOwnerAndToken(cve.CveNum, cve.OrganizationID) if cve.OrganizationID == 2 { if len(path) < 2 { path = beego.AppConfig.String("opengauss::gauss_issue_path") diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index 3ab37b9ffd053ff8a51c32c046d88a4b55f33ea0..c1b36da75e0092651daa6a68bb5e00cda8ec5968 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -16,6 +16,7 @@ import ( "time" "cvevulner/common" + "cvevulner/cve-timed-task/tabletask" "cvevulner/models" "github.com/astaxie/beego" @@ -368,7 +369,7 @@ func UpdateCveGroups(cveData models.OriginUpstream, cveRef string, openeulerNum CveRes.Description = cveDesc.EnDescription } CveRes.CveVersion = pkList[1] - if len(CveRes.RepairTime) < 2 && len(cveData.PublishedDate) > 2 { + if len(cveData.PublishedDate) > 2 && CveRes.RepairTime != cveData.PublishedDate { CveRes.RepairTime = cveData.PublishedDate } //CveRes.PackName = pkList[0] @@ -1443,11 +1444,16 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c vul.Status = cveStatus vul.OrganizationID = cveData.OrganizationID accessToken := "" - owner, accessToken = common.GetOwnerAndToken(vul.OrganizationID) + owner, accessToken = common.GetOwnerAndToken(vul.CveNum, vul.OrganizationID) retVersion := AddCveVersion(vul.OrganizationID, strings.Split(RemoveSubstring(lop.Version, specCharList), ","), "") vul.CveVersion = retVersion - vul.RepairTime = "" + repair := tabletask.GetRepair(cveData.CveNumber) + if len(repair) > 0 { + vul.RepairTime = repair + } else { + vul.RepairTime = "" + } vul.PackName = cveData.RepoPath vul.RepoName = lop.Components vul.CveUrl = cveRef + cveData.CveNumber @@ -1673,7 +1679,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c vul.RepoName = lop.Components vul.OrganizationID = cveData.OrganizationID accessToken := "" - owner, accessToken = common.GetOwnerAndToken(vul.OrganizationID) + owner, accessToken = common.GetOwnerAndToken(vul.CveNum, vul.OrganizationID) var sec models.SecurityNotice sec.CveId = vul.CveId sec.CveNum = vul.CveNum diff --git a/cve-vulner-manager/taskhandler/gauss.go b/cve-vulner-manager/taskhandler/gauss.go index e7fd3067768d5935aaa6a54f931e2c3ef444dbf5..cb32c33948c4e05ce4bd8bb8aad44c8fd9c5b3ed 100644 --- a/cve-vulner-manager/taskhandler/gauss.go +++ b/cve-vulner-manager/taskhandler/gauss.go @@ -1,15 +1,9 @@ package taskhandler import ( - "cvevulner/common" - "cvevulner/models" - "cvevulner/util" "encoding/json" "errors" "fmt" - "github.com/360EntSecGroup-Skylar/excelize/v2" - "github.com/astaxie/beego" - "github.com/astaxie/beego/logs" "io" "io/ioutil" "net/http" @@ -20,6 +14,14 @@ import ( "strings" "sync" "time" + + "cvevulner/common" + "cvevulner/models" + "cvevulner/util" + + "github.com/360EntSecGroup-Skylar/excelize/v2" + "github.com/astaxie/beego" + "github.com/astaxie/beego/logs" ) var localLock sync.Mutex @@ -741,7 +743,7 @@ func ParseRpmPackage(pkgList []string, gaussTempId int64, packageName, publicDat func GuassGetDateByGite(pkgList []models.GaussExcelTag, c chan<- []IssueAndPkg, startTime, affectBranch string) { defer wgTrigger.Done() - owner, token := common.GetOwnerAndToken(int8(2)) + owner, token := common.GetOwnerAndToken("", int8(2)) //gaussIssuePath := beego.AppConfig.String("opengauss::gauss_issue_path") st := util.TimeStrToInt(startTime, "2006-01-02") chData := make([]IssueAndPkg, 0) diff --git a/cve-vulner-manager/taskhandler/hook.go b/cve-vulner-manager/taskhandler/hook.go index c257395d8598266657b5a6729c568ed9a963232d..cb1360eea3a7895a2edd68d82a3333a1dd994676 100644 --- a/cve-vulner-manager/taskhandler/hook.go +++ b/cve-vulner-manager/taskhandler/hook.go @@ -1,19 +1,21 @@ package taskhandler import ( - "cvevulner/common" - "cvevulner/models" - "cvevulner/util" "encoding/json" "errors" "fmt" - "github.com/astaxie/beego" - "github.com/astaxie/beego/logs" "io/ioutil" "net/http" "os" "strings" "sync" + + "cvevulner/common" + "cvevulner/models" + "cvevulner/util" + + "github.com/astaxie/beego" + "github.com/astaxie/beego/logs" ) var wgx sync.WaitGroup @@ -232,7 +234,7 @@ func CheckAffectVerComplete(affectedVersion, packageName, version string, organi affectBranchsxList := make([]string, 0) affectProductList := make([]string, 0) unFixValue := make([]string, 0) - owner, accessToken := common.GetOwnerAndToken(organizateId) + owner, accessToken := common.GetOwnerAndToken("", organizateId) if organizateId == 1 || organizateId == 2 { affectBranchsxList, _ = GetBranchesInfo(accessToken, owner, packageName, organizateId) } else if organizateId == 3 || organizateId == 4 { diff --git a/cve-vulner-manager/taskhandler/issue.go b/cve-vulner-manager/taskhandler/issue.go index 4ce26f71b2553df5fe93b9f6bfc001cf283b509f..e3204b906914375323fa25c4798ad677a5493882 100644 --- a/cve-vulner-manager/taskhandler/issue.go +++ b/cve-vulner-manager/taskhandler/issue.go @@ -45,7 +45,7 @@ func ProcIssueIsExists(prnum int) error { issueErr := error(nil) issueData := map[string]interface{}{} path := issueTmp.Repo - owner, accessToken := common.GetOwnerAndToken(v.OrganizationID) + owner, accessToken := common.GetOwnerAndToken(v.CveNum, v.OrganizationID) if v.OrganizationID == 2 { if len(path) < 2 { path = beego.AppConfig.String("opengauss::gauss_issue_path") @@ -232,7 +232,7 @@ func GiteeConstructor(res map[string]interface{}, giteeToken *GiteeTokenInfo) { } func GetEntIssueDetail(cve models.VulnCenter, its *models.IssueTemplate) { - owner, accessToken := common.GetOwnerAndToken(cve.OrganizationID) + owner, accessToken := common.GetOwnerAndToken(cve.CveNum, cve.OrganizationID) if cve.OrganizationID == 2 { if len(cve.PackName) < 2 { cve.PackName = beego.AppConfig.String("opengauss::gauss_issue_path")