This commit is contained in:
emdee 2024-02-14 08:18:37 +00:00
parent 58937cfe7f
commit 5c3a865c7f
29 changed files with 431 additions and 2396 deletions

View File

@ -1,174 +0,0 @@
# ---> Python
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
*.diff
*.good
*.bad
# C extensions
*.so
# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
*.py,cover
.hypothesis/
.pytest_cache/
cover/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
.pybuilder/
target/
# Jupyter Notebook
.ipynb_checkpoints
# IPython
profile_default/
ipython_config.py
# pyenv
# For a library or package, you might want to ignore these files since the code is
# intended to run in multiple environments; otherwise, check them in:
# .python-version
# pipenv
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
# However, in case of collaboration, if having platform-specific dependencies or dependencies
# having no cross-platform support, pipenv may install dependencies that don't work, or not
# install all needed dependencies.
#Pipfile.lock
# poetry
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
# This is especially recommended for binary packages to ensure reproducibility, and is more
# commonly ignored for libraries.
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
#poetry.lock
# pdm
# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
#pdm.lock
# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
# in version control.
# https://pdm.fming.dev/#use-with-ide
.pdm.toml
# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
__pypackages__/
# Celery stuff
celerybeat-schedule
celerybeat.pid
# SageMath parsed files
*.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
.dmypy.json
dmypy.json
# Pyre type checker
.pyre/
# pytype static type analyzer
.pytype/
# Cython debug symbols
cython_debug/
# PyCharm
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
# and can be added to the global gitignore or merged into this file. For a more nuclear
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/
.pylint.err
.pylint.log
.pylint.out
*.dst
*~
.rsync.sh
.rsync.sh

View File

@ -1,50 +0,0 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
PKG=analyze-ssl.pl
GIT_HUB=github.com
GIT_USER=noxxi
GIT_DIR=p5-ssl-tools
URL=raw.githubusercontent.com//master/$PKG.sh
URL=github.com/$GIT_USER/$GIT_DIR/raw/master/$PKG
. $PREFIX/src/var_local_src.bash
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
if [ ! -f $PKG ] ; then
[ -d $PREFIX/net/Http/$GIT_HUB ] || mkdir $PREFIX/net/Http/$GIT_HUB
if [ -e $PREFIX/net/Http/$URL ] ; then
ip route | grep -q ^default || { DEBUG "$0 not connected" ; exit 0 ; }
wget -xc -P $PREFIX/net/Http https://$URL
fi
fi
[ -f $PKG ] || cp -p $PREFIX/net/Http/$URL .
if [ ! -e $PREFIX/bin/$PKG.bash ] ; then
cat > $PREFIX/bin/$PKG.bash << EOF
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
ROLE=text
# https://$GIT_HUB/$GIT_USER/$GIT_DIR/
cd $PREFIX/src/ || exit 1
exec perl $PKG "\$@"
EOF
chmod 755 $PREFIX/bin/$PKG.bash
fi
exit 0
elif [ "$1" = 'test' ] ; then # 3*
$PREFIX/bin/$PKG.bash --help || exit 30
fi

View File

@ -1,28 +0,0 @@
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
[ -n "$KEYS_VAR_LOCAL" ] && PREFIX=$KEYS_VAR_LOCAL
TESTF_ANSIBLE_SRC=/o/data/TestForge/src/ansible
. /var/local/src/var_local_src.bash || exit 2
PKG=ansible-keepass
GIT_HUB=github.com
GIT_USER=Nekmo
GIT_DIR=ansible-keepass
[ -d $TESTF_ANSIBLE_SRC/lib/plugins/vars ] || \
mkdir -p $TESTF_ANSIBLE_SRC/lib/plugins/vars
[ -s $TESTF_ANSIBLE_SRC/lib/plugins/vars/ansible_keepass.py ] || \
wget $BASE_WGET_ARGS \
-O $TESTF_ANSIBLE_SRC/lib/plugins/vars/ansible_keepass.py \
https://raw.githubusercontent.com/$GIT_USER/$GIT_DIR/master/$PKG.py \
exit 0

