def CreateDEB(self, bundle_id, recorded_version): """ Creates a DEB from information stored in the "temp" folder. String bundle_id: The bundle id of the package to compress. """ # TODO: Find a Python-based method to safely delete all DS_Store files. call(["find", ".", "-name", ".DS_Store", "-delete"], cwd=self.root + "temp/" + bundle_id) # Remove .DS_Store. Kinda finicky. for file_name in os.listdir(self.root + "temp/" + bundle_id): if file_name.endswith(".deb"): # Check if the DEB is a newer version deb = Dpkg(self.root + "temp/" + bundle_id + "/" + file_name) if Dpkg.compare_versions(recorded_version, deb.version) == -1: # Update package stuff package_name = PackageLister.BundleIdToDirName( self, bundle_id) with open( self.root + "Packages/" + package_name + "/silica_data/index.json", "r") as content_file: update_json = json.load(content_file) update_json['version'] = deb.version changelog_entry = input( "The DEB provided for \"" + update_json['name'] + "\" has a new version available (" + recorded_version + " -> " + deb.version + "). What changed in this version?\n(Add multiple lines" + " by using a newline character [\\n] and use valid Markdown syntax.): " ) try: update_json['changelog'].append({ "version": deb.version, "changes": changelog_entry }) except Exception: update_json['changelog'] = { "version": deb.version, "changes": changelog_entry } return_str = json.dumps(update_json) print("Updating package index.json...") PackageLister.CreateFile( self, "Packages/" + package_name + "/silica_data/index.json", return_str) pass DpkgPy.extract( self, self.root + "temp/" + bundle_id + "/" + file_name, self.root + "temp/" + bundle_id) os.remove(self.root + "temp/" + bundle_id + "/" + file_name) os.remove(self.root + "temp/" + bundle_id + "/control") else: # TODO: Update DpkgPy to generate DEB files without dependencies (for improved win32 support) call(["dpkg-deb", "-b", "-Zgzip", self.root + "temp/" + bundle_id], cwd=self.root + "temp/") # Compile DEB
def compareVersions(vulnPackages, vulnFixedVersion): fixedVer = vulnFixedVersion for ver in vulnPackages: #print("ver : ", ver) currVer = vulnPackages[ver] #print("currVer : ", currVer) #print("fixedVer : ", fixedVer) compareResult = Dpkg.compare_versions(currVer, fixedVer) if compareResult == 0: printOutput.append( '\nThe package version in the product is the same as the Fixed Version ==> CONGRATULATIONS the product is NOT vulnerable.' ) elif compareResult == 1: printOutput.append( '\nThe package version in the product is higher than the Fixed Version ==> CONGRATULATIONS the product is NOT vulnerable.' ) elif compareResult == -1: printOutput.append( '\nThe package version in the product is LOWER than the Fixed Version ==> The product is VULNERABLE!' ) return compareResult
def CreateDEB(self, bundle_id, recorded_version): """ Creates a DEB from information stored in the "temp" folder. String bundle_id: The bundle id of the package to compress. String recorded_version: Object tweak_release: A "tweak release" object. """ # TODO: Find a Python-based method to safely delete all DS_Store files. call(["find", ".", "-name", ".DS_Store", "-delete"], cwd=self.root + "temp/" + bundle_id) # Remove .DS_Store. Kinda finicky. for file_name in os.listdir(self.root + "temp/" + bundle_id): if file_name.endswith(".deb"): # Check if the DEB is a newer version deb = Dpkg(self.root + "temp/" + bundle_id + "/" + file_name) if Dpkg.compare_versions(recorded_version, deb.version) == -1: # Update package stuff package_name = PackageLister.BundleIdToDirName(self, bundle_id) with open(self.root + "Packages/" + package_name + "/silica_data/index.json", "r") as content_file: update_json = json.load(content_file) update_json['version'] = deb.version changelog_entry = input("The DEB provided for \"" + update_json['name'] + "\" has a new version available (" + recorded_version + " -> " + deb.version + "). What changed in this version?