Sat Apr 10 21:44:45 2010 UTC ()
Get rid of support for vulnerable/ directory.


(wiz)
diff -r1.14 -r1.15 pkgsrc/mk/bulk/sort-packages
diff -r1.47 -r1.48 pkgsrc/mk/bulk/upload
cvs diff -r1.14 -r1.15 pkgsrc/mk/bulk/Attic/sort-packages (expand / switch to context diff)
--- pkgsrc/mk/bulk/Attic/sort-packages 2010/03/21 15:31:41 1.14
+++ pkgsrc/mk/bulk/Attic/sort-packages 2010/04/10 21:44:44 1.15
@@ -1,16 +1,13 @@
 #! /bin/sh
-# $NetBSD: sort-packages,v 1.14 2010/03/21 15:31:41 wiz Exp $
+# $NetBSD: sort-packages,v 1.15 2010/04/10 21:44:44 wiz Exp $
 
 # This program scans all binary packages in the current directory and
-# creates three lists of files in OUTDIR:
+# creates two lists of files in OUTDIR:
 #
 # restricted_packages
 #	contains all packages that must not be published on the FTP
 #	server, for whatever reason
 #
-# vulnerable_packages
-#	contains all packages that are not restricted, but vulnerable
-#
 # regular_packages
 #	contains all the other ("good") packages.
 #
@@ -19,19 +16,16 @@
 
 : ${OUTDIR="/tmp"}
 : ${PKG_SUFX=".tgz"}
-: ${AUDIT_PACKAGES="audit-packages"}
 : ${PKG_ADMIN="pkg_admin"}
 : ${PKG_INFO="pkg_info"}
 
 regular_packages="${OUTDIR}/regular_packages"
 restricted_packages="${OUTDIR}/restricted_packages"
-vulnerable_packages="${OUTDIR}/vulnerable_packages"
 newline="
 "
 
 : > "${regular_packages}"
 : > "${restricted_packages}"
-: > "${vulnerable_packages}"
 
 for pkg in *${PKG_SUFX}; do
 	build_info=`${PKG_INFO} -B "${pkg}"`
@@ -64,16 +58,7 @@
 		;;
 	esac
 
-	if [ "${restricted}" = "no" ] && [ "${no_bin_on_ftp}" = "no" ]; then
-		# Check whether the package is vulnerable or not.
-		pkg_prefix="${pkg%%-*}"
-		category="regular"
-		_INFO_VER=`${PKG_INFO} -V`;
-		vuln=`${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -p "${pkg}"`
-		if [ -n "${vuln}" ]; then
-			category="vulnerable"
-		fi
-	elif [ "${restricted}" != "unknown" ] && [ "${no_bin_on_ftp}" != "unknown" ]; then
+	if [ "${restricted}" != "unknown" ] && [ "${no_bin_on_ftp}" != "unknown" ]; then
 		category="restricted"
 	else
 		category="unknown"
@@ -84,9 +69,6 @@
 	case "${category}" in
 	"regular")
 		echo "${pkg}" >> "${regular_packages}"
-		;;
-	"vulnerable")
-		echo "${pkg}" >> "${vulnerable_packages}"
 		;;
 	"restricted")
 		echo "${pkg}" >> "${restricted_packages}"
cvs diff -r1.47 -r1.48 pkgsrc/mk/bulk/Attic/upload (expand / switch to context diff)
--- pkgsrc/mk/bulk/Attic/upload 2010/03/21 15:31:42 1.47
+++ pkgsrc/mk/bulk/Attic/upload 2010/04/10 21:44:44 1.48
@@ -1,5 +1,5 @@
 #!/bin/sh
-# $NetBSD: upload,v 1.47 2010/03/21 15:31:42 wiz Exp $
+# $NetBSD: upload,v 1.48 2010/04/10 21:44:44 wiz Exp $
 
