 @@ -27,28 +27,28 @@
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 extern int quiet;
 extern int verbose;
 extern const char *pkg_vulnerabilities_dir;
 extern const char *pkg_vulnerabilities_file;
 extern const char *pkg_vulnerabilities_url;
 extern const char *fetch_cmd;
 extern const char *ignore_advisories;
 extern const char tnf_vulnerability_base[];
 void 	check(char **);
 void	audit_pkgdb(int, char **);
 void	audit_pkg(int, char **);
 void	audit_batch(int, char **);
 void	check_pkg_vulnerabilities(int, char **);
 void	fetch_pkg_vulnerabilities(int, char **);
 void	pkg_install_config(const char *);
 void	pkg_install_show_variable(const char *);
 void 	usage(void);

 @@ -1,24 +1,24 @@
-/*	$NetBSD: config.c,v 1.3 2008/03/21 14:47:53 joerg Exp $	*/
+/*	$NetBSD: config.c,v 1.4 2008/04/07 13:07:14 joerg Exp $	*/
 #if HAVE_CONFIG_H
 #include "config.h"
 #endif
 #include <nbcompat.h>
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
 #ifndef lint
-__RCSID("$NetBSD: config.c,v 1.3 2008/03/21 14:47:53 joerg Exp $");
+__RCSID("$NetBSD: config.c,v 1.4 2008/04/07 13:07:14 joerg Exp $");
 #endif
 /*-
  * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
+ *
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
 @@ -43,39 +43,37 @@ __RCSID("$NetBSD: config.c,v 1.3 2008/03
 #if HAVE_ERR_H
 #include <err.h>
 #endif
 #if HAVE_STRING_H
 #include <string.h>
 #endif
 #include "admin.h"
 #include "lib.h"
 const char *pkg_vulnerabilities_dir;
 const char *pkg_vulnerabilities_file;
 const char *pkg_vulnerabilities_url;
 const char *fetch_cmd = FTP_CMD;
 const char *ignore_advisories = NULL;
 const char tnf_vulnerability_base[] = "ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns";
 static struct config_variable {
 	const char *name;
 	const char **var;
 } config_variables[] = {
 	{ "GPG", &gpg_cmd },
 	{ "PKGVULNDIR", &pkg_vulnerabilities_dir },
 	{ "PKGVULNURL", &pkg_vulnerabilities_url },
 	{ "IGNORE_URL", &ignore_advisories },
 	{ "FETCH_CMD", &fetch_cmd },
 	{ NULL, NULL }
 };
 void
 pkg_install_config(const char *config_file)
+{
 	char *value;
 	int ret;
 	struct config_variable *var;
 	for (var = config_variables; var->name != NULL; ++var) {
 		value = var_get(config_file, var->name);
 		if (value != NULL)
 @@ -87,13 +85,26 @@ pkg_install_config(const char *config_fi
 	else
 		ret = asprintf(&value, "%s/pkg-vulnerabilities", _pkgdb_getPKGDB_DIR());
 	pkg_vulnerabilities_file = value;
 	if (ret == -1)
 		err(EXIT_FAILURE, "asprintf failed");
 	if (pkg_vulnerabilities_url == NULL) {
 		ret = asprintf(&value, "%s/pkg-vulnerabilities.gz",
 		    tnf_vulnerability_base);
 		pkg_vulnerabilities_url = value;
 		if (ret == -1)
 			err(EXIT_FAILURE, "asprintf failed");
+	}
+}
 void
 pkg_install_show_variable(const char *var_name)
+{
 	struct config_variable *var;
 	for (var = config_variables; var->name != NULL; ++var) {
 		if (strcmp(var->name, var_name) != 0)
 			continue;
 		if (*var->var != NULL)
 			puts(*var->var);
+	}
+}

