diff options
Diffstat (limited to 'security/portaudit-db/files/packaudit.sh')
| -rw-r--r-- | security/portaudit-db/files/packaudit.sh | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/security/portaudit-db/files/packaudit.sh b/security/portaudit-db/files/packaudit.sh new file mode 100644 index 000000000000..ff8ebd767625 --- /dev/null +++ b/security/portaudit-db/files/packaudit.sh @@ -0,0 +1,112 @@ +#!/bin/sh -e +# +# Copyright (c) 2004 Oliver Eikemeier. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# 1. Redistributions of source code must retain the above copyright notice +# this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the author nor the names of its contributors may be +# used to endorse or promote products derived from this software without +# specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# $FreeBSD$ +# + +AWK=/usr/bin/awk +BASENAME=/usr/bin/basename +CAT=/bin/cat +DATE=/bin/date +ENV=/usr/bin/env +MD5=/sbin/md5 +MKTEMP=/usr/bin/mktemp +RM=/bin/rm +SED=/usr/bin/sed +TAR=/usr/bin/tar +XSLTPROC=%%LOCALBASE%%/bin/xsltproc + +PORTSDIR="${PORTSDIR:-%%PORTSDIR%%}" +VUXMLDIR="${VUXMLDIR:-$PORTSDIR/security/vuxml}" +PORTAUDITDBDIR="${PORTAUDITDBDIR:-$PORTSDIR/security/portaudit-db}" + +DATABASEDIR="${DATABASEDIR:-%%DATABASEDIR%%}" + +STYLESHEET="%%DATADIR%%/vuxml2portaudit.xslt" + +PUBLIC_HTML="${PUBLIC_HTML:-$HOME/public_html/portaudit}" +HTMLSHEET="%%DATADIR%%/vuxml2html.xslt" +BASEURL="http://people.freebsd.org/~eik/portaudit/" + +[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf" + +VULVER=`$SED -En -e '/^.*\\$FreeBSD\: [^$ ]+,v ([0-9]+(\.[0-9]+)+) [^$]+\\$.*$/{s//\1/p;q;}' "$VUXMLDIR/vuln.xml"` +VULURL="http://cvsweb.freebsd.org/ports/security/vuxml/vuln.xml?rev=$VULVER" + +if [ -d "$PUBLIC_HTML" ]; then + VULNMD5=`$CAT "$VUXMLDIR/vuln.xml" "$PORTAUDITDBDIR/database/portaudit.xml" | $MD5` + if [ -f "$PUBLIC_HTML/portaudit.md5" ]; then + VULNMD5_OLD=`$CAT "$PUBLIC_HTML/portaudit.md5"` + fi + if [ "$VULNMD5" != "$VULNMD5_OLD" ]; then + echo -n "$VULNMD5" > "$PUBLIC_HTML/portaudit.md5" + $XSLTPROC $XSLTPROC_EXTRA_ARGS --stringparam vulurl "$VULURL" --stringparam extradoc "$PORTAUDITDBDIR/database/portaudit.xml" \ + -o "$PUBLIC_HTML/" "$HTMLSHEET" "$VUXMLDIR/vuln.xml" + fi +fi + +TMPNAME=`$BASENAME "$0"` +TMPDIR=`$MKTEMP -d -t "$TMPNAME.$$"` || exit 1 + +TESTPORT="vulnerability-test-port>=2000<`$DATE -u +%Y.%m.%d`" +TESTURL="http://cvsweb.freebsd.org/ports/security/vulnerability-test-port/" +TESTREASON="Not vulnerable, just a test port (database: `$DATE -u +%Y-%m-%d`)" + +XLIST_FILE="$PORTAUDITDBDIR/database/portaudit.xlist" + +cd "$TMPDIR" || exit 1 +{ + $DATE -u "+#CREATED: %Y-%m-%d %H:%M:%S" + echo "# Created by packaudit %%PORTVERSION%%" + echo "$TESTPORT|$TESTURL|$TESTREASON" + echo "# Please refer to the original document for copyright information:" + echo "# $VULURL" + $XSLTPROC $XSLTPROC_EXTRA_ARGS --stringparam baseurl "$BASEURL" "$STYLESHEET" "$VUXMLDIR/vuln.xml" + echo "# This part is in the public domain" + $XSLTPROC $XSLTPROC_EXTRA_ARGS --stringparam baseurl "$BASEURL" "$STYLESHEET" "$PORTAUDITDBDIR/database/portaudit.xml" + $CAT "$PORTAUDITDBDIR/database/portaudit.txt" +} | $AWK -F\| -v XLIST_FILE="$XLIST_FILE" ' + BEGIN { + while((getline < XLIST_FILE) > 0) + if(!/^(#|$)/) + ignore[$1]=1 + } + /^(#|$)/ { + print + next + } + { + if (!ignore[$4]) + print $1 "|" $2 "|" $3 + }' > auditfile +echo "#CHECKSUM: MD5 `$MD5 < auditfile`" >> auditfile +$TAR -jcf "$DATABASEDIR/auditfile.tbz" auditfile +cd +$RM -Rf "$TMPDIR" |