Add support for the upcoming pkg_install-20070714 which now includes

audit-packages.

3 files changed, 53 insertions, 14 deletions

diff --git a/mk/bulk/pre-build b/mk/bulk/pre-build
index 245084547dc..2a8468d0e52 100644
--- a/mk/bulk/pre-build
+++ b/mk/bulk/pre-build
@@ -1,5 +1,5 @@
 #!/bin/sh
-# $NetBSD: pre-build,v 1.68 2007/07/02 14:54:09 joerg Exp $
+# $NetBSD: pre-build,v 1.69 2007/07/14 17:17:45 adrianp Exp $
 #
 # Clean up system to be ready for bulk pkg build
 #
@@ -18,6 +18,7 @@ fi
 PRUNEDISTFILES=${PRUNEDISTFILES:-"no"}
 PRUNEPACKAGES=${PRUNEPACKAGES:-"yes"}
 PRUNELINKS=${PRUNEPACKAGES:-"yes"}
+PKG_ADMIN="pkg_admin"
 
 PKGLINT_PKG_DIR=${USR_PKGSRC}/pkgtools/pkglint
 
@@ -69,11 +70,20 @@ echo "pre-build> Creating ${BULKFILESDIR} if necessary"
 mkdir -p "${BULKFILESDIR}"
 
 # Make sure the pkg-vulnerabilities file is up to date
+_INFO_VER=`${PKG_INFO} -V`;
 echo "pre-build> Making sure vulnerability-list is upto date:"
 if [ -z "$UPDATE_VULNERABILITY_LIST" -o "$UPDATE_VULNERABILITY_LIST" = yes ]; then
+	if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-${_INFO_VER}; then
        ( cd "${USR_PKGSRC}/security/audit-packages" \
          && ${BMAKE} bulk-install \
          && env PKGVULNDIR="${DISTDIR}" download-vulnerability-list )
+	else
+		_PKGVULNDIR=`audit-packages ${AUDIT_PACKAGES_FLAGS} -Q PKGVULNDIR`
+		download-vulnerability-list ${DOWNLOAD_VULNERABILITY_LIST_FLAGS}
+		if [ "x${_PKGVULNDIR}" != "x${DISTDIR}" ]; then
+			cp ${_PKGVULNDIR}/pkg-vulnerabilities ${DISTDIR}
+		fi
+	fi
        echo 'pre-build> done.'
 else
        echo 'pre-build> (skipped)'
@@ -82,7 +92,8 @@ fi
 # On non-NetBSD platforms we need to keep the bootstrap-files!
 if [ x"$BMAKE" = x"bmake" ]; then
 	( cd "$LOCALBASE" && tar cf /tmp/$$.tar \
-		sbin/pkg_add sbin/pkg_admin sbin/pkg_create       \
+		sbin/audit-packages sbin/download-vulnerability-list         \
+		sbin/pkg_add sbin/pkg_admin sbin/pkg_create                  \
 		sbin/pkg_delete sbin/pkg_info sbin/pkg_view sbin/linkfarm    \
 		share/mk/sys.mk share/mk/bsd.dep.mk share/mk/bsd.depall.mk   \
 		share/mk/bsd.files.mk share/mk/bsd.hostprog.mk               \
@@ -95,17 +106,23 @@ if [ x"$BMAKE" = x"bmake" ]; then
 		share/mk/bsd.sys.mk share/mk/bsd.own.mk                      \
 		bin/bmake bin/ftp bin/digest bin/nawk bin/nbsed              \
 		bin/install-sh bin/pax bin/tar bin/cpio                      \
+		man/cat1/audit-packages.0                                    \
+		man/cat1/download-vulnerability-list.0                       \
 		man/cat1/ftp.1 man/cat1/pax.0                                \
 		man/cat1/tar.0 man/cat1/cpio.0 man/cat1/pkg_add.0            \
 		man/cat1/pkg_admin.0 man/cat1/pkg_create.0                   \
 		man/cat1/pkg_delete.0 man/cat1/pkg_info.0                    \
 		man/cat1/pkg_view.0 man/cat1/linkfarm.0                      \
+		man/cat5/audit-packages.conf.0                               \
+		man/man1/audit-packages.1                                    \
+		man/man1/download-vulnerability-list.1                       \
 		man/man1/digest.1 man/man1/pax.1 man/man1/cpio.1             \
 		man/man1/tar.1 man/man1/nbsed.1 man/man1/pkg_add.1           \
 		man/man1/pkg_admin.1 man/man1/pkg_create.1                   \
 		man/man1/pkg_delete.1 man/man1/pkg_info.1                    \
-		man/man1/pkg_view.1 man/man1/linkfarm.1 man/cat7/packages.0  \
-		etc/mk.conf )
+		man/man1/pkg_view.1 man/man1/linkfarm.1                      \
+		man/man5/audit-packages.conf.5 man/cat7/packages.0           \
+		etc/mk.conf share/examples/pkg_install/audit-packages.conf )
 fi
 
