pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc Update audit-packages to 1.25.
details: https://anonhg.NetBSD.org/pkgsrc/rev/b454c30b31c7
branches: trunk
changeset: 462881:b454c30b31c7
user: agc <agc%pkgsrc.org@localhost>
date: Sat Oct 18 10:16:57 2003 +0000
description:
Update audit-packages to 1.25.
+ get rid of unnecessary awk invocation in audit-packages, use shell
construction instead, pointed out by enami tsugutomo. Cuts system and
user execution times for audit-packages in half.
+ add (4-clause) licences to audit-packages and download-vulnerability-list
+ check integrity of pkg-vulnerabilities file in audit-packages by using
the same construct as in download-vulnerability-list
+ CSE in error checking in audit-packages
+ properly terminate a case expression in download-vulnerability-list
diffstat:
doc/CHANGES | 3 +-
security/audit-packages/Makefile | 4 +-
security/audit-packages/files/audit-packages | 103 +++++++++++--
security/audit-packages/files/download-vulnerability-list | 34 ++++-
4 files changed, 122 insertions(+), 22 deletions(-)
diffs (191 lines):
diff -r d61fb267f905 -r b454c30b31c7 doc/CHANGES
--- a/doc/CHANGES Sat Oct 18 10:12:09 2003 +0000
+++ b/doc/CHANGES Sat Oct 18 10:16:57 2003 +0000
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES,v 1.3704 2003/10/18 08:58:51 jmmv Exp $
+$NetBSD: CHANGES,v 1.3705 2003/10/18 10:17:38 agc Exp $
Changes to the packages collection and infrastructure in 2003:
@@ -4218,3 +4218,4 @@
Updated gossip to 0.5nb2 [jmmv 2003-10-18]
Updated gaim to 0.71 [jmmv 2003-10-18]
Updated kopete to 0.7.3 [jmmv 2003-10-18]
+ Updated audit-packages to 1.25 [agc 2003-10-18]
diff -r d61fb267f905 -r b454c30b31c7 security/audit-packages/Makefile
--- a/security/audit-packages/Makefile Sat Oct 18 10:12:09 2003 +0000
+++ b/security/audit-packages/Makefile Sat Oct 18 10:16:57 2003 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.33 2003/10/17 09:45:28 agc Exp $
+# $NetBSD: Makefile,v 1.34 2003/10/18 10:16:57 agc Exp $
-DISTNAME= audit-packages-1.24
+DISTNAME= audit-packages-1.25
WRKSRC= ${WRKDIR}
CATEGORIES= security pkgtools
MASTER_SITES= # empty
diff -r d61fb267f905 -r b454c30b31c7 security/audit-packages/files/audit-packages
--- a/security/audit-packages/files/audit-packages Sat Oct 18 10:12:09 2003 +0000
+++ b/security/audit-packages/files/audit-packages Sat Oct 18 10:16:57 2003 +0000
@@ -1,26 +1,93 @@
#! @SH@
-
-# $NetBSD: audit-packages,v 1.13 2003/10/17 09:45:28 agc Exp $
+#
+# $NetBSD: audit-packages,v 1.14 2003/10/18 10:16:57 agc Exp $
+#
+# Copyright (c) 2000-2003 Alistair Crooks. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+# must display the following acknowledgement:
+# This product includes software developed by Alistair Crooks
+# for the NetBSD project.