 @@ -1,24 +1,24 @@
-/*	$NetBSD: main.c,v 1.40 2008/03/23 01:04:47 dsainty Exp $	*/
+/*	$NetBSD: main.c,v 1.41 2008/04/07 13:07:14 joerg Exp $	*/
 #if HAVE_CONFIG_H
 #include "config.h"
 #endif
 #include <nbcompat.h>
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
 #ifndef lint
-__RCSID("$NetBSD: main.c,v 1.40 2008/03/23 01:04:47 dsainty Exp $");
+__RCSID("$NetBSD: main.c,v 1.41 2008/04/07 13:07:14 joerg Exp $");
 #endif
 /*-
  * Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Hubert Feyrer <hubert@feyrer.de> and
  * by Joerg Sonnenberger <joerg@NetBSD.org>.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
 @@ -103,29 +103,30 @@ usage(void)
 	    " delete pkg ...              - delete file entries for pkg in database\n"
 	    " set variable=value pkg ...  - set installation variable for package\n"
 	    " unset variable pkg ...      - unset installation variable for package\n"
 #ifdef PKGDB_DEBUG
 	    " addkey key value            - add key and value\n"
 	    " delkey key                  - delete reference to key\n"
 #endif
 	    " lsall /path/to/pkgpattern   - list all pkgs matching the pattern\n"
 	    " lsbest /path/to/pkgpattern  - list pkgs matching the pattern best\n"
 	    " dump                        - dump database\n"
 	    " pmatch pattern pkg          - returns true if pkg matches pattern, otherwise false\n"
 	    " fetch-pkg-vulnerabilities [-s] - fetch new vulnerability file\n"
 	    " check-pkg-vulnerabilities [-s] <file> - check syntax and checksums of the vulnerability file\n"
-	    " audit [-es] [-t type] ...\n"
+	    " audit [-es] [-t type] ...       - check installed packages for vulnerabilities\n"
-	    " audit-pkg [-es] [-t type] ...\n"
+	    " audit-pkg [-es] [-t type] ...   - check listed packages for vulnerabilities\n"
-	    " audit-batch [-es] [-t type] ...\n",
+	    " audit-batch [-es] [-t type] ... - check packages in listed files for vulnerabilities\n"
 	    " config-var name                 - print current value of the configuration variable\n",
 	    getprogname());
 	exit(EXIT_FAILURE);
+}
 /*
  * add1pkg(<pkg>)
  *	adds the files listed in the +CONTENTS of <pkg> into the
  *	pkgdb.byfile.db database file in the current package dbdir.  It
  *	returns the number of files added to the database file.
  */
 static int
 add_pkg(const char *pkgdir, void *vp)
+{
 @@ -511,26 +512,31 @@ main(int argc, char *argv[])
 			add_pkg(*argv, NULL);
 	} else if (strcasecmp(argv[0], "delete") == 0) {
 		argv++;		/* "delete" */
 		while (*argv != NULL) {
 			delete1pkg(*argv);
 			argv++;
+		}
 	} else if (strcasecmp(argv[0], "set") == 0) {
 		argv++;		/* "set" */
 		set_unset_variable(argv, FALSE);
 	} else if (strcasecmp(argv[0], "unset") == 0) {
 		argv++;		/* "unset" */
 		set_unset_variable(argv, TRUE);
 	} else if (strcasecmp(argv[0], "config-var") == 0) {
 		argv++;
 		if (argv == NULL || argv[1] != NULL)
 			errx(EXIT_FAILURE, "config-var takes exactly one argument");
 		pkg_install_show_variable(argv[0]);
+	}
 #ifndef BOOTSTRAP
 	else if (strcasecmp(argv[0], "fetch-pkg-vulnerabilities") == 0) {
 		fetch_pkg_vulnerabilities(--argc, ++argv);
 	} else if (strcasecmp(argv[0], "check-pkg-vulnerabilities") == 0) {
 		check_pkg_vulnerabilities(--argc, ++argv);
 	} else if (strcasecmp(argv[0], "audit") == 0) {
 		audit_pkgdb(--argc, ++argv);
 	} else if (strcasecmp(argv[0], "audit-pkg") == 0) {
 		audit_pkg(--argc, ++argv);
 	} else if (strcasecmp(argv[0], "audit-batch") == 0) {
 		audit_batch(--argc, ++argv);
+	}