View File

@ -1,121 +0,0 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
DESC=""
. $PREFIX/bin/usr_local_tput.bash || exit 1
PKG=toxcore
DIR=c-$PKG
GIT_HUB=github.com
GIT_USER=TokTok
GIT_DIR=$DIR
GIT_BRAN=master
VERS=2.18.0
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
WD=$PWD
if [ ! -d "$DIR" ] ; then
if [ ! -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER/$GIT_DIR" ] ; then
[ -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER" ] || \
mkdir "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"
ols_are_we_connected || { DEBUG not connected ; exit 0 ; }
cd "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"
git clone -b $GIT_BRAN --depth=1 https://$GIT_HUB/$GIT_USER/$GIT_DIR || exit 4
git clone --depth=1 https://$GIT_HUB/$GIT_USER/dockerfiles
cd $WD
# wget -xcP ../net/Http/ https://github.com/TokTok/c-toxcore/releases/download/v0.2.18/c-toxcore-0.2.18.tar.gz
fi
cp -rip "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"/$GIT_DIR $DIR
fi
cd "$DIR" || exit 5
[ -f third_party/cmp/Makefile ] || git submodule update --init || exit 6
# ols_apply_testforge_patches
# # [ -f CMakeLists.txt.dst ] || patch -b -z.dst < toxcore.diff || exit 7
[ -f cmake.sh ] || cat > cmake.sh << EOF
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
PREFIX=$PREFIX
ROLE=$ROLE
CORE=$PREFIX/src/c-toxcore
DIR=_build
LIB=\$CORE/\$DIR
cd \$CORE | exit 3
mkdir _build
cd _build
cmake \
-DCMAKE_BUILD_TYPE="Debug" \
-DCMAKE_UNITY_BUILD=ON \
-DMIN_LOGGER_LEVEL=TRACE \
-DMUST_BUILD_TOXAV=ON \
-DNON_HERMETIC_TESTS=ON \
-DSTRICT_ABI=ON \
-DTEST_TIMEOUT_SECONDS=120 \
-DUSE_IPV6=OFF \
-DAUTOTEST=ON \
-DBUILD_MISC_TESTS=ON \
-DBUILD_FUN_UTILS=ON \
-DBOOTSTRAP_DAEMON=ON \
.. > cmake.log 2>&1
#sed -e 's/-DNDEBUG/-g/' -i CMakeCache.txt
make .. > make.log 2>&1
ls \$LIB/*so* || { echo ERROR \$LIB ; exit 2 ; }
EOF
bash cmake.sh || {
retval=$?
ERROR cmake $retval
exit 3$retval
}
cd _build
make >> make.log 2>&1 || {
retval=$?
ERROR cmake $retval
exit 3$retval
}
cp -p other/bootstrap_daemon/tox-bootstrapd $PREFIX/bin
cp -p other/bootstrap_daemon/tox-bootstrapd.sh $PREFIX/etc/init.d/tox-bootstrapd
# ln -s $PREFIX/etc/init.d/tox-bootstrapd /etc/init.d
exit 0
elif [ $1 = 'check' ] ; then # 1*
# ols_test_bins && exit 0 || exit $?
[ ! -d $DIR/_build ] && WARN not built yet $DIR && exit 11
[ -f $DIR/_build/libtoxcore.so.${VERS} ] && WARN not compiled yet $DIR && exit 12
ldd $DIR/_build/libtoxcore.so.${VERS} | grep found && ERROR ldd fails $DIR && exit 13
exit 0
elif [ "$1" = 'test' ] ; then # 3*
cd $PREFIX/src/$DIR/_build || exit 30
ctest || exit 31
elif [ "$1" = 'refresh' ] ; then # 6*
cd $PREFIX/src/$DIR || exit 60
/usr/local/sbin/base_diff_from_dst.bash $ROLE || exit 6$?
elif [ "$1" = 'update' ] ; then # 7*
ols_are_we_connected || exit 0
cd $PREFIX/src/$DIR || exit 70
git pull || exit 7$?
fi

