diff options
| author | Stefan Eßer <se@FreeBSD.org> | 2018-03-09 13:56:32 +0000 |
|---|---|---|
| committer | Stefan Eßer <se@FreeBSD.org> | 2018-03-09 13:56:32 +0000 |
| commit | 21402e437de77e98a5c2b1eaab71e2b592ef9f56 (patch) | |
| tree | 371d2f8d48c7634cb9448088e22e8e1e9b4b5e23 /security/pwned-check | |
| parent | 1c80169f97a3208af9c720f363ca124adb67a219 (diff) | |
| download | ports-21402e437de77e98a5c2b1eaab71e2b592ef9f56.tar.gz ports-21402e437de77e98a5c2b1eaab71e2b592ef9f56.zip | |
Update to new datafile version with significantly more password hashes.
Approved by: antoine (implicit)
Notes
Notes:
svn path=/head/; revision=463960
Diffstat (limited to 'security/pwned-check')
| -rw-r--r-- | security/pwned-check/Makefile | 2 | ||||
| -rw-r--r-- | security/pwned-check/files/pwned-check.sh.in | 68 |
2 files changed, 41 insertions, 29 deletions
diff --git a/security/pwned-check/Makefile b/security/pwned-check/Makefile index 153b00cf8ea1..2d6422ac26a8 100644 --- a/security/pwned-check/Makefile +++ b/security/pwned-check/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= pwned-check -PORTVERSION= 1.0 +PORTVERSION= 2.0 PORTEPOCH= 1 CATEGORIES= security MASTER_SITES= # diff --git a/security/pwned-check/files/pwned-check.sh.in b/security/pwned-check/files/pwned-check.sh.in index afb2b569856a..d7cbe61dfcb5 100644 --- a/security/pwned-check/files/pwned-check.sh.in +++ b/security/pwned-check/files/pwned-check.sh.in @@ -33,36 +33,48 @@ usage () # Fetch files with pwned password hashes fetchpwfiles () { - umask 022 - mkdir -p $DBDIR || errexit "No write permission on data directory." - local f s_txt s_txt_7z hash - while read f s_txt s_txt_7z hash - do - local f7z="$f.7z" - echo "Checking '$DBDIR/$f' ..." - local s_txt_is=$(stat -f %z $f 2>/dev/null) - if [ "$s_txt_is" != "$s_txt" ]; then - echo "Fetching '$DBDIR/$f' ..." - fetch -S $s_txt_7z "$URLBASE/$f7z" || errexit "Could not fetch '$URLBASE/$f7z'" - local hash_is=$(sha1 -q "$f7z") - if [ "$hash_is" != "$hash" ]; then + umask 022 + mkdir -p $DBDIR || errexit "No write permission on data directory." + local f s_txt s_txt_7z hash + while read f s_txt s_txt_7z hash + do + local f7z="$f.7z" + echo "Checking '$DBDIR/$f' ..." + local s_txt_is=$(stat -f %z $f 2>/dev/null) + if [ "$s_txt_is" != "$s_txt" ]; then + local s_txt_7z_is=$(stat -f %z $f7z 2>/dev/null) + if [ "$s_txt_7z_is" != "$s_txt_7z" ]; then + echo "Fetching '$DBDIR/$f7z' ..." + fetch -S $s_txt_7z "$URLBASE/$f7z" || errexit "Could not fetch '$URLBASE/$f7z'." + fi + echo "Checking '$DBDIR/$f7z' ..." + local hash_is=$(sha1 -q "$f7z") + if [ "$hash_is" != "$hash" ]; then + rm -f "$f7z" + errexit "File '$f7z' fails SHA1 check: '$hash_is' should be '$hash'." + fi + echo "Extracting '$DBDIR/$f' ..." + tar xOf "$f7z" | cut -d ":" -f 1 > "$f" || errexit "Decompression of file '$f7z' failed." + local s_txt_is=$(stat -f %z "$f") + if [ "$s_txt_is" != "$s_txt" ]; then + rm -f "$f" + errexit "File '$f' has size $s_txt_is after decompression, should be $s_txt." + fi + fi rm -f "$f7z" - errexit "File '$f7z' fails SHA1 check: '$hash_is' should be '$hash'." - fi - tar xf $f7z - local s_txt_is=$(stat -f %z $f) - if [ "$s_txt_is" != "$s_txt" ]; then - rm -f "$f" - errexit "File '$f' has size $s_txt_is after decompression, should be $s_txt." - fi - fi - rm -f "$f7z" - done <<EOF -pwned-passwords-1.0.txt 12862899504 5702869528 90d57d16a2dfe00de6cc58d0fa7882229ace4a53 -pwned-passwords-update-1.txt 574389228 262300582 00fc585efad08a4b6323f8e4196aae9207f8b09f -pwned-passwords-update-2.txt 16791180 8000810 20318090278bbd196945025bc7bf93e99f261f9a + done <<EOF +pwned-passwords-ordered-2.0.txt 20567110522 9647404191 87437926c6293d034a259a2b86a2d077e7fd5a63 +EOF + echo "All data files have been successfully downloaded and extracted." + # delete old data files (their content is included in the new datafiles) + while read f + do + rm -f $f $f.7z + done <<EOF +pwned-passwords-1.0.txt +pwned-passwords-update-1.txt +pwned-passwords-update-2.txt EOF - echo "All data files have been successfully downloaded and extracted." } # Password lookup |