created pacman - an Ubuntu/Debian package manager
[strongswan.git] / src / libimcv / plugins / imv_os / pacman.c
1 /*
2 * Copyright (C) 2012 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #define _GNU_SOURCE
17 #include <getopt.h>
18 #include <unistd.h>
19 #include <stdio.h>
20 #include <string.h>
21 #include <errno.h>
22 #include <syslog.h>
23
24 #include <library.h>
25 #include <utils/debug.h>
26
27 /**
28 * global debug output variables
29 */
30 static int debug_level = 1;
31 static bool stderr_quiet = TRUE;
32
33 /**
34 * pacman dbg function
35 */
36 static void pacman_dbg(debug_t group, level_t level, char *fmt, ...)
37 {
38 int priority = LOG_INFO;
39 char buffer[8192];
40 char *current = buffer, *next;
41 va_list args;
42
43 if (level <= debug_level)
44 {
45 if (!stderr_quiet)
46 {
47 va_start(args, fmt);
48 vfprintf(stderr, fmt, args);
49 fprintf(stderr, "\n");
50 va_end(args);
51 }
52
53 /* write in memory buffer first */
54 va_start(args, fmt);
55 vsnprintf(buffer, sizeof(buffer), fmt, args);
56 va_end(args);
57
58 /* do a syslog with every line */
59 while (current)
60 {
61 next = strchr(current, '\n');
62 if (next)
63 {
64 *(next++) = '\0';
65 }
66 syslog(priority, "%s\n", current);
67 current = next;
68 }
69 }
70 }
71
72 /**
73 * atexit handler to close everything on shutdown
74 */
75 static void cleanup(void)
76 {
77 closelog();
78 library_deinit();
79 }
80
81 static void usage(void)
82 {
83 printf("Usage:\n"
84 "ipsec pacman --file <filename> --package <name>\n");
85 }
86
87 /**
88 * Process a package file and store updates in the database
89 */
90 static void process_packages(char *filename, char *product)
91 {
92 char *uri, line[1024], *pos;
93 int count = 0, errored = 0, vulnerable = 0;
94 int new_packages = 0, new_versions = 0, updates = 0, reverted = 0;
95 u_int32_t pid = 0;
96 enumerator_t *e;
97 database_t *db;
98 FILE *file;
99
100 /* opening package file */
101 printf("loading\"%s\"\n", filename);
102 file = fopen(filename, "r");
103 if (!file)
104 {
105 fprintf(stderr, "could not open \"%s\"", filename);
106 exit(EXIT_FAILURE);
107 }
108
109 /* connect package database */
110 uri = lib->settings->get_str(lib->settings, "pacman.database", NULL);
111 if (!uri)
112 {
113 fprintf(stderr, "database URI pacman.database not set\n");
114 fclose(file);
115 exit(EXIT_FAILURE);
116 }
117 db = lib->db->create(lib->db, uri);
118 if (!db)
119 {
120 fprintf(stderr, "could not connect to database '%s'\n", uri);
121 fclose(file);
122 exit(EXIT_FAILURE);
123 }
124
125 /* check if product is already in database */
126 e = db->query(db, "SELECT id FROM products WHERE name = ?",
127 DB_TEXT, product, DB_INT);
128 if (e)
129 {
130 if (!e->enumerate(e, &pid))
131 {
132 pid = 0;
133 }
134 e->destroy(e);
135 }
136 if (!pid)
137 {
138 if (db->execute(db, &pid, "INSERT INTO products (name) VALUES (?)",
139 DB_TEXT, product) != 1)
140 {
141 fprintf(stderr, "could not store product '%s' to database\n",
142 product);
143 fclose(file);
144 db->destroy(db);
145 exit(EXIT_FAILURE);
146 }
147 }
148
149 while (fgets(line, sizeof(line), file))
150 {
151 char *package, *version;
152 bool security;
153 int current_security;
154 u_int32_t gid = 0, vid = 0;
155
156 count++;
157 if (count == 1 || count == 3)
158 {
159 printf("%s", line);
160 }
161 if (count < 7)
162 {
163 continue;
164 }
165
166 /* look for the package name */
167 pos = strchr(line, ' ');
168 if (!pos)
169 {
170 fprintf(stderr, "could not extract package name from '%.*s'",
171 strlen(line)-1, line);
172 errored++;
173 continue;
174 }
175 *pos++ = '\0';
176 package = line;
177 version = "";
178
179 /* check if package is already in database */
180 e = db->query(db, "SELECT id FROM packages WHERE name = ?",
