diff --git a/external/bsd/pkg_install/dist/add/perform.c b/external/bsd/pkg_install/dist/add/perform.c index f5a0e643a3e4..35be910fa852 100644 --- a/external/bsd/pkg_install/dist/add/perform.c +++ b/external/bsd/pkg_install/dist/add/perform.c @@ -1,4 +1,4 @@ -/* $NetBSD: perform.c,v 1.5 2017/04/20 13:18:23 joerg Exp $ */ +/* $NetBSD: perform.c,v 1.6 2018/03/25 04:04:36 sevan Exp $ */ #if HAVE_CONFIG_H #include "config.h" #endif @@ -6,7 +6,7 @@ #if HAVE_SYS_CDEFS_H #include #endif -__RCSID("$NetBSD: perform.c,v 1.5 2017/04/20 13:18:23 joerg Exp $"); +__RCSID("$NetBSD: perform.c,v 1.6 2018/03/25 04:04:36 sevan Exp $"); /*- * Copyright (c) 2003 Grant Beattie @@ -1318,7 +1318,7 @@ check_vulnerable(struct pkg_task *pkg) return require_check; } - if (!audit_package(pv, pkg->pkgname, NULL, 2)) + if (!audit_package(pv, pkg->pkgname, NULL, 0, 2)) return 0; if (require_check) diff --git a/external/bsd/pkg_install/dist/add/pkg_add.1 b/external/bsd/pkg_install/dist/add/pkg_add.1 index af3deba2fa61..7394c0d86937 100644 --- a/external/bsd/pkg_install/dist/add/pkg_add.1 +++ b/external/bsd/pkg_install/dist/add/pkg_add.1 @@ -1,4 +1,4 @@ -.\" $NetBSD: pkg_add.1,v 1.2 2017/04/20 13:18:23 joerg Exp $ +.\" $NetBSD: pkg_add.1,v 1.3 2018/03/25 04:04:36 sevan Exp $ .\" .\" FreeBSD install - a package for the installation and maintenance .\" of non-core utilities. @@ -17,7 +17,7 @@ .\" .\" @(#)pkg_add.1 .\" -.Dd December 27, 2014 +.Dd March 21, 2018 .Dt PKG_ADD 1 .Os .Sh NAME @@ -25,7 +25,7 @@ .Nd a utility for installing and upgrading software package distributions .Sh SYNOPSIS .Nm -.Op Fl AfInRUuVv +.Op Fl AfhInRUuVv .Op Fl C Ar config .Op Fl K Ar pkg_dbdir .Op Fl m Ar machine @@ -119,6 +119,11 @@ removed. Read the configuration file from .Ar config instead of the system default. +.It Fl D +Force updating even if the dependencies of depending packages are not +satisfied by the new package. +This is used by "make replace", after which one would typically +replace the depending packages. .It Fl f Force installation to proceed even if prerequisite packages are not installed or the install script fails. @@ -128,11 +133,8 @@ will still try to find and auto-install missing prerequisite packages, a failure to find one will not be fatal. This flag also overrides the fatal error when the operating system or architecture the package was built on differ from that of the host. -.It Fl D -Force updating even if the dependencies of depending packages are not -satisfied by the new package. -This is used by "make replace", after which one would typically -replace the depending packages. +.It Fl h +Display help and exit. .It Fl I If an installation script exists for a given package, do not execute it. .It Fl K Ar pkg_dbdir diff --git a/external/bsd/pkg_install/dist/admin/audit.c b/external/bsd/pkg_install/dist/admin/audit.c index 7f9a40e257e1..fbbbcb229157 100644 --- a/external/bsd/pkg_install/dist/admin/audit.c +++ b/external/bsd/pkg_install/dist/admin/audit.c @@ -1,4 +1,4 @@ -/* $NetBSD: audit.c,v 1.2 2017/04/20 13:18:23 joerg Exp $ */ +/* $NetBSD: audit.c,v 1.3 2018/03/25 04:04:36 sevan Exp $ */ #if HAVE_CONFIG_H #include "config.h" @@ -7,7 +7,7 @@ #if HAVE_SYS_CDEFS_H #include #endif -__RCSID("$NetBSD: audit.c,v 1.2 2017/04/20 13:18:23 joerg Exp $"); +__RCSID("$NetBSD: audit.c,v 1.3 2018/03/25 04:04:36 sevan Exp $"); /*- * Copyright (c) 2008 Joerg Sonnenberger . @@ -73,13 +73,14 @@ __RCSID("$NetBSD: audit.c,v 1.2 2017/04/20 13:18:23 joerg Exp $"); #include "admin.h" #include "lib.h" +static int check_ignored_advisories = 0; static