Coverage Report

Coverage Report - org.owasp.dependencycheck.taskdefs.Update

Classes in this File

0/85

0/58

 /*
  * This file is part of dependency-check-ant.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  * Copyright (c) 2015 Jeremy Long. All Rights Reserved.
  */
 package org.owasp.dependencycheck.taskdefs;
 
 import org.apache.tools.ant.BuildException;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.impl.StaticLoggerBinder;
 
 /**
  * An Ant task definition to execute dependency-check update. This will download the latest data from the National Vulnerability
  * Database (NVD) and store a copy in the local database.
  *
  * @author Jeremy Long
  */
 public class Update extends Purge {
 
     /**
      * Construct a new UpdateTask.
      */
     public Update() {
         super();
         // Call this before Dependency Check Core starts logging anything - this way, all SLF4J messages from
         // core end up coming through this tasks logger
         StaticLoggerBinder.getSingleton().setTask(this);
     }
 
     /**
      * The Proxy Server.
      */
     private String proxyServer;
 
     /**
      * Get the value of proxyServer.
      *
      * @return the value of proxyServer
      */
     public String getProxyServer() {
         return proxyServer;
     }
 
     /**
      * Set the value of proxyServer.
      *
      * @param server new value of proxyServer
      */
     public void setProxyServer(String server) {
         this.proxyServer = server;
     }
 
     /**
      * The Proxy Port.
      */
     private String proxyPort;
 
     /**
      * Get the value of proxyPort.
      *
      * @return the value of proxyPort
      */
     public String getProxyPort() {
         return proxyPort;
     }
 
     /**
      * Set the value of proxyPort.
      *
      * @param proxyPort new value of proxyPort
      */
     public void setProxyPort(String proxyPort) {
         this.proxyPort = proxyPort;
     }
     /**
      * The Proxy username.
      */
     private String proxyUsername;
 
     /**
      * Get the value of proxyUsername.
      *
      * @return the value of proxyUsername
      */
     public String getProxyUsername() {
         return proxyUsername;
     }
 
     /**
      * Set the value of proxyUsername.
      *
      * @param proxyUsername new value of proxyUsername
      */
     public void setProxyUsername(String proxyUsername) {
         this.proxyUsername = proxyUsername;
     }
     /**
      * The Proxy password.
      */
     private String proxyPassword;
 
     /**
      * Get the value of proxyPassword.
      *
      * @return the value of proxyPassword
      */
     public String getProxyPassword() {
         return proxyPassword;
     }
 
     /**
      * Set the value of proxyPassword.
      *
      * @param proxyPassword new value of proxyPassword
      */
     public void setProxyPassword(String proxyPassword) {
         this.proxyPassword = proxyPassword;
     }
     /**
      * The Connection Timeout.
      */
     private String connectionTimeout;
 
     /**
      * Get the value of connectionTimeout.
      *
      * @return the value of connectionTimeout
      */
     public String getConnectionTimeout() {
         return connectionTimeout;
     }
 
     /**
      * Set the value of connectionTimeout.
      *
      * @param connectionTimeout new value of connectionTimeout
      */
     public void setConnectionTimeout(String connectionTimeout) {
         this.connectionTimeout = connectionTimeout;
     }
     /**
      * The database driver name; such as org.h2.Driver.
      */
     private String databaseDriverName;
 
     /**
      * Get the value of databaseDriverName.
      *
      * @return the value of databaseDriverName
      */
     public String getDatabaseDriverName() {
         return databaseDriverName;
     }
 
     /**
      * Set the value of databaseDriverName.
      *
      * @param databaseDriverName new value of databaseDriverName
      */
     public void setDatabaseDriverName(String databaseDriverName) {
         this.databaseDriverName = databaseDriverName;
     }
 
     /**
      * The path to the database driver JAR file if it is not on the class path.
      */
     private String databaseDriverPath;
 
     /**
      * Get the value of databaseDriverPath.
      *
      * @return the value of databaseDriverPath
      */
     public String getDatabaseDriverPath() {
         return databaseDriverPath;
     }
 