 #
diff --git a/mk/bulk/sort-packages b/mk/bulk/sort-packages
index d8d768069cf..a6a6d8c1683 100644
--- a/mk/bulk/sort-packages
+++ b/mk/bulk/sort-packages
@@ -1,5 +1,5 @@
 #! /bin/sh
-# $NetBSD: sort-packages,v 1.7 2007/03/22 11:43:18 rillig Exp $
+# $NetBSD: sort-packages,v 1.8 2007/07/14 17:17:45 adrianp Exp $
 
 # This program scans all binary packages in the current directory and
 # creates three lists of files in OUTDIR:
@@ -20,6 +20,7 @@ set -eu
 : ${OUTDIR="/tmp"}
 : ${PKG_SUFX=".tgz"}
 : ${AUDIT_PACKAGES="audit-packages"}
+: ${PKG_ADMIN="pkg_admin"}
 : ${PKG_INFO="pkg_info"}
 
 regular_packages="${OUTDIR}/regular_packages"
@@ -67,13 +68,19 @@ for pkg in *${PKG_SUFX}; do
 		# Check whether the package is vulnerable or not.
 		pkg_prefix="${pkg%%-*}"
 		category="regular"
-		# XXX: The egrep command is only needed here because
-		# audit-packages is so awfully slow.
-		if egrep "^({.*${pkg_prefix}.*}|${pkg_prefix}|{.*}${pkg_prefix})" ${PKGVULNDIR}/pkg-vulnerabilities >/dev/null 4>&1; then
-			vuln=`${AUDIT_PACKAGES} -p "${pkg}"`
-			if [ -n "${vuln}" ]; then
-				category="vulnerable"
+		_INFO_VER=`${PKG_INFO} -V`;
+		if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-${_INFO_VER}; then
+			# XXX: The egrep command is only needed here because
+			# audit-packages before pkg_install-20070714 is so 
+			# awfully slow.
+			if egrep "^({.*${pkg_prefix}.*}|${pkg_prefix}|{.*}${pkg_prefix})" ${PKGVULNDIR}/pkg-vulnerabilities >/dev/null 4>&1; then
+				vuln=`${AUDIT_PACKAGES} -p "${pkg}"`
 			fi
+		else
+			vuln=`${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -p "${pkg}"`
+		fi
+		if [ -n "${vuln}" ]; then
+			category="vulnerable"
 		fi
 	elif [ "${restricted}" != "unknown" ] && [ "${no_bin_on_ftp}" != "unknown" ]; then
 		category="restricted"
diff --git a/mk/bulk/upload b/mk/bulk/upload
index f11eb95ad63..3d0f1f0eff0 100644
--- a/mk/bulk/upload
+++ b/mk/bulk/upload
@@ -1,11 +1,12 @@
 #!/bin/sh
-# $NetBSD: upload,v 1.37 2006/12/15 13:15:06 martti Exp $
+# $NetBSD: upload,v 1.38 2007/07/14 17:17:45 adrianp Exp $
 
 #
 # Upload non-restricted binary pkgs to ftp server
 #
 
 AWK=${AWK:-/usr/bin/awk}
+PKG_ADMIN="pkg_admin"
 
 set -eu
 
@@ -129,7 +130,12 @@ install_required()
 MD5="digest md5";
 SHA1="digest sha1";
 
-REQUIRED_PACKAGES="pkgtools/pkglint net/rsync security/audit-packages"
+_INFO_VER=`${PKG_INFO} -V`;
+if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-${_INFO_VER}; then
+	REQUIRED_PACKAGES="pkgtools/pkglint net/rsync security/audit-packages"
+else
+	REQUIRED_PACKAGES="pkgtools/pkglint net/rsync"
+fi
 
 opsys=`uname -s`
 case "$opsys" in
@@ -208,7 +214,16 @@ done
 echo "upload> Making sure vulnerability-list is up-to-date:"
 if [ -z "$UPDATE_VULNERABILITY_LIST" -o "$UPDATE_VULNERABILITY_LIST" = "yes" ]
 then
-	env PKGVULNDIR=${distdir} download-vulnerability-list
+	if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-${_INFO_VER}
+	then
+		env PKGVULNDIR=${distdir} download-vulnerability-list
+	else
+		_PKGVULNDIR=`audit-packages ${AUDIT_PACKAGES_FLAGS} -Q PKGVULNDIR`
+		download-vulnerability-list ${DOWNLOAD_VULNERABILITY_LIST_FLAGS}
+		if [ "x${_PKGVULNDIR}" != "x${distdir}" ]; then
+			cp ${_PKGVULNDIR}/pkg-vulnerabilities ${distdir}
+		fi
+	fi
 	echo "        done."
 else
 	echo "        (skipped)"