Contents of /bin/checklist

#!/usr/bin/perl
# Must run on a machine with madison.
use URI::Escape;

my $html=0;
if ($ARGV[0] eq 'html') {
        shift;
        $html=1;
}

if (! @ARGV) {
        die "usage: $0 [html] list\n";
}


my %data;
my $unprop = my $unfixed = my $todos = 0;

sub record {
        my ($package, $condition, $item)=@_;
                
        if ($html) {
                $condition=~s{bug #(\d+)}{<a href="http://bugs.debian.org/$1">bug #$1</a>}g;
                $condition=~s{unfixed}{<b>unfixed</b>}g;
                $item=~s#((?:CAN|CVE)-\d+-\d+)#<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=$1">$1</a>#g;
        }

        push @{$data{$package}{$condition}}, $item;
}

foreach my $list (@ARGV) {
        if (-d $list) {
                $list="$list/list";
        }
        
        open (IN, $list) || die "open $list: $!";
        while (<IN>) {
                chomp;
                if (/^\[/) {
                        ($id)=m/((?:DSA|CAN|CVE)-[^\s]+) /;
                }
                elsif (/^((?:DSA|CAN|CVE)-[^\s]+)/) {
                        $id=$1;
                }
                elsif (/^\s+[!-]\s+(\S+)\s+(.*?)\s*$/) {
                        my $package=$1;
                        my $version=$2;
                        
                        my $maddy=`madison -s testing '$package'`;
                        if ($? & 128) {
                                # good old newraff..
                                record($package, "<em>madison segfaulted</em>", $id);
                        }
                        elsif ($? >> 8 != 0 && $? >> 8 != 1) {
                                record($package, "<em>madison exited with ".($? >> 8)."</em>", $id);
                        }
                        if (! length $maddy) {
                                next;
                        }
                        
                        if ($version=~/unfixed/ || $version=~/pending/) {
                                record($package, $version, $id);
                                $unfixed++;
                        }
                        else {
                                my @fields = split(/\s*\|\s*/, $maddy);
                                my $havver=$fields[1];
                                my $cmp=system("dpkg --compare-versions '$havver' '>=' '$version'");
                                if ($cmp != 0) {
                                        if ($html) {
                                                $havver='<a href="http://bjorn.haxx.se/debian/testing.pl?package='.uri_escape($package).'">'.$havver.'</a>';
                                        }
                                        record($package, "$version needed, have $havver", $id);
                                        $unprop++;
                                }
                        }
                }
                elsif (/\s+TODO/) {
                        $todos++;
                }
        }
}


if ($html) {
        print "<html><title>testing security issues</title>\n";
        print "<ul>\n";
}

foreach my $package (sort keys %data) {
        foreach my $condition (sort keys %{$data{$package}}) {
                print "<li>" if $html;
                print "$package $condition for ";
                my $items=0;
                foreach my $item (sort @{$data{$package}{$condition}}) {
                        print ", " if $items > 0;
                        print $item;
                        $items++;
                }
                print "\n";
        }
}