\n(Add multiple lines" + " by using newline characters [\\n\\n] and use valid Markdown syntax): " ) try: update_json['changelog'].append( { "version": deb.version, "changes": changelog_entry } ) except Exception: # Make it a list! update_json['changelog'] = [] update_json['changelog'].append( { "version": deb.version, "changes": changelog_entry } ) # A small note: We already created the variables that contain the changelogs and, to # make matters worse, all the web assets. The only way to mitigate this is to re-create the # tweak_release variable again, which wrecks a lot of things (ie runtime). # A Silica rewrite is required to properly fix this bug. print("\nA small warning about adding changelogs mid-run:\n") print("Due to some less-than-ideal design decisions with Silica, for the changelog to show") print("up, you're going to have to run Silica again. Yes, I know this is annoying, and a proper") print("solution is in the works, but the under-the-hood changes that'll be needed to fix") print("it properly would require a rewrite [see issue #22].\n") print("I'm deeply sorry about this.\n - Shuga.\n") # Get human-readable folder name folder = PackageLister.BundleIdToDirName(self, bundle_id) deb_path = self.root + "Packages/" + folder + "/" + file_name # Extract Control file and scripts from DEB DpkgPy.control_extract(self, deb_path, self.root + "Packages/" + folder + "/silica_data/scripts/") # Remove the Control; it's not needed. os.remove(self.root + "Packages/" + folder + "/silica_data/scripts/Control") if not os.listdir(self.root + "Packages/" + folder + "/silica_data/scripts/"): os.rmdir(self.root + "Packages/" + folder + "/silica_data/scripts/") return_str = json.dumps(update_json) print("Updating package index.json...") PackageLister.CreateFile(self, "Packages/" + package_name + "/silica_data/index.json", return_str) pass DpkgPy.extract(self, self.root + "temp/" + bundle_id + "/" + file_name, self.root + "temp/" + bundle_id) try: os.remove(self.root + "temp/" + bundle_id + "/" + file_name) except: pass try: os.remove(self.root + "temp/" + bundle_id + "/control") except: pass else: # TODO: Update DpkgPy to generate DEB files without dependencies (for improved win32 support) # If the version is consistent, then assume the package is unchanged. Don't regenerate it. try: # Check for a DEB that already exists. docs_deb = Dpkg(self.root + "docs/pkg/" + bundle_id + ".deb") if docs_deb.version == recorded_version: shutil.copy(self.root + "docs/pkg/" + bundle_id + ".deb", self.root + "temp/" + bundle_id + ".deb") call_result = 0; else: # Sneaky swap. call_result = call(["dpkg-deb", "-b", "-Zgzip", self.root + "temp/" + bundle_id], cwd=self.root + "temp/") # Compile DEB except: # Create the DEB again. call_result = call(["dpkg-deb", "-b", "-Zgzip", self.root + "temp/" + bundle_id], cwd=self.root + "temp/") # Compile DEB if call_result != 0: # Did we run within WSL? if "Microsoft" in platform.release(): PackageLister.ErrorReporter(self, "Platform Error!", "dpkg-deb failed to run. " "This is likely due to improper configuration of WSL. Please check the Silcia README for " "how to set up WSL for dpkg-deb.") else: PackageLister.ErrorReporter(self, "DPKG Error!", "dpkg-deb failed to run. " "This could be due to a faulty system configuration.")
def test_compare_versions(self): # "This [the epoch] is a single (generally small) unsigned integer. # It may be omitted, in which case zero is assumed." self.assertEqual(Dpkg.compare_versions('0.0.0', '0:0.0.0'), 0) self.assertEqual(Dpkg.compare_versions('0:0.0.0-foo', '0.0.0-foo'), 0) self.assertEqual(Dpkg.compare_versions('0.0.0-a', '0:0.0.0-a'), 0) # "The absence of a debian_revision is equivalent to a debian_revision # of 0." self.assertEqual(Dpkg.compare_versions('0.0.0', '0.0.0-0'), 0) # tricksy: self.assertEqual(Dpkg.compare_versions('0.0.0', '0.0.0-00'), 0) # combining the above self.assertEqual(Dpkg.compare_versions('0.0.0-0', '0:0.0.0'), 0) # explicitly equal self.assertEqual(Dpkg.compare_versions('0.0.0', '0.0.0'), 0) self.assertEqual(Dpkg.compare_versions('1:0.0.0', '1:0.0.0'), 0) self.assertEqual(Dpkg.compare_versions('0.0.0-10', '0.0.0-10'), 0) self.assertEqual(Dpkg.compare_versions('2:0.0.0-1', '2:0.0.0-1'), 0) self.assertEqual(Dpkg.compare_versions('0:a.0.0-foo', '0:a.0.0-foo'), 0) # less than self.assertEqual(Dpkg.compare_versions('0.0.0-0', '0:0.0.1'), -1) self.assertEqual(Dpkg.compare_versions('0.0.0-0', '0:0.0.0-a'), -1) self.assertEqual(Dpkg.compare_versions('0.0.0-0', '0:0.0.0-1'), -1) self.assertEqual(Dpkg.compare_versions('0.0.9', '0.0.10'), -1) self.assertEqual(Dpkg.compare_versions('0.9.0', '0.10.0'), -1) self.assertEqual(Dpkg.compare_versions('9.0.0', '10.0.0'), -1) # greater