     /**
      * Set the value of databaseDriverPath.
      *
      * @param databaseDriverPath new value of databaseDriverPath
      */
     public void setDatabaseDriverPath(String databaseDriverPath) {
         this.databaseDriverPath = databaseDriverPath;
     }
     /**
      * The database connection string.
      */
     private String connectionString;
 
     /**
      * Get the value of connectionString.
      *
      * @return the value of connectionString
      */
     public String getConnectionString() {
         return connectionString;
     }
 
     /**
      * Set the value of connectionString.
      *
      * @param connectionString new value of connectionString
      */
     public void setConnectionString(String connectionString) {
         this.connectionString = connectionString;
     }
     /**
      * The user name for connecting to the database.
      */
     private String databaseUser;
 
     /**
      * Get the value of databaseUser.
      *
      * @return the value of databaseUser
      */
     public String getDatabaseUser() {
         return databaseUser;
     }
 
     /**
      * Set the value of databaseUser.
      *
      * @param databaseUser new value of databaseUser
      */
     public void setDatabaseUser(String databaseUser) {
         this.databaseUser = databaseUser;
     }
 
     /**
      * The password to use when connecting to the database.
      */
     private String databasePassword;
 
     /**
      * Get the value of databasePassword.
      *
      * @return the value of databasePassword
      */
     public String getDatabasePassword() {
         return databasePassword;
     }
 
     /**
      * Set the value of databasePassword.
      *
      * @param databasePassword new value of databasePassword
      */
     public void setDatabasePassword(String databasePassword) {
         this.databasePassword = databasePassword;
     }
 
     /**
      * The url for the modified NVD CVE (1.2 schema).
      */
     private String cveUrl12Modified;
 
     /**
      * Get the value of cveUrl12Modified.
      *
      * @return the value of cveUrl12Modified
      */
     public String getCveUrl12Modified() {
         return cveUrl12Modified;
     }
 
     /**
      * Set the value of cveUrl12Modified.
      *
      * @param cveUrl12Modified new value of cveUrl12Modified
      */
     public void setCveUrl12Modified(String cveUrl12Modified) {
         this.cveUrl12Modified = cveUrl12Modified;
     }
 
     /**
      * The url for the modified NVD CVE (2.0 schema).
      */
     private String cveUrl20Modified;
 
     /**
      * Get the value of cveUrl20Modified.
      *
      * @return the value of cveUrl20Modified
      */
     public String getCveUrl20Modified() {
         return cveUrl20Modified;
     }
 
     /**
      * Set the value of cveUrl20Modified.
      *
      * @param cveUrl20Modified new value of cveUrl20Modified
      */
     public void setCveUrl20Modified(String cveUrl20Modified) {
         this.cveUrl20Modified = cveUrl20Modified;
     }
 
     /**
      * Base Data Mirror URL for CVE 1.2.
      */
     private String cveUrl12Base;
 
     /**
      * Get the value of cveUrl12Base.
      *
      * @return the value of cveUrl12Base
      */
     public String getCveUrl12Base() {
         return cveUrl12Base;
     }
 
     /**
      * Set the value of cveUrl12Base.
      *
      * @param cveUrl12Base new value of cveUrl12Base
      */
     public void setCveUrl12Base(String cveUrl12Base) {
         this.cveUrl12Base = cveUrl12Base;
     }
 
     /**
      * Data Mirror URL for CVE 2.0.
      */
     private String cveUrl20Base;
 
     /**
      * Get the value of cveUrl20Base.
      *
      * @return the value of cveUrl20Base
      */
     public String getCveUrl20Base() {
         return cveUrl20Base;
     }
 
     /**
      * Set the value of cveUrl20Base.
      *
      * @param cveUrl20Base new value of cveUrl20Base
      */
     public void setCveUrl20Base(String cveUrl20Base) {
         this.cveUrl20Base = cveUrl20Base;
     }
 