int check_signature = 0; static const char *limit_vul_types = NULL; static int update_pkg_vuln = 0; static struct pkg_vulnerabilities *pv; -static const char audit_options[] = "est:"; +static const char audit_options[] = "eist:"; static void parse_options(int argc, char **argv, const char *options) @@ -101,6 +102,9 @@ parse_options(int argc, char **argv, const char *options) case 'e': check_eol = "yes"; break; + case 'i': + check_ignored_advisories = 1; + break; case 's': check_signature = 1; break; @@ -122,7 +126,8 @@ parse_options(int argc, char **argv, const char *options) static int check_exact_pkg(const char *pkg) { - return audit_package(pv, pkg, limit_vul_types, quiet ? 0 : 1); + return audit_package(pv, pkg, limit_vul_types, + check_ignored_advisories, quiet ? 0 : 1); } static int diff --git a/external/bsd/pkg_install/dist/admin/main.c b/external/bsd/pkg_install/dist/admin/main.c index 547d923a9a7c..3ad7ae63bbd4 100644 --- a/external/bsd/pkg_install/dist/admin/main.c +++ b/external/bsd/pkg_install/dist/admin/main.c @@ -1,4 +1,4 @@ -/* $NetBSD: main.c,v 1.2 2017/04/20 13:18:23 joerg Exp $ */ +/* $NetBSD: main.c,v 1.3 2018/03/25 04:04:36 sevan Exp $ */ #if HAVE_CONFIG_H #include "config.h" @@ -7,7 +7,7 @@ #if HAVE_SYS_CDEFS_H #include #endif -__RCSID("$NetBSD: main.c,v 1.2 2017/04/20 13:18:23 joerg Exp $"); +__RCSID("$NetBSD: main.c,v 1.3 2018/03/25 04:04:36 sevan Exp $"); /*- * Copyright (c) 1999-2009 The NetBSD Foundation, Inc. @@ -112,9 +112,9 @@ usage(void) " pmatch pattern pkg - returns true if pkg matches pattern, otherwise false\n" " fetch-pkg-vulnerabilities [-s] - fetch new vulnerability file\n" " check-pkg-vulnerabilities [-s] - check syntax and checksums of the vulnerability file\n" - " audit [-es] [-t type] ... - check installed packages for vulnerabilities\n" - " audit-pkg [-es] [-t type] ... - check listed packages for vulnerabilities\n" - " audit-batch [-es] [-t type] ... - check packages in listed files for vulnerabilities\n" + " audit [-eis] [-t type] ... - check installed packages for vulnerabilities\n" + " audit-pkg [-eis] [-t type] ... - check listed packages for vulnerabilities\n" + " audit-batch [-eis] [-t type] ... - check packages in listed files for vulnerabilities\n" " audit-history [-t type] ... - print all advisories for package names\n" " check-license - check if condition is acceptable\n" " check-single-license - check if license is acceptable\n" diff --git a/external/bsd/pkg_install/dist/admin/pkg_admin.1 b/external/bsd/pkg_install/dist/admin/pkg_admin.1 index 01c98e9714b1..a6559ab544b2 100644 --- a/external/bsd/pkg_install/dist/admin/pkg_admin.1 +++ b/external/bsd/pkg_install/dist/admin/pkg_admin.1 @@ -1,4 +1,4 @@ -.\" $NetBSD: pkg_admin.1,v 1.2 2017/04/20 13:18:23 joerg Exp $ +.\" $NetBSD: pkg_admin.1,v 1.3 2018/03/25 04:04:36 sevan Exp $ .\" .\" Copyright (c) 1999-2010 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -34,7 +34,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd December 27, 2014 +.Dd February 25, 2018 .Dt PKG_ADMIN 1 .Os .Sh NAME @@ -106,7 +106,7 @@ Be more verbose. .Pp The following commands are supported: .Bl -tag -width indent -.It Cm audit Oo Fl es Oc Oo Fl t Ar type Oc Oo Ar pkg Oc ... +.It Cm audit Oo Fl eis Oc Oo Fl t Ar type Oc Oo Ar pkg Oc ... Check the listed installed packages for vulnerabilities. If no package is given, check all installed packages. If @@ -118,16 +118,25 @@ option from with .Qq Li yes . If +.Fl i +is given, +any advisory ignored by +.Dv IGNORE_URL +in +.Xr pkg_install.conf 5 +is included but flagged