View File

@ -1,131 +0,0 @@
#!/bin/bash
# -*- mode: sh; tab-width: 8; coding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
. /usr/local/src/usr_local_src.bash || exit 2
# [ `id -u` -eq 0 ] && ERROR $prog should not be run as root && exit 2
export LOG_DIR=$PREFIX/var/log/$ROLE
DESC=""
cd /usr/local/src || exit 4
if [ "$#" -eq 0 ] ; then
# /usr/lib/python3.9/site-packages/owtf/scripts/ssl/verify_ssl_cipher_check.sh
[ -f /usr/local/bin/ssl-cipher-check.pl ] || \
wget -cP /usr/local/bin/ http://unspecific.com/ssl/ssl-cipher-check.pl
if [ $USER = root ] ; then
# https://unix.stackexchange.com/questions/271661/disable-gnome-keyring-daemon
command -v keepassxc.bash
EXE=`command -v keepassxc.bash`
[ -z "$EXE" ] && EXE=`command -v keepassxc`
if [ -z "$EXE" ] ; then
export PYTHON_KEYRING_BACKEND=keyring.backends.SecretService.Keyring
ELTS=`ps ax|grep gnome-keyring-daemon|grep -v grep|sed -e 's/^ *//' -e 's/ .*//'`
[ -n "$ELTS" ] && kill $ELTS
if [ -d /etc/pam.d ] ; then
cd /etc/pam.d
grep -l '^[^#].*pam_gnome_keyring.so' * | while read file ; do
[ -f .$file.dst ] || cp -p $file .$file.dst
sed -e 's/.*pam_gnome_keyring.so.*/#&/' -i $file
done
fi
file=/usr/local/share/dbus-1/services/org.freedesktop.secrets.service
if [ ! -f $file ] || ! grep -q $EXE $file ; then
cat > $file <<EOF
[D-BUS Service]
Name=org.freedesktop.secrets
Exec=$EXE
EOF
fi
fi
fi
if [ $USER != root ] ; then
# https://unix.stackexchange.com/questions/271661/disable-gnome-keyring-daemon
[ -d ~/.config/autostart ] || mkdir ~/.config/autostart
cd /etc/xdg/autostart/
for file in * ; do
[ -f ~/.config/autostart/$file ] || {
cat > ~/.config/autostart/$file <<EOF
[Desktop Entry]
Hidden=true
EOF
INFO created ~/.config/autostart/$file - cp /dev/null to reenable
}
done
# https://pypi.org/project/keyring/
A=`python3.bash -c "import keyring.util.platform_; print(keyring.util.platform_.config_root())"` || exit 1$?
[ -f "$A" ] || touch "$A"
# $HOME/.config/python_keyring
[ -s "$A" ] || cat > "$A" <<EOF
[backend]
default-keyring=keyring.backends.SecretService.Keyring
EOF
A=`python3 -c "import keyring.util.platform_; print(keyring.util.platform_.data_root())"`
[ -d "$A" ] || mkdir "$A"
if `which keepassxc` && ps ax | grep -v grep | grep -q keepassxc ; then
python3 -m keyring --list-backends | \
grep -q keyring.backends.SecretService.Keyring || \
WARN NO keyring.backends.SecretService.Keyring
# string "org.freedesktop.secrets"
dbus-send --session --dest=org.freedesktop.DBus \
--type=method_call --print-reply \
/org/freedesktop/DBus org.freedesktop.DBus.ListNames | \
grep -q 'org.freedesktop.secrets' || \
WARN NO org.freedesktop.DBus.ListNames
else
python3 -m keyring --list-backends || \
WARN NO keyring.backends
fi
if `which gajim` || [ -f $PREFIX/bin/gajim ] ; then
[ -f $HOME/.config/gajim/config ] || cat > $HOME/.config/gajim/config <<EOF
proxies.Tor.bosh_wait_for_restart_response = False
proxies.Tor.useauth = False
proxies.Tor.bosh_useproxy = True
proxies.Tor.bosh_http_pipelining = False
proxies.Tor.bosh_content = text/xml; charset=utf-8
proxies.Tor.bosh_uri =
proxies.Tor.bosh_wait = 30
proxies.Tor.host = 127.0.0.1
proxies.Tor.user =
proxies.Tor.pass =
proxies.Tor.bosh_hold = 2
proxies.Tor.type = socks5
proxies.Tor.port = 9050
EOF
fi
fi
exit 0
elif [ "$1" = check ] ; then
[ -f /var/local/src/var_local_src.bash ] || exit 0
. /var/local/src/var_local_src.bash || exit 10
msys_var_local_src_prog_key $1 || exit 10$?
elif [ "$1" = 'lint' ] ; then
[ -f /var/local/src/var_local_src.bash ] || exit 0
. /var/local/src/var_local_src.bash
msys_var_local_src_prog_key $1 || exit 20$?
ols_run_tests_shellcheck $ROLE || exit 21$?
ols_run_tests_pylint || exit 22$?
elif [ "$1" = 'test' ] ; then
msys_var_local_src_prog_key $1 || exit 51$?
fi