     /**
      * Executes the update by initializing the settings, downloads the NVD XML data, and then processes the data storing it in the
      * local database.
      *
      * @throws BuildException thrown if a connection to the local database cannot be made.
      */
     @Override
     public void execute() throws BuildException {
         populateSettings();
         Engine engine = null;
         try {
             engine = new Engine(Update.class.getClassLoader());
             engine.doUpdates();
         } catch (DatabaseException ex) {
             throw new BuildException("Unable to connect to the dependency-check database; unable to update the NVD data", ex);
         } finally {
             Settings.cleanup(true);
             if (engine != null) {
                 engine.cleanup();
             }
         }
     }
 
     /**
      * Takes the properties supplied and updates the dependency-check settings. Additionally, this sets the system properties
      * required to change the proxy server, port, and connection timeout.
      */
     @Override
     protected void populateSettings() {
         super.populateSettings();
         if (proxyServer != null && !proxyServer.isEmpty()) {
             Settings.setString(Settings.KEYS.PROXY_SERVER, proxyServer);
         }
         if (proxyPort != null && !proxyPort.isEmpty()) {
             Settings.setString(Settings.KEYS.PROXY_PORT, proxyPort);
         }
         if (proxyUsername != null && !proxyUsername.isEmpty()) {
             Settings.setString(Settings.KEYS.PROXY_USERNAME, proxyUsername);
         }
         if (proxyPassword != null && !proxyPassword.isEmpty()) {
             Settings.setString(Settings.KEYS.PROXY_PASSWORD, proxyPassword);
         }
         if (connectionTimeout != null && !connectionTimeout.isEmpty()) {
             Settings.setString(Settings.KEYS.CONNECTION_TIMEOUT, connectionTimeout);
         }
         if (databaseDriverName != null && !databaseDriverName.isEmpty()) {
             Settings.setString(Settings.KEYS.DB_DRIVER_NAME, databaseDriverName);
         }
         if (databaseDriverPath != null && !databaseDriverPath.isEmpty()) {
             Settings.setString(Settings.KEYS.DB_DRIVER_PATH, databaseDriverPath);
         }
         if (connectionString != null && !connectionString.isEmpty()) {
             Settings.setString(Settings.KEYS.DB_CONNECTION_STRING, connectionString);
         }
         if (databaseUser != null && !databaseUser.isEmpty()) {
             Settings.setString(Settings.KEYS.DB_USER, databaseUser);
         }
         if (databasePassword != null && !databasePassword.isEmpty()) {
             Settings.setString(Settings.KEYS.DB_PASSWORD, databasePassword);
         }
         if (cveUrl12Modified != null && !cveUrl12Modified.isEmpty()) {
             Settings.setString(Settings.KEYS.CVE_MODIFIED_12_URL, cveUrl12Modified);
         }
         if (cveUrl20Modified != null && !cveUrl20Modified.isEmpty()) {
             Settings.setString(Settings.KEYS.CVE_MODIFIED_20_URL, cveUrl20Modified);
         }
         if (cveUrl12Base != null && !cveUrl12Base.isEmpty()) {
             Settings.setString(Settings.KEYS.CVE_SCHEMA_1_2, cveUrl12Base);
         }
         if (cveUrl20Base != null && !cveUrl20Base.isEmpty()) {
             Settings.setString(Settings.KEYS.CVE_SCHEMA_2_0, cveUrl20Base);
         }
     }
 }