+# 4. The name of the author may not be used to endorse or promote
+# products derived from this software without specific prior written
+# permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
: ${PKGVULNDIR=@PKGVULNDIR@}
-if [ ! -f ${PKGVULNDIR}/pkg-vulnerabilities ]; then
- echo "** Missing ${PKGVULNDIR}/pkg-vulnerabilities" 1>&2
- echo "** run download-vulnerability-list" 1>&2
- exit 1
-fi
+vuls=${PKGVULNDIR}/pkg-vulnerabilities
+
+errmsg=""
+
+# check for missing vulnerabilities file
+[ ! -f $vuls ] && errmsg="** Missing $vuls"
+
+case "$errmsg" in
+"") # check for old vulnerabilities file
+ [ -n "$(find $vuls -ctime +7)" ] && errmsg="** $vuls more than a week old"
+ ;;
+esac
-if [ -n "$(find ${PKGVULNDIR}/pkg-vulnerabilities -ctime +7)" ]; then
- echo "** ${PKGVULNDIR}/pkg-vulnerabilities more than a week old" 1>&2
- echo "** run download-vulnerability-list" 1>&2
- exit 1
-fi
+case "$errmsg" in
+"") # check integrity of vulnerabilities file
+ recordedsum=`@AWK@ '$1 == "#CHECKSUM" { print $3 }' $vuls`
+ recordedalg=`@AWK@ '$1 == "#CHECKSUM" { print $2 }' $vuls`
+ case "$recordedsum" in
+ "") errmsg="***WARNING*** No checksum found in $vuls"
+ ;;
+ *) case "$recordedalg" in
+ "") errmsg="***WARNING*** No checksum algorithm found in $vuls file"
+ ;;
+ *) calcsum=`@AWK@ '$1 == "#CHECKSUM" || /\$NetBSD.*/ { next } { print }' $vuls | @DIGEST@ $recordedalg`
+ if [ "$recordedsum" != "$calcsum" ]; then
+ errmsg="***WARNING*** Checksum mismatch - recorded $recordedalg checksum \"$recordedsum\", calculated checksum \"$calcsum\""
+ fi
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+esac
-@AWK@ '
- /^#.*/ { next }
- NF == 0 { next }
- { cmd = sprintf("@PKG_TOOLS_BIN@/pkg_info -qe \"%s\" && echo Package \"`@PKG_TOOLS_BIN@/pkg_info -e %c%s%c`\" has a %s vulnerability, see %s ; wait", $1, 39, $1, 39, $2, $3);
- system(cmd); }
-' ${PKGVULNDIR}/pkg-vulnerabilities
+# if we have found an error, then complain and exit
+case "$errmsg" in
+"") ;;
+*) echo "$errmsg" 1>&2
+ echo "** Please run download-vulnerability-list" 1>&2
+ exit 1
+ ;;
+esac
+
+# check for vulnerabilities
+while read pat type url; do
+ case "$pat" in
+ \#*|'') continue;;
+ esac
+
+ if @PKG_TOOLS_BIN@/pkg_info -qe "$pat"; then
+ echo Package `@PKG_TOOLS_BIN@/pkg_info -e "$pat"` has a \
+ $type vulnerability, see $url
+ fi
+done < $vuls
exit 0
diff -r d61fb267f905 -r b454c30b31c7 security/audit-packages/files/download-vulnerability-list
--- a/security/audit-packages/files/download-vulnerability-list Sat Oct 18 10:12:09 2003 +0000
+++ b/security/audit-packages/files/download-vulnerability-list Sat Oct 18 10:16:57 2003 +0000
@@ -1,6 +1,37 @@
#! @SH@
-# $NetBSD: download-vulnerability-list,v 1.20 2003/09/16 14:47:49 grant Exp $
+# $NetBSD: download-vulnerability-list,v 1.21 2003/10/18 10:16:57 agc Exp $
+#
+# Copyright (c) 2000-2003 Alistair Crooks. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+# must display the following acknowledgement:
+# This product includes software developed by Alistair Crooks
+# for the NetBSD project.
+# 4. The name of the author may not be used to endorse or promote
+# products derived from this software without specific prior written
+# permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
: ${PKGVULNDIR=@PKGVULNDIR@}
@@ -40,6 +71,7 @@
fi
;;
esac
+ ;;
esac
case "$errmsg" in
"") ;;
Home |
Main Index |
Thread Index |
Old Index