181 DB_TEXT, package, DB_INT);
182 if (e)
183 {
184 if (!e->enumerate(e, &gid))
185 {
186 gid = 0;
187 }
188 e->destroy(e);
189 }
190 if (!gid)
191 {
192 if (db->execute(db, &gid, "INSERT INTO packages (name) VALUES (?)",
193 DB_TEXT, package) != 1)
194 {
195 fprintf(stderr, "could not store package '%s' to database\n",
196 package);
197 fclose(file);
198 db->destroy(db);
199 exit(EXIT_FAILURE);
200 }
201 new_packages++;
202 }
203
204 /* look for version string in parentheses */
205 if (*pos == '(')
206 {
207 version = ++pos;
208 pos = strchr(pos, ')');
209 if (pos)
210 {
211 *pos++ = '\0';
212 }
213 else
214 {
215 fprintf(stderr, "could not extract package version from '%.*s'",
216 strlen(line)-1, line);
217 errored++;
218 continue;
219 }
220 }
221 security = (strstr(pos, "[security]") != NULL);
222 if (security)
223 {
224 vulnerable++;
225 }
226
227 /* check if version is already in database */
228 e = db->query(db, "SELECT id, security FROM versions "
229 "WHERE release = ? AND package = ? AND product = ?",
230 DB_TEXT, version, DB_INT, pid, DB_INT, gid,
231 DB_INT, DB_INT);
232 if (e)
233 {
234 if (!e->enumerate(e, &vid, &current_security))
235 {
236 vid = 0;
237 }
238 e->destroy(e);
239 }
240 if (!vid)
241 {
242 if (db->execute(db, &gid,
243 "INSERT INTO versions (package, product, release, security) "
244 "VALUES (?, ?, ?, ?)", DB_INT, gid, DB_INT, pid,
245 DB_TEXT, version, DB_INT, security) != 1)
246 {
247 fprintf(stderr, "could not store version '%s' to database\n",
248 version);
249 fclose(file);
250 db->destroy(db);
251 exit(EXIT_FAILURE);
252 }
253 new_versions++;
254 }
255 else if (current_security != security)
256 {
257 printf("'%s' (%s) %s\n", package, version, security ? "[s]" : "");
258
259 if (security)
260 {
261 if (db->execute(db, NULL,
262 "UPDATE versions SET security = ? WHERE vid = ?",
263 DB_INT, security, DB_INT, vid) < 0)
264 {
265 fprintf(stderr, "could not store update security field\n");
266 fclose(file);
267 db->destroy(db);
268 exit(EXIT_FAILURE);
269 }
270 updates++;
271 }
272 else
273 {
274 reverted++;
275 }
276 }
277 }
278
279 fclose(file);
280 db->destroy(db);
281 printf("processed %d packages, %d vulnerable, %d errored, "
282 "%d new packages, %d new versions, %d updates, %d reverted\n",
283 count - 6, vulnerable, errored, new_packages, new_versions,
284 updates, reverted);
285 }
286
287 static void do_args(int argc, char *argv[])
288 {
289 char *filename = NULL, *product = NULL;
290
291 /* reinit getopt state */
292 optind = 0;
293
294 while (TRUE)
295 {
296 int c;
297
298 struct option long_opts[] = {
299 { "help", no_argument, NULL, 'h' },
300 { "file", required_argument, NULL, 'f' },
301 { "product", required_argument, NULL, 'p' },
302 { 0,0,0,0 }
303 };
304
305 c = getopt_long(argc, argv, "", long_opts, NULL);
306 switch (c)
307 {
308 case EOF:
309 break;
310 case 'h':
311 usage();
312 exit(EXIT_SUCCESS);
313 case 'f':
314 filename = optarg;
315 continue;
316 case 'p':
317 product = optarg;
318 continue;
319 }
320 break;
321 }
322
323 if (filename && product)
324 {
325 process_packages(filename, product);
326 }
327 else
328 {
329 usage();
330 exit(EXIT_FAILURE);
331 }
332 }
333
334 int main(int argc, char *argv[])
335 {
336 /* enable attest debugging hook */
337 dbg = pacman_dbg;
338 openlog("pacman", 0, LOG_DEBUG);
339
340 atexit(cleanup);
341
342 /* initialize library */
343 if (!library_init(NULL))
344 {
345 exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
346 }
347 if (!lib->plugins->load(lib->plugins, NULL,
348 lib->settings->get_str(lib->settings, "attest.load", "sqlite")))
349 {
350 exit(SS_RC_INITIALIZATION_FAILED);
351 }
352 do_args(argc, argv);
353
354 exit(EXIT_SUCCESS);
355 }
356