1		/*
2		* This file is part of dependency-check-ant.
3		*
4		* Licensed under the Apache License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*
16		* Copyright (c) 2015 Jeremy Long. All Rights Reserved.
17		*/
18		package org.owasp.dependencycheck.taskdefs;
19
20		import org.apache.tools.ant.BuildException;
21		import org.owasp.dependencycheck.Engine;
22		import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
23		import org.owasp.dependencycheck.utils.Settings;
24		import org.slf4j.impl.StaticLoggerBinder;
25
26		/**
27		* An Ant task definition to execute dependency-check update. This will download the latest data from the National Vulnerability
28		* Database (NVD) and store a copy in the local database.
29		*
30		* @author Jeremy Long
31		*/
32		public class Update extends Purge {
33
34		/**
35		* Construct a new UpdateTask.
36		*/
37		public Update() {
38	0	super();
39		// Call this before Dependency Check Core starts logging anything - this way, all SLF4J messages from
40		// core end up coming through this tasks logger
41	0	StaticLoggerBinder.getSingleton().setTask(this);
42	0	}
43
44		/**
45		* The Proxy Server.
46		*/
47		private String proxyServer;
48
49		/**
50		* Get the value of proxyServer.
51		*
52		* @return the value of proxyServer
53		*/
54		public String getProxyServer() {
55	0	return proxyServer;
56		}
57
58		/**
59		* Set the value of proxyServer.
60		*
61		* @param server new value of proxyServer
62		*/
63		public void setProxyServer(String server) {
64	0	this.proxyServer = server;
65	0	}
66
67		/**
68		* The Proxy Port.
69		*/
70		private String proxyPort;
71
72		/**
73		* Get the value of proxyPort.
74		*
75		* @return the value of proxyPort
76		*/
77		public String getProxyPort() {
78	0	return proxyPort;
79		}
80
81		/**
82		* Set the value of proxyPort.
83		*
84		* @param proxyPort new value of proxyPort
85		*/
86		public void setProxyPort(String proxyPort) {
87	0	this.proxyPort = proxyPort;
88	0	}
89		/**
90		* The Proxy username.
91		*/
92		private String proxyUsername;
93
94		/**
95		* Get the value of proxyUsername.
96		*
97		* @return the value of proxyUsername
98		*/
99		public String getProxyUsername() {
100	0	return proxyUsername;
101		}
102
103		/**
104		* Set the value of proxyUsername.
105		*
106		* @param proxyUsername new value of proxyUsername
107		*/
108		public void setProxyUsername(String proxyUsername) {
109	0	this.proxyUsername = proxyUsername;
110	0	}
111		/**
112		* The Proxy password.
113		*/
114		private String proxyPassword;
115
116		/**
117		* Get the value of proxyPassword.
118		*
119		* @return the value of proxyPassword
120		*/
121		public String getProxyPassword() {
122	0	return proxyPassword;
123		}
124
125		/**
126		* Set the value of proxyPassword.
127		*
128		* @param proxyPassword new value of proxyPassword
129		*/
130		public void setProxyPassword(String proxyPassword) {
131	0	this.proxyPassword = proxyPassword;
132	0	}
133		/**
134		* The Connection Timeout.
135		*/
136		private String connectionTimeout;
137
138		/**
139		* Get the value of connectionTimeout.
140		*
141		* @return the value of connectionTimeout
142		*/
143		public String getConnectionTimeout() {
144	0	return connectionTimeout;
145		}
146
147		/**
148		* Set the value of connectionTimeout.
149		*
150		* @param connectionTimeout new value of connectionTimeout
151		*/
152		public void setConnectionTimeout(String connectionTimeout) {
153	0	this.connectionTimeout = connectionTimeout;
154	0	}
155		/**
156		* The database driver name; such as org.h2.Driver.
157		*/
158		private String databaseDriverName;
159
160		/**
161		* Get the value of databaseDriverName.
162		*
163		* @return the value of databaseDriverName
164		*/
165		public String getDatabaseDriverName() {
166	0	return databaseDriverName;
167		}
168
169		/**
170		* Set the value of databaseDriverName.