View File

@ -1,86 +0,0 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
DESC=""
. $PREFIX/bin/usr_local_tput.bash || exit 1
PKG=negotiator
DIR=negatiator
declare -a FILES
FILES=(
1a/dd/3fcb75aebaa0a28f4f4e4a5773833d5cc7fecd47f2b535fc7e445f289539/negotiator-common-0.12.2.tar.gz
65/e5/bddc148f12aa8e81cfb0fbe504541436d0d38c6cb1546fa4fb5fbefcb5ce/negotiator-host-0.12.2.tar.gz
fe/a1/3d77020b8c5034f7ef65434d0510d1262840550155ce5f433c8189499326/negotiator-guest-0.12.2.tar.gz
)
declare -a GUESTS
GUESTS=(
coloredlogs-15.0.1-py2.py3-none-any.whl
executor-23.2-py2.py3-none-any.whl
fasteners-0.19-py3-none-any.whl
humanfriendly-10.0-py2.py3-none-any.whl
negotiator_common-0.12.2-py3-none-any.whl
negotiator_guest-0.12.2-py3-none-any.whl
property_manager-3.0-py2.py3-none-any.whl
setuptools-69.0.2-py3-none-any.whl
six-1.16.0-py2.py3-none-any.whl
supervisor-4.2.5-py2.py3-none-any.whl
verboselogs-1.7-py2.py3-none-any.whl
)
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
WD=$PWD
if [ ! -d "$DIR" ] ; then
route | grep -q ^def || { DBUG not connected ; exit 0 ; }
wget -xcP $PREFIX/net/Http/ https://pypi.org/project/negotiator-common/
for f in "${FILES[@]}" ; do
wget -xcP $PREFIX/net/Http/ https://files.pythonhosted.org/packages/$f
done
if [ ! -d "$WD/$DIR" ] ; then
[ -d $WD/$DIR ] || mkdir $WD/$DIR
pip3.sh download -d $WD/$DIR \
negotiator-guest supervisor humanfriendly
cd $WD
fi
for f in "${FILES[@]}" ; do
tar xvfkz $PREFIX/net/Http/$f 2>/dev/null
done
fi
for f in "${FILES[@]}" ; do
base=`basename $f .tar.gz`
[ -d base ] && continue
tar xvfkz $PREFIX/net/Http/$f 2>/dev/null
cd $base
pip3.sh install --prefix=/usr/local . >> install.log 2>&1 || \
WARN problems installing $base retval=$retval
cd ..
done
exit 0
elif [ "$1" = 'test' ] ; then # 3*
cd $PREFIX/src/$DIR/_build || exit 30
ctest || exit 31
elif [ "$1" = 'refresh' ] ; then # 6*
cd $PREFIX/src/$DIR || exit 60
/usr/local/sbin/base_diff_from_dst.bash $ROLE || exit 6$?
elif [ "$1" = 'update' ] ; then # 7*
ols_are_we_connected || exit 0
cd $PREFIX/src/$DIR || exit 70
git pull || exit 7$?
fi

View File

@ -1,67 +0,0 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
#See /var/local/src/ZeroNet.bash
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
PYVER=3
P="BASE_PYTHON${PYVER}_MINOR"
[ -z "$PYTHON_MINOR" ] && PYTHON_MINOR="$(eval echo \$$P)"
PYTHON_EXE_MSYS=$PREFIX/bin/python$PYTHON_MINOR.sh
PYTHON_EXE=$PYTHON_EXE_MSYS
PYTHON_PIP_MSYS=$PREFIX/bin/pip$PYTHON_MINOR.sh
MOD="pyassuan"
DIR="${MOD}"
BINS="get-info pinentry"
GIT_HUB=http-git.tremily.us
GIT_DIR=pyassuan
#ols_funtoo_requires
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
if [ ! -d "$DIR" ] ; then
if [ ! -d "$PREFIX/net/Git/$GIT_HUB/$GIT_DIR" ] ; then
[ -d "$PREFIX/net/Git/$GIT_HUB" ] || \
mkdir "$PREFIX/net/Git/$GIT_HUB"
route|grep ^def || { DEBUG not connected ; exit 0 ; }
(cd "$PREFIX/net/Git/$GIT_HUB" && \
git clone --depth=1 "http://http-git.tremily.us/pyassuan.git" ) ||\
exit 2
fi
cp -rip "$PREFIX/net/Git/$GIT_HUB/$GIT_DIR" . || \
exit 3
fi
cd "$DIR" || exit 4
# ols_setup_zip_unsafe 's@^ )@ zip_safe=False)@'
#? [ -e /var/local/src/var_local_local.bash ] && . /var/local/src/var_local_local.bash
[ -d $PREFIX/$LIB/python${PYTHON_MINOR}/site-packages/${DIR}-${VER}-py${PYTHON_MINOR}.egg ] || \
msys_python_setup_install 2>&1 || { ERROR "code $?" ; cat install$PYVER.log ; exit 6 ; }
# msys_python_bins $BINS
"$PYTHON_EXE_MSYS" -c "import $MOD" 2>/dev/null || exit 10
exit 0
elif [ $1 = 'check' ] ; then # 1*
"$PYTHON_EXE_MSYS" -c "import $MOD" 2>/dev/null || exit 20
# ols_test_bins
exit $?
elif [ "$1" = 'test' ] ; then # 3*
cd $WD/$DIR
$PYTHON_EXE_MSYS -m unittest discover >>test.log || exit 31$?
fi

