From 56b447493effecf5198ad90ba1d5dda83355277b Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Tue, 5 Aug 2014 10:58:43 -0400
Subject: [PATCH] added additional error messages about the proxy if the
 download fails per issue #136

Former-commit-id: 7a5dcc58ab959a70b7e086a984f5d9289d749b99
---
 .../owasp/dependencycheck/data/update/NvdCveUpdater.java   | 7 ++++++-
 .../dependencycheck/data/update/task/DownloadTask.java     | 4 ++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveUpdater.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveUpdater.java
index 85914b307..a3bbe4ddc 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveUpdater.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/NvdCveUpdater.java
@@ -22,6 +22,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.owasp.dependencycheck.data.update.exception.UpdateException;
 import org.owasp.dependencycheck.utils.DownloadFailedException;
+import org.owasp.dependencycheck.utils.Settings;
 
 /**
  * Class responsible for updating the NVD CVE and CPE data stores.
@@ -54,7 +55,11 @@ public class NvdCveUpdater implements CachedWebDataSource {
             LOGGER.log(Level.FINE, null, ex);
         } catch (DownloadFailedException ex) {
             LOGGER.log(Level.WARNING,
-                    "Unable to download the NVD CVE data, unable to update the data to use the most current data.");
+                    "Unable to download the NVD CVE data; the results may not include the most recent CPE/CVEs from the NVD.");
+            if (Settings.getString(Settings.KEYS.PROXY_SERVER) == null) {
+                LOGGER.log(Level.INFO,
+                        "If you are behind a proxy you may need to configure dependency-check to use the proxy.");
+            }
             LOGGER.log(Level.FINE, null, ex);
         }
     }
diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/task/DownloadTask.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/task/DownloadTask.java
index 7fcb96226..5c3fba161 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/task/DownloadTask.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/task/DownloadTask.java
@@ -188,6 +188,10 @@ public class DownloadTask implements Callable<Future<ProcessTask>> {
             } catch (DownloadFailedException ex) {
                 msg = String.format("Download Failed for NVD CVE - %s%nSome CVEs may not be reported.", nvdCveInfo.getId());
                 LOGGER.log(Level.WARNING, msg);
+                if (Settings.getString(Settings.KEYS.PROXY_SERVER) == null) {
+                    LOGGER.log(Level.INFO,
+                            "If you are behind a proxy you may need to configure dependency-check to use the proxy.");
+                }
                 LOGGER.log(Level.FINE, null, ex);
                 return null;
             }