171		*
172		* @param databaseDriverName new value of databaseDriverName
173		*/
174		public void setDatabaseDriverName(String databaseDriverName) {
175	0	this.databaseDriverName = databaseDriverName;
176	0	}
177
178		/**
179		* The path to the database driver JAR file if it is not on the class path.
180		*/
181		private String databaseDriverPath;
182
183		/**
184		* Get the value of databaseDriverPath.
185		*
186		* @return the value of databaseDriverPath
187		*/
188		public String getDatabaseDriverPath() {
189	0	return databaseDriverPath;
190		}
191
192		/**
193		* Set the value of databaseDriverPath.
194		*
195		* @param databaseDriverPath new value of databaseDriverPath
196		*/
197		public void setDatabaseDriverPath(String databaseDriverPath) {
198	0	this.databaseDriverPath = databaseDriverPath;
199	0	}
200		/**
201		* The database connection string.
202		*/
203		private String connectionString;
204
205		/**
206		* Get the value of connectionString.
207		*
208		* @return the value of connectionString
209		*/
210		public String getConnectionString() {
211	0	return connectionString;
212		}
213
214		/**
215		* Set the value of connectionString.
216		*
217		* @param connectionString new value of connectionString
218		*/
219		public void setConnectionString(String connectionString) {
220	0	this.connectionString = connectionString;
221	0	}
222		/**
223		* The user name for connecting to the database.
224		*/
225		private String databaseUser;
226
227		/**
228		* Get the value of databaseUser.
229		*
230		* @return the value of databaseUser
231		*/
232		public String getDatabaseUser() {
233	0	return databaseUser;
234		}
235
236		/**
237		* Set the value of databaseUser.
238		*
239		* @param databaseUser new value of databaseUser
240		*/
241		public void setDatabaseUser(String databaseUser) {
242	0	this.databaseUser = databaseUser;
243	0	}
244
245		/**
246		* The password to use when connecting to the database.
247		*/
248		private String databasePassword;
249
250		/**
251		* Get the value of databasePassword.
252		*
253		* @return the value of databasePassword
254		*/
255		public String getDatabasePassword() {
256	0	return databasePassword;
257		}
258
259		/**
260		* Set the value of databasePassword.
261		*
262		* @param databasePassword new value of databasePassword
263		*/
264		public void setDatabasePassword(String databasePassword) {
265	0	this.databasePassword = databasePassword;
266	0	}
267
268		/**
269		* The url for the modified NVD CVE (1.2 schema).
270		*/
271		private String cveUrl12Modified;
272
273		/**
274		* Get the value of cveUrl12Modified.
275		*
276		* @return the value of cveUrl12Modified
277		*/
278		public String getCveUrl12Modified() {
279	0	return cveUrl12Modified;
280		}
281
282		/**
283		* Set the value of cveUrl12Modified.
284		*
285		* @param cveUrl12Modified new value of cveUrl12Modified
286		*/
287		public void setCveUrl12Modified(String cveUrl12Modified) {
288	0	this.cveUrl12Modified = cveUrl12Modified;
289	0	}
290
291		/**
292		* The url for the modified NVD CVE (2.0 schema).
293		*/
294		private String cveUrl20Modified;
295
296		/**
297		* Get the value of cveUrl20Modified.
298		*
299		* @return the value of cveUrl20Modified
300		*/
301		public String getCveUrl20Modified() {
302	0	return cveUrl20Modified;
303		}
304
305		/**
306		* Set the value of cveUrl20Modified.
307		*
308		* @param cveUrl20Modified new value of cveUrl20Modified
309		*/
310		public void setCveUrl20Modified(String cveUrl20Modified) {
311	0	this.cveUrl20Modified = cveUrl20Modified;
312	0	}
313
314		/**
315		* Base Data Mirror URL for CVE 1.2.
316		*/
317		private String cveUrl12Base;
318
319		/**
320		* Get the value of cveUrl12Base.
321		*
322		* @return the value of cveUrl12Base
323		*/
324		public String getCveUrl12Base() {
325	0	return cveUrl12Base;