 #
 # Upload non-restricted binary pkgs to ftp server
@@ -218,14 +218,12 @@
         exit 1
 }
 
-vulnerable_packages="$TMP/vulnerable_packages"
 restricted_packages="$TMP/restricted_packages"
 old_packages="$TMP/old_packages"
 good_packages="$TMP/regular_packages"
 all_good_packages="$TMP/all_regular_packages"
 
 upload_general="$TMP"/upload_general
-upload_vulnerable="$TMP"/upload_vulnerable
 
 # May be different than $USR_PKGSRC:
 echo "upload> Running ${BMAKE} to get the pkgsrc variables"
@@ -241,19 +239,6 @@
 	install_required $pkg
 done
 
-echo "upload> Making sure vulnerability-list is up-to-date:"
-if [ -z "$UPDATE_VULNERABILITY_LIST" -o "$UPDATE_VULNERABILITY_LIST" = "yes" ]
-then
-	_PKGVULNDIR=`audit-packages ${AUDIT_PACKAGES_FLAGS} -Q PKGVULNDIR`
-	download-vulnerability-list ${DOWNLOAD_VULNERABILITY_LIST_FLAGS}
-	if [ "x${_PKGVULNDIR}" != "x${distdir}" ]; then
-		cp ${_PKGVULNDIR}/pkg-vulnerabilities ${distdir}
-	fi
-	echo "        done."
-else
-	echo "        (skipped)"
-fi
-
 case $LINTPKGSRC_CACHE in
 yes|YES)
 	lintpkgsrc_cache="-I `cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=LINTPKGSRC_DB`"
@@ -273,10 +258,8 @@
 failed=no
 cd $packages
 
-echo "upload> Checking for restricted and vulnerable packages"
-(cd All && env PKG_INFO="${pkg_info}" OUTDIR="${TMP}" PKGVULNDIR="${distdir}" \
-               AUDIT_PACKAGES_FLAGS="${AUDIT_PACKAGES_FLAGS}" \
-	       DOWNLOAD_VULNERABILITY_LIST_FLAGS="${DOWNLOAD_VULNERABILITY_LIST_FLAGS}" \
+echo "upload> Checking for restricted packages"
+(cd All && env PKG_INFO="${pkg_info}" OUTDIR="${TMP}" \
 	       ${shell} "${pkgsrcdir}/mk/bulk/sort-packages")
 
 # Add the name of the package file, including all its symlinks to the
@@ -308,7 +291,7 @@
 	[ -z "${CKSUM}" ] && CKSUM="echo"
 	[ -z "${SYSVSUM}" ] && SYSVSUM="echo"
 
-	for pkg in `cat "${good_packages}" "${vulnerable_packages}"`; do
+	for pkg in `cat "${good_packages}"`; do
 		pkg="All/$pkg"
 		${BSDSUM}	"$pkg" >> BSDSUM
 		${CKSUM}	"$pkg" >> CKSUM
@@ -350,35 +333,15 @@
 chmod +x "$upload_general"
 
 if [ "$do_upload" = "yes" ]; then
-	echo "upload> Uploading non-vulnerable packages"
+	echo "upload> Uploading packages"
 	${shell} "$upload_general" \
 	|| {
 		echo "upload> ERROR: rsync failed.  To retry later, you can run $upload_general" 1>&2
 		failed=yes
 	}
 else
-	echo "upload> Skipping upload of non-vulnerable packages."
+	echo "upload> Skipping upload of packages."
 	echo "        Run \"$upload_general\" to upload them later."
-fi
-
-cat <<EOF > "$upload_vulnerable"
-#! /bin/sh
-set -e
-cd "$packages/All"
-rsync $RSFLAGS --files-from="${vulnerable_packages}" --exclude-from="${old_packages}" . "$RSYNC_DST/All/"
-EOF
-chmod +x "$upload_vulnerable"
-
-if [ "$do_upload" = "yes" ]; then
-	echo "upload> Uploading vulnerable packages"
-	${shell} "$upload_vulnerable" \
-	|| {
-		echo "upload> ERROR: rsync failed.  To retry later, you can run $upload_vulnerable" 1>&2
-		failed=yes
-	}
-else
-	echo "upload> Skipping upload of vulnerable packages."
-	echo "        Run \"$upload_vulnerable\" to upload them later."
 fi
 
 # clean up temp files