than self.assertEqual(Dpkg.compare_versions('0.0.1-0', '0:0.0.0'), 1) self.assertEqual(Dpkg.compare_versions('0.0.0-a', '0:0.0.0-1'), 1) self.assertEqual(Dpkg.compare_versions('0.0.0-a', '0:0.0.0-0'), 1) self.assertEqual(Dpkg.compare_versions('0.0.9', '0.0.1'), 1) self.assertEqual(Dpkg.compare_versions('0.9.0', '0.1.0'), 1) self.assertEqual(Dpkg.compare_versions('9.0.0', '1.0.0'), 1) # unicode me harder self.assertEqual(Dpkg.compare_versions(u'2:0.0.44-1', u'2:0.0.44-nobin'), -1) self.assertEqual(Dpkg.compare_versions(u'2:0.0.44-nobin', u'2:0.0.44-1'), 1) self.assertEqual(Dpkg.compare_versions(u'2:0.0.44-1', u'2:0.0.44-1'), 0)
def CreateDEB(self, bundle_id, recorded_version): """ Creates a DEB from information stored in the "temp" folder. String bundle_id: The bundle id of the package to compress. String recorded_version: Object tweak_release: A "tweak release" object. """ # TODO: Find a Python-based method to safely delete all DS_Store files. call(["find", ".", "-name", ".DS_Store", "-delete"], cwd=self.root + "temp/" + bundle_id) # Remove .DS_Store. Kinda finicky. for file_name in os.listdir(self.root + "temp/" + bundle_id): if file_name.endswith(".deb"): # Check if the DEB is a newer version deb = Dpkg(self.root + "temp/" + bundle_id + "/" + file_name) if Dpkg.compare_versions(recorded_version, deb.version) == -1: # Update package stuff package_name = PackageLister.BundleIdToDirName(self, bundle_id) with open(self.root + "Packages/" + package_name + "/silica_data/index.json", "r") as content_file: update_json = json.load(content_file) update_json['version'] = deb.version changelog_entry = input("The DEB provided for \"" + update_json['name'] + "\" has a new version available (" + recorded_version + " -> " + deb.version + "). What changed in this version?\n(Add multiple lines" + " by using newline characters [\\n\\n] and use valid Markdown syntax): " ) try: update_json['changelog'].append({ "version": deb.version, "changes": changelog_entry }) except Exception: update_json['changelog'] = { "version": deb.version, "changes": changelog_entry } # Get human-readable folder name folder = PackageLister.BundleIdToDirName(self, bundle_id) deb_path = self.root + "Packages/" + folder + "/" + file_name # Extract Control file and scripts from DEB DpkgPy.control_extract(self, deb_path, self.root + "Packages/" + folder + "/silica_data/scripts/") # Remove the Control; it's not needed. os.remove(self.root + "Packages/" + folder + "/silica_data/scripts/Control") if not os.listdir(self.root + "Packages/" + folder + "/silica_data/scripts/"): os.rmdir(self.root + "Packages/" + folder + "/silica_data/scripts/") return_str = json.dumps(update_json) print("Updating package index.json...") PackageLister.CreateFile(self, "Packages/" + package_name + "/silica_data/index.json", return_str) pass DpkgPy.extract(self, self.root + "temp/" + bundle_id + "/" + file_name, self.root + "temp/" + bundle_id) os.remove(self.root + "temp/" + bundle_id + "/" + file_name) os.remove(self.root + "temp/" + bundle_id + "/control") else: # TODO: Update DpkgPy to generate DEB files without dependencies (for improved win32 support) # If the version is consistent, then assume the package is unchanged. Don't regenerate it. try: docs_deb = Dpkg(self.root + "docs/pkg/" + bundle_id + ".deb") if docs_deb.version == recorded_version: shutil.copy(self.root + "docs/pkg/" + bundle_id + ".deb", self.root + "temp/" + bundle_id + ".deb") call_result = 0; else: # Sneaky swap. call_result = call(["dpkg-deb", "-b", "-Zgzip", self.root + "temp/" + bundle_id], cwd=self.root + "temp/") # Compile DEB except: call_result = call(["dpkg-deb", "-b", "-Zgzip", self.root + "temp/" + bundle_id], cwd=self.root + "temp/") # Compile DEB if call_result != 0: # Did we run within WSL? if "Microsoft" in platform.release(): PackageLister.ErrorReporter(self, "Platform Error!", "dpkg-deb failed to run. " "This is due to improper configuration of WSL. Please check the Silcia README for " "how to set up WSL for dpkg-deb.") else: PackageLister.ErrorReporter(self, "Platform Error!", "dpkg-deb failed to run. " "This may be due to a faulty system configuration.")