View File

@ -1,113 +0,0 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
. /usr/local/bin/usr_local_tput.bash || exit 2
PREFIX=$PREFIX
ROLE=testforge
# too early
[ -f /usr/local/etc/testforge/testforge.bash ] || exit 0
. /usr/local/etc/testforge/testforge.bash || exit 1
[ -n "$TESTF_VAR_LOCAL" ] && PREFIX=$TESTF_VAR_LOCAL
if uname -a | grep entoo ; then
GENTOO=0
else
GENTOO=1
fi
UBUNTU=$( [ -d /etc/apt ] )
for PYTHON_MINOR in $BASE_PYTHON2_MINOR $BASE_PYTHON3_MINOR ; do
[ -z "$PYTHON_MINOR" ] && continue
# [ "$PYTHON_MINOR" = "$BASE_PYTHON2_MINOR" ] && PYMAJOR=2 || PYMAJOR=3
PYVER="${PYTHON_MINOR:0:1}"
cd $BASE_USR_LOCAL/$LIB/python${PYTHON_MINOR}/site-packages/ || exit $PYVER
[ -f __init__.py ] || touch __init__.py
INFO $PYVER GENTOO=$GENTOO $BASE_USR_LOCAL/$LIB/python${PYTHON_MINOR}/site-packages/
ls -1d * | \
grep -v '__init__.py\|~$\|egg-info\|__pycache__\|egg-link\|dist-info\|pyc$\|pyo$\|pth$\|.sh$$\|.so$\|.egg$\|.tar$\|.log$\|.lis$\|.err$' | \
sed -e 's/\.py$//' | \
while read elt ; do
[ -z "$elt" ] && continue
[ $elt = cachecontrol ] && mod=CacheControl || mod=$elt
#exceptions
[ $elt = pip ] && echo "INFO: $PYTHON_MINOR Skipped OK - $elt" && continue
[ $elt = ansible ] && echo "INFO: $PYTHON_MINOR Skipped OK - $elt" && continue
#?FixMe: - we are now allowing site.py
[ $elt = site ] && echo "INFO: $PYTHON_MINOR Skipped OK - $elt" && continue
# broken for MarkupSafe-1.1.1-py2.7.egg-info
[ $elt = markupsafe ] && echo "INFO: $PYTHON_MINOR Skipped OK - $elt" && continue
# broken for PyYAML-5.3.1-py2.7.egg-info
[ $elt = yaml ] && echo "INFO: $PYTHON_MINOR Skipped OK - $elt" && continue
# Pygments-2.5.2-py2.7.egg-info
[ $elt = pygments ] && echo "INFO: $PYTHON_MINOR Skipped OK - $elt" && continue
# FixMe: what about the selenium patches
[ $elt = selenium ] && continue
# FixMe:
if [ $GENTOO -eq 0 ] && eix -r ^dev-python/${elt}$ | grep "Installed.*[\" ]$PYTHON_MINOR" ; then
DBUG $PYVER $elt is Installed
elif [ $GENTOO -eq 0 ] && eix ^dev-python/py${elt}$ | grep "Installed.*[\" ]$PYTHON_MINOR" ; then
DBUG $PYVER py$elt is Installed
elif [ -e /usr/$LIB/python$PYTHON_MINOR/$elt ] ; then
[ $elt = sitecustomize ] && echo WHY?: in /usr/$LIB/python$PYTHON_MINOR/$elt && continue
echo "DEBUG: $PYVER $elt is in /usr/$LIB/python$PYTHON_MINOR/$elt"
# The python$PYVER -s is crucial - otherwise
# /root/.local/lib64/python2.7/site-packages precedes
# /usr/lib64/python2.7/site-packageson sys.path
elif python$PYVER -s -c "import $mod,os; print os.path.realpath($mod.__path__[0])" 2>/dev/null | grep /usr/$LIB/ ; then
echo "DEBUG: $PYVER $elt is in /usr/$LIB/"
else
echo "INFO: $PYTHON_MINOR Checked OK - $elt"
continue
fi
WARN "$PYTHON_MINOR deleting - $elt"
if [ -d $elt ] ; then
INFO rm -rf *${elt}* .*${elt}*
rm -rf *${elt}* .*${elt}*
elif file $elt | grep 'empty' ; then
INFO rm -rf ${elt}
rm -rf ${elt}
elif [ -f "$elt.py" ] ; then
INFO rm ${elt}.py*
rm ${elt}.py*
elif [ -f "$elt.pyo" ] || [ -f "$elt.pyc" ] ; then
INFO rm -f ${elt}.pyc ${elt}.pyo
rm -f ${elt}.pyc ${elt}.pyo
else
echo "ERROR: oddball not a dir or file $( file $elt ) - \"$elt\""
fi
done
# FixMe: these are missed and crucial
[ -f /usr/local/lib64/python$PYTHON_MINOR7/site-packages/pkg_resources/__init__.py -a \
-f /usr/lib64/python$PYTHON_MINOR/site-packages/pkg_resources/__init__.py ] &&
rm -rf /usr/local/lib64/python$PYTHON_MINOR/site-packages/pkg_resources/
/usr/local/bin/python$PYVER.sh -c 'from pkg_resources import ensure_directory, ContextualZipFile' || \
WARN "from pkg_resources import ensure_directory, ContextualZipFile "
done
cd /usr/local/bin
for file in * ; do
[ -x $file ] || continue
[ -e /usr/bin/$file -o -e /usr/sbin/$file -o -e /usr/bin/$file.py ] || continue
# ls -l /usr/bin/$file $file
root=$( basename $file .py )
[[ $file =~ .*2.py$ ]] && DBUG $file && continue
[[ $file =~ .*2$ ]] && DBUG $file && continue
if file $file | grep -q 'Python script' && head -2 $file | grep -q '/python2' ; then
[[ $file =~ .*.py$ ]] && INFO mv $file ${root}2.py && mv $file ${root}2.py && continue
[ -e /usr/bin/$file.py ] && INFO mv $file ${file}2 && mv $file ${file}2 &&z \
INFO ln -s /usr/bin/$file.py $file && ln -s /usr/bin/$file.py $file && continue
WARN $file not python ; continue
fi
INFO mv $file ${file}2; mv $file ${file}2
done
exit 0

