diff options
| author |   Ross Burton <ross.burton@arm.com> | 2023-01-13 17:14:31 +0000 |
|---|---|---|
| committer |   Steve Sakoman <steve@sakoman.com> | 2023-01-19 04:17:25 -1000 |
| commit | 60e06c9666a2b254c50b2f51932d395f88dd550c (patch) | |
| tree | 9c368b90d02cd2c05c5fbce6b9491f4432926dac /meta/recipes-core | |
| parent | 66aa05be4c237d24295d5e02de6e2dbef43af6dc (diff) | |
| download | openembedded-core-60e06c9666a2b254c50b2f51932d395f88dd550c.tar.gz | |
cve-update-db-native: show IP on failure
We get random SSL failures when fetching the CVE database, and it's
notable that the NVD server is behind a DNS round-robin or geographically
diverse servers.
On a hunch that there is one misconfigured server, dump the IP that we
connected to.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 91f46d431dc8f40e8c6475c800bb61cb08b82b0a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-core')
| -rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 079f062f79..e042e67b09 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb @@ -130,7 +130,10 @@ def update_db_file(db_tmp_file, d): response = urllib.request.urlopen(meta_url, timeout=cve_socket_timeout) except urllib.error.URLError as e: cve_f.write('Warning: CVE db update error, Unable to fetch CVE data.\n\n') - bb.warn("Failed to fetch CVE data (%s)" % e.reason) + bb.warn("Failed to fetch CVE data (%s)" % e) + import socket + result = socket.getaddrinfo("nvd.nist.gov", 443, proto=socket.IPPROTO_TCP) + bb.warn("Host IPs are %s" % (", ".join(t[4][0] for t in result))) return False if response: |