kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/ports-mgmt/portaudit/files/portaudit.functions
Oliver Eikemeier 10813956a8 update to 0.3.1: 
- use passive ftp by default, don't retry on failure [1]
- add a -C flag, portlint style
- don't keep databases that are tool old [2]

Requested by:	hubs [1]
Noticed by:	Nicolas Rachinsky <nicolas@rachinsky.de> [2]
2004-03-31 22:52:01 +00:00

263 lines
7.6 KiB
Bash
Raw Blame History

#!/bin/sh
#
# Copyright (c) 2004 Oliver Eikemeier. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions of source code must retain the above copyright notice
# this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# 3. Neither the name of the author nor the names of its contributors may be
# used to endorse or promote products derived from this software without
# specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# $FreeBSD$
#
portaudit_confs()
{
portaudit_dir=${portaudit_dir:-"%%DATABASEDIR%%"}
portaudit_filename=${portaudit_filename:-"auditfile.tbz"}
FETCH_ENV=${FETCH_ENV:-}
FETCH_CMD=${FETCH_CMD:-"/usr/bin/fetch -1m"}
FETCH_BEFORE_ARGS=${FETCH_BEFORE_ARGS:-"-p"}
FETCH_AFTER_ARGS=${FETCH_AFTER_ARGS:-}
MASTER_SITES=${MASTER_SITES:-"
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp.se.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp.dk.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp.cz.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp1.ro.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp.uk.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp.at.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp.jp.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
ftp://ftp.tw.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
http://public.planetmirror.com/pub/FreeBSD/ports/local-distfiles/%SUBDIR%/
"}
MASTER_SITE_SUBDIR=${MASTER_SITE_SUBDIR:-"eik"}
MASTER_SITE_BACKUP=${MASTER_SITE_BACKUP:-"http://people.freebsd.org/~eik/portaudit/"}
#MASTER_SORT_REGEX="\.uk[.\/]"
MASTER_SORT_REGEX=${MASTER_SORT_REGEX:-"#"}
if [ -r %%PREFIX%%/etc/portaudit.conf ]; then
. %%PREFIX%%/etc/portaudit.conf
fi
}
extract_auditfile()
{
%%BZIP2_CMD%% -dc -- "${portaudit_dir}/${portaudit_filename}" | \
/usr/bin/tar -xOf - auditfile
}
checksum_auditfile()
{
chksum1=`extract_auditfile |
/usr/bin/sed -nEe '$s/^#CHECKSUM: *MD5 *([0-9a-f]{32})$/\1/p'`
chksum2=`extract_auditfile | /usr/bin/sed -e '$d' | /sbin/md5`
[ "${chksum1}" = "${chksum2}" ];
}
getcreated_auditfile()
{
extract_auditfile |
/usr/bin/sed -nEe '1s/^#CREATED: *([0-9]{4})-?([0-9]{2})-?([0-9]{2}) *([0-9]{2}):?([0-9]{2}):?([0-9]{2}).*$/\1-\2-\3 \4:\5:\6/p'
}
gettimestamp_auditfile()
{
extract_auditfile |
/usr/bin/sed -nEe '1s/^#CREATED: *([0-9]{4})-?([0-9]{2})-?([0-9]{2}).*$/\1\2\3/p'
}
checkexpiry_auditfile()
{
created=`gettimestamp_auditfile`
expiry=`/bin/date -u -v-$1d '+%Y%m%d'`
[ "${created}" -ge "${expiry}" ];
}
portaudit_prerequisites()
{
if [ -z "${PKG_INFO}" ]; then
if [ -x "%%LOCALBASE%%/sbin/pkg_info" ]; then
PKG_INFO="%%LOCALBASE%%/sbin/pkg_info"
else
PKG_INFO="/usr/sbin/pkg_info"
fi
fi
PKG_VERSION="${PKG_INFO%/*}/pkg_version"
if [ ! -x "${PKG_INFO}" ]; then
echo "${PKG_INFO} missing, please install port sysutils/pkg_install-devel"
return 1
fi
PKG_INSTALL_VER=`${PKG_INFO} -qP 2>/dev/null`
if [ -z "${PKG_INSTALL_VER}" -o "${PKG_INSTALL_VER}" -lt 20040125 ]; then
echo "${PKG_INFO} is too old, please update port sysutils/pkg_install-devel"
