From a86ff9dfd145231c0a12bda9d6a478f6397ef239 Mon Sep 17 00:00:00 2001
From: ma wei <wma@thoughtworks.com>
Date: Tue, 2 Jun 2015 14:03:03 +0800
Subject: [PATCH] Add ability for user to configure CVE url in gradle build
 file

Former-commit-id: 186b03ff55c9cab1c7bd788e5ea5ba1f8e79241e
---
 .../DependencyCheckConfigurationExtension.groovy         | 6 ++++++
 .../com/tools/security/tasks/DependencyCheckTask.groovy  | 9 +++++++++
 2 files changed, 15 insertions(+)

diff --git a/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy b/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
index 53659cbbe..0a9f220fb 100644
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
@@ -23,4 +23,10 @@ class DependencyCheckConfigurationExtension {
     Integer proxyPort
     String proxyUsername = ""
     String proxyPassword = ""
+
+    String cveUrl12Modified = "https://nvd.nist.gov/download/nvdcve-Modified.xml.gz"
+    String cveUrl20Modified = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz"
+    Integer cveStartYear = 2002
+    String cveUrl12Base = "https://nvd.nist.gov/download/nvdcve-%d.xml.gz"
+    String cveUrl20Base = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz"
 }
diff --git a/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy b/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
index f5d582194..6413a89fe 100644
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
@@ -52,6 +52,7 @@ class DependencyCheckTask extends DefaultTask {
     def initializeSettings() {
         Settings.initialize()
         overrideProxySetting()
+        overrideCveUrlSetting()
     }
 
     def verifyDependencies(engine) {
@@ -101,4 +102,12 @@ class DependencyCheckTask extends DefaultTask {
             }
         }.flatten();
     }
+
+    def overrideCveUrlSetting() {
+        setString(Settings.KEYS.CVE_MODIFIED_20_URL, project.dependencyCheck.cveUrl20Modified)
+        setString(Settings.KEYS.CVE_MODIFIED_12_URL, project.dependencyCheck.cveUrl12Modified)
+        setString(Settings.KEYS.CVE_START_YEAR, "${project.dependencyCheck.cveStartYear}")
+        setString(Settings.KEYS.CVE_SCHEMA_2_0, project.dependencyCheck.cveUrl20Base)
+        setString(Settings.KEYS.CVE_SCHEMA_1_2, project.dependencyCheck.cveUrl12Base)
+    }
 }