as +.Qq ignored . +If .Fl s is given, check the signature of the pkg-vulnerabilities file before using it. .Fl t restricts the reported vulnerabilities to type .Ar type . -.It Cm audit-pkg Oo Fl es Oc Oo Fl t Ar type Oc Oo Ar pkg Oc ... +.It Cm audit-pkg Oo Fl eis Oc Oo Fl t Ar type Oc Oo Ar pkg Oc ... Like .Cm audit , but check only the given package names or patterns. -.It Cm audit-batch Oo Fl es Oc Oo Fl t Ar type Oc Oo Ar pkg-list Oc ... +.It Cm audit-batch Oo Fl eis Oc Oo Fl t Ar type Oc Oo Ar pkg-list Oc ... Like .Cm audit-pkg , but read the package names or patterns one per line from the given files. diff --git a/external/bsd/pkg_install/dist/admin/pkg_admin.cat b/external/bsd/pkg_install/dist/admin/pkg_admin.cat index 4e751d493ff0..8173dee12a71 100644 --- a/external/bsd/pkg_install/dist/admin/pkg_admin.cat +++ b/external/bsd/pkg_install/dist/admin/pkg_admin.cat @@ -47,18 +47,20 @@ OOPPTTIIOONNSS The following commands are supported: - aauuddiitt [--eess] [--tt _t_y_p_e] [_p_k_g] ... + aauuddiitt [--eeiiss] [--tt _t_y_p_e] [_p_k_g] ... Check the listed installed packages for vulnerabilities. If no package is given, check all installed packages. If --ee is given, override the CHECK_END_OF_LIFE option from pkg_install.conf(5) - with "yes". If --ss is given, check the signature of the pkg- - vulnerabilities file before using it. --tt restricts the reported - vulnerabilities to type _t_y_p_e. + with "yes". If --ii is given, any advisory ignored by IGNORE_URL + in pkg_install.conf(5) is included but flagged as "ignored". If + --ss is given, check the signature of the pkg-vulnerabilities file + before using it. --tt restricts the reported vulnerabilities to + type _t_y_p_e. - aauuddiitt--ppkkgg [--eess] [--tt _t_y_p_e] [_p_k_g] ... + aauuddiitt--ppkkgg [--eeiiss] [--tt _t_y_p_e] [_p_k_g] ... Like aauuddiitt, but check only the given package names or patterns. - aauuddiitt--bbaattcchh [--eess] [--tt _t_y_p_e] [_p_k_g_-_l_i_s_t] ... + aauuddiitt--bbaattcchh [--eeiiss] [--tt _t_y_p_e] [_p_k_g_-_l_i_s_t] ... Like aauuddiitt--ppkkgg, but read the package names or patterns one per line from the given files. @@ -204,4 +206,4 @@ HHIISSTTOORRYY AAUUTTHHOORRSS The ppkkgg__aaddmmiinn command was written by Hubert Feyrer. -pkgsrc December 27, 2014 pkgsrc +pkgsrc February 25, 2018 pkgsrc diff --git a/external/bsd/pkg_install/dist/delete/pkg_delete.c b/external/bsd/pkg_install/dist/delete/pkg_delete.c index fe487a1df522..1b53484611b5 100644 --- a/external/bsd/pkg_install/dist/delete/pkg_delete.c +++ b/external/bsd/pkg_install/dist/delete/pkg_delete.c @@ -34,7 +34,7 @@ #if HAVE_SYS_CDEFS_H #include #endif -__RCSID("$NetBSD: pkg_delete.c,v 1.2 2017/04/20 13:18:23 joerg Exp $"); +__RCSID("$NetBSD: pkg_delete.c,v 1.3 2018/03/25 04:04:36 sevan Exp $"); #if HAVE_ERR_H #include @@ -60,7 +60,7 @@ static int delete_automatic_leaves; static void usage(void) { - fprintf(stderr, "usage: pkg_delete [-DFfkNnORrVv] [-K pkg_dbdir]" + fprintf(stderr, "usage: pkg_delete [-ADFfkNnORrVv] [-K pkg_dbdir]" " [-P destdir] [-p prefix] pkg-name ...