View File

@ -1,39 +0,0 @@
#!/bin/sh
# -*- mode: sh; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
ROLE=toxcore
prog=$(basename $0 .bash)
KEY=0x066DAFCB81E42C40
TIMEO=15
WARGS="-v -S --dns-timeout $TIMEO --connect-timeout $TIMEO --read-timeout $TIMEO"
. /usr/local/bin/proxy_export.bash
if [ is = dead ] ; then
# URL="http://hkps.pool.sks-keyservers.net:80/pks/lookup?op=get&options=mr&search=$KEY"
URL="http://pgp.mit.edu:80/pks/lookup?op=get&options=mr&search=$KEY"
DBUG wget $URL
wget $WARGS -o /tmp/2$$.log -O /tmp/2$$.html $URL || {
ERROR retval=$? ; cat /tmp/2$$.log; exit 2 ;
}
grep -q -e '-----BEGIN PGP PUBLIC KEY BLOCK' /tmp/2$$.html || exit 210
grep -q 'HTTP/1.1 200 OK' /tmp/2$$.log || exit 220
fi
URL="http://keyserver.ubuntu.com:80/pks/lookup?op=get&options=mr&search=$KEY"
DBUG wget $URL
wget $WARGS -o /tmp/3$$.log -O /tmp/3$$.html $URL || {
ERROR retval=$? /tmp/3$$.log
exit 3
}
grep -q -e '-----BEGIN PGP PUBLIC KEY BLOCK' /tmp/3$$.html || {
ERROR '-----BEGIN PGP PUBLIC KEY BLOCK' /tmp/3$$.html
exit 310
}
grep -q 'HTTP/1.1 200 OK' /tmp/3$$.log || {
ERROR NO 'HTTP/1.1 200 OK' /tmp/3$$.log
exit 320
}
exit 0