326		}
327
328		/**
329		* Set the value of cveUrl12Base.
330		*
331		* @param cveUrl12Base new value of cveUrl12Base
332		*/
333		public void setCveUrl12Base(String cveUrl12Base) {
334	0	this.cveUrl12Base = cveUrl12Base;
335	0	}
336
337		/**
338		* Data Mirror URL for CVE 2.0.
339		*/
340		private String cveUrl20Base;
341
342		/**
343		* Get the value of cveUrl20Base.
344		*
345		* @return the value of cveUrl20Base
346		*/
347		public String getCveUrl20Base() {
348	0	return cveUrl20Base;
349		}
350
351		/**
352		* Set the value of cveUrl20Base.
353		*
354		* @param cveUrl20Base new value of cveUrl20Base
355		*/
356		public void setCveUrl20Base(String cveUrl20Base) {
357	0	this.cveUrl20Base = cveUrl20Base;
358	0	}
359
360		/**
361		* Executes the update by initializing the settings, downloads the NVD XML data, and then processes the data storing it in the
362		* local database.
363		*
364		* @throws BuildException thrown if a connection to the local database cannot be made.
365		*/
366		@Override
367		public void execute() throws BuildException {
368	0	populateSettings();
369	0	Engine engine = null;
370		try {
371	0	engine = new Engine(Update.class.getClassLoader());
372	0	engine.doUpdates();
373	0	} catch (DatabaseException ex) {
374	0	throw new BuildException("Unable to connect to the dependency-check database; unable to update the NVD data", ex);
375		} finally {
376	0	Settings.cleanup(true);
377	0	if (engine != null) {
378	0	engine.cleanup();
379		}
380		}
381	0	}
382
383		/**
384		* Takes the properties supplied and updates the dependency-check settings. Additionally, this sets the system properties
385		* required to change the proxy server, port, and connection timeout.
386		*/
387		@Override
388		protected void populateSettings() {
389	0	super.populateSettings();
390	0	if (proxyServer != null && !proxyServer.isEmpty()) {
391	0	Settings.setString(Settings.KEYS.PROXY_SERVER, proxyServer);
392		}
393	0	if (proxyPort != null && !proxyPort.isEmpty()) {
394	0	Settings.setString(Settings.KEYS.PROXY_PORT, proxyPort);
395		}
396	0	if (proxyUsername != null && !proxyUsername.isEmpty()) {
397	0	Settings.setString(Settings.KEYS.PROXY_USERNAME, proxyUsername);
398		}
399	0	if (proxyPassword != null && !proxyPassword.isEmpty()) {
400	0	Settings.setString(Settings.KEYS.PROXY_PASSWORD, proxyPassword);
401		}
402	0	if (connectionTimeout != null && !connectionTimeout.isEmpty()) {
403	0	Settings.setString(Settings.KEYS.CONNECTION_TIMEOUT, connectionTimeout);
404		}
405	0	if (databaseDriverName != null && !databaseDriverName.isEmpty()) {
406	0	Settings.setString(Settings.KEYS.DB_DRIVER_NAME, databaseDriverName);
407		}
408	0	if (databaseDriverPath != null && !databaseDriverPath.isEmpty()) {
409	0	Settings.setString(Settings.KEYS.DB_DRIVER_PATH, databaseDriverPath);
410		}
411	0	if (connectionString != null && !connectionString.isEmpty()) {
412	0	Settings.setString(Settings.KEYS.DB_CONNECTION_STRING, connectionString);
413		}
414	0	if (databaseUser != null && !databaseUser.isEmpty()) {
415	0	Settings.setString(Settings.KEYS.DB_USER, databaseUser);
416		}
417	0	if (databasePassword != null && !databasePassword.isEmpty()) {
418	0	Settings.setString(Settings.KEYS.DB_PASSWORD, databasePassword);
419		}
420	0	if (cveUrl12Modified != null && !cveUrl12Modified.isEmpty()) {
421	0	Settings.setString(Settings.KEYS.CVE_MODIFIED_12_URL, cveUrl12Modified);
422		}
423	0	if (cveUrl20Modified != null && !cveUrl20Modified.isEmpty()) {
424	0	Settings.setString(Settings.KEYS.CVE_MODIFIED_20_URL, cveUrl20Modified);
425		}
426	0	if (cveUrl12Base != null && !cveUrl12Base.isEmpty()) {
427	0	Settings.setString(Settings.KEYS.CVE_SCHEMA_1_2, cveUrl12Base);
428		}
429	0	if (cveUrl20Base != null && !cveUrl20Base.isEmpty()) {
430	0	Settings.setString(Settings.KEYS.CVE_SCHEMA_2_0, cveUrl20Base);
431		}
432	0	}
433		}