if ($html) {
        print "</ul>\n";
        print "<hr>\n";
        print "Total holes unfixed: $unfixed<br>\n";
        print "Total holes fixed in unstable but not testing: $unprop<br>\n";
        print "Number of TODO lines in <a href=\"http://svn.debian.org/wsvn/secure-testing/sarge-checks/?rev=0&sc=0\">records</a>: $todos<br>\n";
        print "Maintained by the <a href=\"http://secure-testing.alioth.debian.org/\">testing security team</a><br>\n";
        print "Last update: ".`date`."<br>\n";
        print "</html>\n";
}
1	joeyh	2	#!/usr/bin/perl
2			# Must run on a machine with madison.
3	joeyh	256	use URI::Escape;
4	joeyh	2
5	joeyh	230	my $html=0;
6			if ($ARGV[0] eq 'html') {
7			shift;
8			$html=1;
9			}
10
11	joeyh	31	if (! @ARGV) {
12	joeyh	230	die "usage: $0 [html] list\n";
13	joeyh	2	}
14
15	joeyh	230
16	joeyh	307	my %data;
17	joeyh	309	my $unprop = my $unfixed = my $todos = 0;
18	joeyh	307
19			sub record {
20			my ($package, $condition, $item)=@_;
21
22	joeyh	231	if ($html) {
23	joeyh	307	$condition=~s{bug #(\d+)}{<a href="http://bugs.debian.org/$1">bug #$1</a>}g;
24	joeyh	311	$condition=~s{unfixed}{<b>unfixed</b>}g;
25	joeyh	307	$item=~s#((?:CAN\|CVE)-\d+-\d+)#<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=$1">$1</a>#g;
26	joeyh	231	}
27	joeyh	307
28			push @{$data{$package}{$condition}}, $item;
29	joeyh	230	}
30
31	joeyh	31	foreach my $list (@ARGV) {
32			if (-d $list) {
33			$list="$list/list";
34	joeyh	2	}
35	joeyh	31
36			open (IN, $list) \|\| die "open $list: $!";
37			while (<IN>) {
38			chomp;
39			if (/^\[/) {
40	joeyh	242	($id)=m/((?:DSA\|CAN\|CVE)-[^\s]+) /;
41	joeyh	2	}
42	joeyh	242	elsif (/^((?:DSA\|CAN\|CVE)-[^\s]+)/) {
43			$id=$1;
44	joeyh	31	}
45	joeyh	643	elsif (/^\s+[!-]\s+(\S+)\s+(.?)\s$/) {
46	joeyh	31	my $package=$1;
47			my $version=$2;
48	joeyh	241
49			my $maddy=`madison -s testing '$package'`;
50	joeyh	564	if ($? & 128) {
51			# good old newraff..
52	joeyh	627	record($package, "<em>madison segfaulted</em>", $id);
53	joeyh	564	}
54			elsif ($? >> 8 != 0 && $? >> 8 != 1) {
55	joeyh	627	record($package, "<em>madison exited with ".($? >> 8)."</em>", $id);
56	joeyh	564	}
57	joeyh	307	if (! length $maddy) {
58			next;
59			}
60	joeyh	241
61	joeyh	586	if ($version=~/unfixed/ \|\| $version=~/pending/) {
62	joeyh	307	record($package, $version, $id);
63	joeyh	257	$unfixed++;
64	joeyh	2	}
65	joeyh	241	else {
66	joeyh	31	my @fields = split(/\s\\|\s/, $maddy);
67	joeyh	230	my $havver=$fields[1];
68			my $cmp=system("dpkg --compare-versions '$havver' '>=' '$version'");
69	joeyh	31	if ($cmp != 0) {
70	joeyh	230	if ($html) {
71	joeyh	256	$havver='<a href="http://bjorn.haxx.se/debian/testing.pl?package='.uri_escape($package).'">'.$havver.'</a>';
72	joeyh	230	}
73	joeyh	307	record($package, "$version needed, have $havver", $id);
74	joeyh	257	$unprop++;
75	joeyh	31	}
76			}
77	joeyh	2	}
78	joeyh	309	elsif (/\s+TODO/) {
79			$todos++;
80			}
81	joeyh	2	}
82			}
83	joeyh	230
84	joeyh	307
85	joeyh	230	if ($html) {
86	joeyh	307	print "<html><title>testing security issues</title>\n";
87			print "<ul>\n";
88			}
89
90			foreach my $package (sort keys %data) {
91			foreach my $condition (sort keys %{$data{$package}}) {
92			print "<li>" if $html;
93			print "$package $condition for ";
94			my $items=0;
95			foreach my $item (sort @{$data{$package}{$condition}}) {
96			print ", " if $items > 0;
97			print $item;
98			$items++;
99			}
100			print "\n";
101			}
102			}
103
104			if ($html) {
105	joeyh	230	print "</ul>\n";
106	joeyh	233	print "<hr>\n";
107	joeyh	307	print "Total holes unfixed: $unfixed<br>\n";
108			print "Total holes fixed in unstable but not testing: $unprop<br>\n";
109	joeyh	309	print "Number of TODO lines in <a href=\"http://svn.debian.org/wsvn/secure-testing/sarge-checks/?rev=0&sc=0\">records</a>: $todos<br>\n";
110	joeyh	382	print "Maintained by the <a href=\"http://secure-testing.alioth.debian.org/\">testing security team</a><br>\n";
111	joeyh	244	print "Last update: ".`date`."<br>\n";
112			print "</html>\n";
113	joeyh	230	}