View File

@ -1,25 +0,0 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=$PREFIX
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
PYVER=2
P="BASE_PYTHON${PYVER}_MINOR"
PYTHON_MINOR="$(eval echo \$$P)"
PYTHON_EXE_MSYS=$PREFIX/bin/python$PYVER.bash
PYTHON_EXE=$PYTHON_EXE_MSYS
# doctest.py
# NORMALIZE_WHITESPACE = register_optionflag('NORMALIZE_WHITESPACE')
# ELLIPSIS = register_optionflag('ELLIPSIS')
LOPTS="-o ELLIPSIS --fail-fast"
#? -S causes problems - why was it there?
for file in "$@" ; do
$PREFIX/bin/python$PYVER.sh $PREFIX/src/testforge_run_doctest.py \
$LOPTS --box '' --file "$file"
done

View File

@ -1,26 +0,0 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=$PREFIX
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
PYVER=3
P="BASE_PYTHON${PYVER}_MINOR"
PYTHON_MINOR="$(eval echo \$$P)"
PYTHON_EXE_MSYS=$PREFIX/bin/python$PYVER.bash
PYTHON_EXE=$PYTHON_EXE_MSYS
# doctest.py
# NORMALIZE_WHITESPACE = register_optionflag('NORMALIZE_WHITESPACE')
# ELLIPSIS = register_optionflag('ELLIPSIS')
LOPTS="-o ELLIPSIS --fail-fast"
#? -S causes problems - why was it there?
for file in "$@" ; do
[ ! -f "$file" ] && WARN file not found $file && continue
/usr/local/bin/python$PYVER.sh $PREFIX/src/testforge_run_doctest.py \
$LOPTS --box '' --file "$file"
done

View File

@ -1,60 +0,0 @@
#!/bin/sh
# -*-mode: sh; tab-width: 8; coding: utf-8-unix -*-
. /usr/local/bin/usr_local_base.bash || exit 2
PREFIX=/usr/local
ROLE=base
[ -z "$BASE_PYTHON2_MINOR" ] && \
BASE_PYTHON2_MINOR=$( python2 --version 2>&1| sed -e 's@^.* @@' -e 's@\.[0-9]*$@@' )
[ -z "$BASE_PYTHON3_MINOR" ] && \
BASE_PYTHON3_MINOR=$( python3 --version 2>&1| sed -e 's@^.* @@' -e 's@\.[0-9]*$@@' )
for PYTHON_MINOR in "$BASE_PYTHON2_MINOR" "$BASE_PYTHON3_MINOR" ; do
[ -z "$PYTHON_MINOR" ] && continue
if [ -z "$LIB" -a -d /usr/lib/python$PYTHON_MINOR/site-packages ] ; then
LIB=lib
elif [ -z "$LIB" -a -d /usr/lib64/python$PYTHON_MINOR/site-packages ] ; then
LIB=lib64
elif [ -n "$LIB" -a ! -d /usr/$LIB/python$PYTHON_MINOR/site-packages ] ; then
ERROR LIB=$LIB but no /usr/$LIB/python$PYTHON_MINOR/site-packages
fi
done
umask 0022
# [ "$#" -eq 0 ] && set -- $PREFIX/bin
# FixMe? /usr/local/bin too? I think not, except for ours?
for prefix in /usr/local /var/local ; do
cd $prefix/bin || exit 1
#? ls -1d * | grep -v '~' | xargs file | grep -i python | sed -e 's/:.*//'|while read file ; do
ls -1 | grep -v '~' | xargs file | grep script | sed -e 's/:.*//' | \
while read file ; do
head -1 $file | grep -q python || continue
head -1 $file | grep -q $prefix/python..bash && continue
base=$( echo $file | sed -e 's/\.bash$//' )
under=$( echo $prefix | sed -e 's/^.//' -e 's@/@_@g' )
if [ -h /etc/python-exec/$base.conf ] ; then
link=$( readlink /etc/python-exec/$base.conf )
if [ "$link" = python2.conf ] ; then
sed -f $prefix/share/sed/${under}_python2.sed -i $file
else
sed -f $prefix/share/sed/${under}_python3.sed -i $file
fi
else
sed -f $prefix/share/sed/${under}_python2.sed -i $file
sed -f $prefix/share/sed/${under}_python3.sed -i $file
fi
# echo $file
done
# failsafe - Eberly - no longer active
for elt in $BASE_PYTHON2_MINOR $BASE_PYTHON3_MINOR ; do
[ -f $prefix/${LIB}/python$elt/site-packages/site.py ]
# WARN missing $prefix/${LIB}/python$elt/site-packages/site.py
done
done
exit 0

