GLSA tool:

- fixed atom matching when slotted packages are found
- added info tool, that shows glsa information for the provided identifier
- misc bug fixes


git-svn-id: http://svn.sabayonlinux.org/projects/entropy/trunk@1164 cd1c1023-2f26-0410-ae45-c471fc1f0318
This commit is contained in:
(no author)
2008-02-07 14:29:37 +00:00
parent 1a09070786
commit e67a753aeb
4 changed files with 200 additions and 28 deletions

View File

@@ -32,21 +32,141 @@ def security(options):
only_affected = False
only_unaffected = False
fetch = False
for opt in options:
if opt == "--affected":
only_affected = True
elif opt == "--unaffected":
only_unaffected = True
elif opt == "--fetch":
fetch = True
if options[0] == "update":
rc = Equo.Security.fetch_advisories()
elif options[0] == "list":
rc = list_advisories(only_affected = only_affected, only_unaffected = only_unaffected)
elif options[0] == "install":
Equo.load_cache()
rc = install_packages(fetch = fetch)
Equo.save_cache()
elif options[0] == "info":
rc = show_advisories_info(options[1:])
else:
rc = -10
return rc
def show_advisories_info(advisories):
if not advisories:
print_error(brown(" :: ")+darkgreen("No advisories provided."))
return 1
adv_metadata = Equo.Security.get_advisories_metadata()
for advisory in advisories:
if advisory not in adv_metadata:
print_warning(brown(" :: ")+darkred("Advisory ")+blue(advisory)+darkred(" does not exist."))
continue
print_advisory_information(adv_metadata[advisory], key = advisory)
return 0
def print_advisory_information(advisory_data, key):
# print advisory code
glsa_url = "http://www.gentoo.org/security/en/glsa/%s" % (advisory_data['filename'],)
print_info(blue(" @@ ")+red("GLSA Identifier ")+bold(key)+red(" | ")+blue(glsa_url))
# title
print_info("\t"+darkgreen("Title:\t\t")+darkred(advisory_data['title']))
# description
description = advisory_data['description'].split("\n")
desc_text = "\t"+darkgreen("Description:\t")
for x in description:
print_info(desc_text+x.strip())
desc_text = "\t\t\t"
# background
if advisory_data['background']:
background = advisory_data['background'].split("\n")
bg_text = "\t"+darkgreen("Background:\t")
for x in background:
print_info(bg_text+purple(x.strip()))
bg_text = "\t\t\t"
# access
if advisory_data['access']:
print_info("\t"+darkgreen("Exploitable:\t")+bold(advisory_data['access']))
# impact
if advisory_data['impact']:
impact = advisory_data['impact'].split("\n")
imp_text = "\t"+darkgreen("Impact:\t\t")
for x in impact:
print_info(imp_text+brown(x.strip()))
imp_text = "\t\t\t"
# impact type
if advisory_data['impacttype']:
print_info("\t"+darkgreen("Impact type:\t")+bold(advisory_data['impacttype']))
# revised
if advisory_data['revised']:
print_info("\t"+darkgreen("Revised:\t")+brown(advisory_data['revised']))
# announced
if advisory_data['announced']:
print_info("\t"+darkgreen("Announced:\t")+brown(advisory_data['announced']))
# synopsis
synopsis = advisory_data['synopsis'].split("\n")
syn_text = "\t"+darkgreen("Synopsis:\t")
for x in synopsis:
print_info(syn_text+x.strip())
syn_text = "\t\t\t"
# references
if advisory_data['references']:
print_info("\t"+darkgreen("References:"))
for reference in advisory_data['references']:
print_info("\t\t\t"+darkblue(reference))
# gentoo bugs
if advisory_data['bugs']:
print_info("\t"+darkgreen("Gentoo bugs:"))
for bug in advisory_data['bugs']:
bug = "https://bugs.gentoo.org/show_bug.cgi?id=%s" % (bug,)
print_info("\t\t\t"+darkblue(bug))
# affected
if advisory_data['affected']:
print_info("\t"+darkgreen("Affected:"))
for key in advisory_data['affected']:
print_info("\t\t\t"+darkred(key))
affected_data = advisory_data['affected'][key][0]
vul_vers = affected_data['vul_vers']
unaff_vers = affected_data['unaff_vers']
if vul_vers:
print_info("\t\t\t "+brown("vulnerable versions: ")+", ".join(vul_vers))
if unaff_vers:
print_info("\t\t\t "+brown("unaffected versions: ")+", ".join(unaff_vers))
#print affected_data
# workaround
if advisory_data['workaround']:
print_info("\t"+darkgreen("Workaround:\t")+darkred(advisory_data['workaround']))
# resolution
if advisory_data['resolution']:
res_text = "\t"+darkgreen("Resolution:\t")
resolutions = advisory_data['resolution']
for resolution in resolutions:
for x in resolution.split("\n"):
print_info(res_text+x.strip())
res_text = "\t\t\t"
{'background': u''}
def list_advisories(only_affected = False, only_unaffected = False):
if (not only_affected and not only_unaffected) or (only_affected and only_unaffected):
@@ -85,4 +205,28 @@ def list_advisories(only_affected = False, only_unaffected = False):
print_info(description)
return 0
def install_packages(fetch = False):
import text_ui
print_info(red(" @@ ")+blue("Calculating security updates..."))
affected_atoms = Equo.Security.get_affected_atoms()
# match in client database
valid_matches = set()
for atom in affected_atoms:
match = Equo.clientDbconn.atomMatch(atom)
if match[0] == -1:
continue
# get key + slot
key, slot = Equo.clientDbconn.retrieveKeySlot(match[0])
# match in repos
match = Equo.atomMatch(key, matchSlot = slot)
if match[0] != -1:
valid_matches.add(match)
if not valid_matches:
print_info(red(" @@ ")+blue("All the available updates have been already installed."))
return 0
rc, stat = text_ui.installPackages(atomsdata = valid_matches, onlyfetch = fetch)
return rc