\n"); exit(1); } diff --git a/external/bsd/pkg_install/dist/lib/lib.h b/external/bsd/pkg_install/dist/lib/lib.h index 38960e56e1d5..127d8cbeb803 100644 --- a/external/bsd/pkg_install/dist/lib/lib.h +++ b/external/bsd/pkg_install/dist/lib/lib.h @@ -1,4 +1,4 @@ -/* $NetBSD: lib.h,v 1.8 2017/04/20 13:18:23 joerg Exp $ */ +/* $NetBSD: lib.h,v 1.9 2018/03/25 04:04:36 sevan Exp $ */ /* from FreeBSD Id: lib.h,v 1.25 1997/10/08 07:48:03 charnier Exp */ @@ -374,7 +374,7 @@ struct pkg_vulnerabilities *read_pkg_vulnerabilities_file(const char *, int, int struct pkg_vulnerabilities *read_pkg_vulnerabilities_memory(void *, size_t, int); void free_pkg_vulnerabilities(struct pkg_vulnerabilities *); int audit_package(struct pkg_vulnerabilities *, const char *, const char *, - int); + int, int); /* Parse configuration file */ void pkg_install_config(void); diff --git a/external/bsd/pkg_install/dist/lib/license.c b/external/bsd/pkg_install/dist/lib/license.c index d651b745acad..f5852a7eb293 100644 --- a/external/bsd/pkg_install/dist/lib/license.c +++ b/external/bsd/pkg_install/dist/lib/license.c @@ -1,4 +1,4 @@ -/* $NetBSD: license.c,v 1.6 2018/02/04 09:00:51 maya Exp $ */ +/* $NetBSD: license.c,v 1.7 2018/03/25 04:04:36 sevan Exp $ */ /*- * Copyright (c) 2009 Joerg Sonnenberger . @@ -62,6 +62,7 @@ const char *default_acceptable_licenses = "gnu-gpl-v1 " "gnu-gpl-v2 gnu-lgpl-v2 gnu-lgpl-v2.1 " "gnu-gpl-v3 gnu-lgpl-v3 " + "happy " "hpnd " "info-zip " "ipafont " diff --git a/external/bsd/pkg_install/dist/lib/version.h b/external/bsd/pkg_install/dist/lib/version.h index b52c6a6a0e7a..8f3c8ff64e24 100644 --- a/external/bsd/pkg_install/dist/lib/version.h +++ b/external/bsd/pkg_install/dist/lib/version.h @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.12 2018/02/04 09:00:51 maya Exp $ */ +/* $NetBSD: version.h,v 1.13 2018/03/25 04:04:36 sevan Exp $ */ /* * Copyright (c) 2001 Thomas Klausner. All rights reserved. @@ -27,6 +27,6 @@ #ifndef _INST_LIB_VERSION_H_ #define _INST_LIB_VERSION_H_ -#define PKGTOOLS_VERSION 20171030 +#define PKGTOOLS_VERSION 20180325 #endif /* _INST_LIB_VERSION_H_ */ diff --git a/external/bsd/pkg_install/dist/lib/vulnerabilities-file.c b/external/bsd/pkg_install/dist/lib/vulnerabilities-file.c index 3617fc750606..bd4008f88cc0 100644 --- a/external/bsd/pkg_install/dist/lib/vulnerabilities-file.c +++ b/external/bsd/pkg_install/dist/lib/vulnerabilities-file.c @@ -1,4 +1,4 @@ -/* $NetBSD: vulnerabilities-file.c,v 1.2 2017/04/20 13:18:23 joerg Exp $ */ +/* $NetBSD: vulnerabilities-file.c,v 1.3 2018/03/25 04:04:36 sevan Exp $ */ /*- * Copyright (c) 2008, 2010 Joerg Sonnenberger . @@ -38,7 +38,7 @@ #if HAVE_SYS_CDEFS_H #include #endif -__RCSID("$NetBSD: vulnerabilities-file.c,v 1.2 2017/04/20 13:18:23 joerg Exp $"); +__RCSID("$NetBSD: vulnerabilities-file.c,v 1.3 2018/03/25 04:04:36 sevan Exp $"); #if HAVE_SYS_STAT_H #include @@ -608,18 +608,19 @@ check_ignored_entry(struct pkg_vulnerabilities *pv, size_t i) int audit_package(struct pkg_vulnerabilities *pv, const char *pkgname, - const char *limit_vul_types, int output_type) + const char *limit_vul_types, int include_ignored, int output_type) { FILE *output = output_type == 1 ? stdout : stderr; size_t i; - int retval, do_eol; + int retval, do_eol, ignored; retval = 0; do_eol = (strcasecmp(check_eol, "yes") == 0); for (i = 0; i < pv->entries; ++i) { - if (check_ignored_entry(pv, i)) + ignored = check_ignored_entry(pv, i); + if (ignored && !include_ignored) continue; if (limit_vul_types != NULL && strcmp(limit_vul_types, pv->classification[i])) @@ -642,11 +643,13 @@ audit_package(struct pkg_vulnerabilities *pv, const char *pkgname, } retval = 1; if (output_type == 0) { - puts(pkgname); + fprintf(stdout, "%s%s\n", + pkgname, ignored ? " (ignored)" : ""); } else { fprintf(output, - "Package %s has a %s vulnerability, see %s\n", - pkgname, pv->classification[i], pv->advisory[i]); + "Package %s has a%s %s vulnerability, see %s\n", + pkgname, ignored ? "n ignored" : "", + pv->classification[i], pv->advisory[i]); } } return retval;