return 1
fi
if [ ! -r "${portaudit_dir}/${portaudit_filename}" ]; then
echo "portaudit: database missing, run \`portaudit -F' to update."
return 1
fi
if ! checksum_auditfile; then
echo "portaudit: corrupt database."
return 1
fi
if ! checkexpiry_auditfile 14; then
echo "portaudit: database too old."
return 1
fi
return 0
}
audit_installed()
{
extract_auditfile | /usr/bin/awk -F\| "
BEGIN { vul=0 }
/^(#|\$)/ { next }
{
cmd=\"${PKG_INFO} -E \\\"\" \$1 \"\\\"\"
while((cmd | getline pkg) > 0) {
vul++
print \"Affected package: \" pkg \"\\n\" \
\"Type of problem: \" \$3 \".\\n\" \
\"Reference: <\" \$2 \">\\n\"
}
close(cmd)
}
END {
print vul \" problem(s) in your installed packages found.\"
if (vul > 0) {
print \"\nYou are advised to update or deinstall\" \
\" the affected package(s) immediately.\"
exit(1)
}
}
"
}
audit_cwd()
{
if [ ! -r "Makefile" ]; then
return 1
fi
PKGSTATE=`/usr/bin/make -VPKGNAME -VFORBIDDEN -VPKGORIGIN 2>/dev/null || true"`
PKGNAME=`echo "${PKGSTATE}" | /usr/bin/sed -ne '1p'`
FORBIDDEN=`echo "${PKGSTATE}" | /usr/bin/sed -ne '2p'`
PKGORIGIN=`echo "${PKGSTATE}" | /usr/bin/sed -ne '3p'`
VLIST=`extract_auditfile | /usr/bin/awk -F\| " \
/^[^#]/ { \
if (!system(\"${PKG_VERSION} -T '${PKGNAME}' '\" \\$1 \"'\")) \
print \"- <\" \\$2 \">\" \
} \
"`
if [ -n "${VLIST}" -a -z "${FORBIDDEN}" ]; then
echo
echo "Port ${PKGNAME} (${PKGORIGIN}) should be marked FORBIDDEN:"
echo "${VLIST}"
VULCNT=$((${VULCNT}+1))
elif $opt_verbose && [ -n "${VLIST}" ]; then
echo
echo "Good: port ${PKGNAME} (${PKGORIGIN}) is marked FORBIDDEN: ${FORBIDDEN}"
echo "${VLIST}"
fi
}
fetch_locations()
{
# site sort order is not overly smart
echo ${MASTER_SITES} | /usr/bin/tr -s ' \t' '\n' | /usr/bin/awk "
BEGIN { IGNORECASE=1; srand() }
/^$/ { next }
{
if (\$0 ~ /${MASTER_SORT_REGEX}/ ) rank=0; else rank=rand()
gsub(/%SUBDIR%/, \"${MASTER_SITE_SUBDIR}\")
print \$0 \"\\t\" rank
}
" | /usr/bin/sort -n -k 2 | /usr/bin/cut -f 1
if [ -n "${MASTER_SITE_BACKUP}" ]; then
echo "${MASTER_SITE_BACKUP}"
fi
}
fetch_auditfile()
{
rc=1
if [ ! -d "${portaudit_dir}" ]; then
if ! /bin/mkdir -p "${portaudit_dir}"; then
echo "Couldn't create ${portaudit_dir}, try running portaudit -F as root"
return 1
fi
fi
if [ ! -w "${portaudit_dir}" ]; then
echo "Couldn't write to ${portaudit_dir}, try running portaudit -F as root"
return 1
fi
cd "${portaudit_dir}"
if [ -r "${portaudit_filename}" ]; then
/bin/cp "${portaudit_filename}" "${portaudit_filename}.old"
fi
for site in `fetch_locations`; do
echo ">> Attempting to fetch from ${site}."
args="${site}${portaudit_filename}"
/usr/bin/env ${FETCH_ENV} ${FETCH_CMD} ${FETCH_BEFORE_ARGS} ${args} ${FETCH_AFTER_ARGS}
if [ $? -ne 0 ]; then
echo "Couldn't fetch database."
elif [ ! -f "${portaudit_dir}/${portaudit_filename}" ] ; then
echo "no database fetched."
elif ! checksum_auditfile; then
echo "fetched database corrupt."
elif ! checkexpiry_auditfile 7; then
echo "fetched database too old."
else
echo "new database installed."
rc=0
break
fi
done
if [ -f "${portaudit_filename}.old" ]; then
if [ ${rc} -eq 0 ]; then
/bin/rm -f "${portaudit_filename}.old"
else
/bin/mv -f "${portaudit_filename}.old" "${portaudit_filename}"
echo "old database restored."
fi
fi
if [ -f "${portaudit_filename}" ]; then
/bin/chmod a=r "${portaudit_filename}"
fi
return ${rc}
}
Reference in a new issue View git blame Copy permalink