From 11a511fbc9ec16df176572907b91bb98f30ce8e9 Mon Sep 17 00:00:00 2001 From: Dhairya Nagodra Date: Mon, 11 Dec 2023 02:04:59 -0800 Subject: cve-update-nvd2-native: faster requests with API keys As per NVD, the public rate limit is 5 requests in 30s (6s delay). Using an API key increases the limit to 50 requests in 30s (0.6s delay). However, NVD still recommends sleeping for several seconds so that the other legitimate requests are serviced without denial or interruption. Keeping the default sleep at 6 seconds and 2 seconds with an API key. For failures, the wait time is unchanged (6 seconds). Reference: https://nvd.nist.gov/developers/start-here#RateLimits (From OE-Core rev: eb5ab00be33a503205401541e88c32ba9da1d75c) Signed-off-by: Dhairya Nagodra Signed-off-by: Alexandre Belloni (cherry picked from commit 5c32e2941d1dc3d04a799a1b7cbd275c1ccc9e79) Signed-off-by: Steve Sakoman --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index dab0b69edc..0a8b6a8a0a 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -188,6 +188,11 @@ def update_db_file(db_tmp_file, d, database_time): api_key = d.getVar("NVDCVE_API_KEY") or None attempts = int(d.getVar("CVE_DB_UPDATE_ATTEMPTS")) + # Recommended by NVD + wait_time = 6 + if api_key: + wait_time = 2 + while True: req_args['startIndex'] = index raw_data = nvd_request_next(url, attempts, api_key, req_args) @@ -210,7 +215,7 @@ def update_db_file(db_tmp_file, d, database_time): break # Recommended by NVD - time.sleep(6) + time.sleep(wait_time) # Update success, set the date to cve_check file. cve_f.write('CVE database update : %s\n\n' % datetime.date.today()) -- cgit v1.2.3-54-g00ecf