 @@ -1,14 +1,14 @@
-.\"	$NetBSD: pkg_admin.1,v 1.16 2008/03/13 16:35:30 joerg Exp $
+.\"	$NetBSD: pkg_admin.1,v 1.17 2008/04/07 13:07:14 joerg Exp $
 .\"
 .\" Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
 .\" All rights reserved.
 .\"
 .\" This code is derived from software contributed to The NetBSD Foundation
 .\" by Hubert Feyrer <hubert@feyrer.de>.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
 .\" 1. Redistributions of source code must retain the above copyright
 .\"    notice, this list of conditions and the following disclaimer.
 .\" 2. Redistributions in binary form must reproduce the above copyright
 @@ -154,26 +154,30 @@ The packages'
 .Pa +CONTENTS
 files will be parsed and the
 checksum will be checked for every file found.
 A warning message is printed if the expected checksum differs from the
 checksum of the file on disk.
 Symbolic links are also checked, ensuring that the targets on disk are
 the same as the contents recorded at package installation time.
 .It Cm check-pkg-vulnerabilities Oo Fl s Oc Ar file
 Check format and hashes in the pkg-vulnerabilties file
 .Ar file .
 If
 .Fl s
 is given, also check the embedded signature.
 .It Cm config-var Ar variable
 Print the current value of
 .Ar variable
 as used after parsing the configuration file.
 .It Cm delete Ar pkg ...
 For each listed package, remove all file entries in the package database that
 belong to the package.
 This should be used only by
 .Xr pkg_view 1 .
 .It Cm dump
 Dump the contents of the package database, similar to
 .Cm pkg_info -F .
 Columns are printed for the keyfield used in the pkgdb - the filename -,
 and the data field - the package the file belongs to.
 .It Cm fetch-pkg-vulnerabilities Op Fl s
 Fetch a new pkg-vulnerabilities file, check the format and if
 .Fl s

 @@ -80,26 +80,30 @@ OOPPTTIIOONNSS
              can be used here, see pkg_info(1)).
              The packages' _+_C_O_N_T_E_N_T_S files will be parsed and the checksum
              will be checked for every file found.  A warning message is
              printed if the expected checksum differs from the checksum of the
              file on disk.  Symbolic links are also checked, ensuring that the
              targets on disk are the same as the contents recorded at package
              installation time.
      cchheecckk--ppkkgg--vvuullnneerraabbiilliittiieess [--ss] _f_i_l_e
              Check format and hashes in the pkg-vulnerabilties file _f_i_l_e.  If
              --ss is given, also check the embedded signature.
      ccoonnffiigg--vvaarr _v_a_r_i_a_b_l_e
              Print the current value of _v_a_r_i_a_b_l_e as used after parsing the
              configuration file.
      ddeelleettee _p_k_g _._._.
              For each listed package, remove all file entries in the package
              database that belong to the package.  This should be used only by
              pkg_view(1).
      dduummpp    Dump the contents of the package database, similar to ppkkgg__iinnffoo
              --FF.  Columns are printed for the keyfield used in the pkgdb - the
              filename -, and the data field - the package the file belongs to.
      ffeettcchh--ppkkgg--vvuullnneerraabbiilliittiieess [--ss]
              Fetch a new pkg-vulnerabilities file, check the format and if --ss
              is given the signature.  If all checks are passed, write it to
              pkgdb.

 @@ -1,14 +1,14 @@
-/*	$NetBSD: version.h,v 1.98 2008/04/04 15:21:32 joerg Exp $	*/
+/*	$NetBSD: version.h,v 1.99 2008/04/07 13:07:14 joerg Exp $	*/
 /*
  * Copyright (c) 2001 Thomas Klausner.  All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. All advertising materials mentioning features or use of this software
 @@ -23,16 +23,16 @@
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef _INST_LIB_VERSION_H_
 #define _INST_LIB_VERSION_H_
-#define PKGTOOLS_VERSION "20080402"
+#define PKGTOOLS_VERSION "20080407"
 #endif /* _INST_LIB_VERSION_H_ */