View File

@ -1,519 +0,0 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
[ -f /usr/local/bin/usr_local_tput.bash ] && \
. /usr/local/bin/usr_local_tput.bash
. /usr/local/bin/proxy_curl_lib.bash
[ -z "$TIMEOUT" ] && TIMEOUT=30
TIMEOUT3=`expr 3 \* $TIMEOUT`
SSLSCAN_ARGS="-4 --show-certificate --bugs --timeout $TIMEOUT"
[ $SSL_VER = 3 ] && SSLSCAN_ARGS="$SSLSCAN_ARGS --tls13" || \
SSLSCAN_ARGS="$SSLSCAN_ARGS --tls12"
# -cipher 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' -debug
# no timeout -no_tls1_1 -no_tls1_2
OPENSSL_ARGS="-4 -showcerts -bugs -status -state -no_ign_eof"
[ $SSL_VER = 3 ] && OPENSSL_ARGS="$OPENSSL_ARGS -tls1_3" || \
OPENSSL_ARGS="$OPENSSL_ARGS -tls1_2"
# --no-colour ?--show-certificate ?--show-client-cas ?--show-ciphers ?--tlsall
TESTSSL_ARGS="-4 --server-defaults --protocols --grease --server-preference --heartbleed --ccs-injection --renegotiation --breach --tls-fallback --drown --assume-http --connect-timeout $TIMEOUT3 --openssl-timeout $TIMEOUT3 --standard --vulnerable --ssl-native --phone-out --nodns none"
ANALYZE_ARGS="--timeout $TIMEOUT --all-ciphers --verbose"
NMAP_ARGS="--script ssl-enum-ciphers -v --script-trace"
# no --cert-status -> ocsp
CURL_ARGS="--silent -vvv --head --connect-timeout $TIMEOUT"
CURL_HTTP_ARGS="$CURL_ARGS --fail --location --http2 --proto-redir https --proto-default https --proto =https"
# [ -d /usr/local/share/ca-certificates/mozilla ] && \
# CURL_ARGS="$CURL_ARGS --capath usr/local/share/ca-certificates/mozilla"
[ $SSL_VER = 3 ] && CURL_ARGS="$CURL_ARGS --tlsv1.3" || \
CURL_ARGS="$CURL_ARGS --tlsv1.2"
NOW=`date +%s`
DATE () {
local elt=$1
shift
# DEBUG=1
$elt $( expr `date +%s` - $NOW )s $*
return 0
}
ssltest_proxies () {
PROXY_SCHEME=`echo $SSLTEST_HTTPS_PROXY|sed -e 's@/@@g' -e 's/:/ /g'| cut -f 1 -d ' '`
PROXY_HOST=`echo $SSLTEST_HTTPS_PROXY|sed -e 's@/@@g' -e 's/:/ /g'| cut -f 2 -d ' '`
PROXY_PORT=`echo $SSLTEST_HTTPS_PROXY|sed -e 's@/@@g' -e 's/:/ /g'| cut -f 3 -d ' '`
# SocksPolicy Accept in /etc/tor/torrc - required and works with sslscan
TESTSSL_ENVS="env MAX_OSSL_FAIL=10 DNS_VIA_PROXY=true PROXY_WAIT=$TIMEOUT"
if [ -n "$SSLTEST_HTTP_PROXY" ] ; then
PROXY_HOST_PORT=`echo "$SSLTEST_HTTPS_PROXY" | sed -e 's@.*/@@'`
OPENSSL_ARGS="$OPENSSL_ARGS -proxy $PROXY_HOST_PORT"
elif [ -n "$SSLTEST_HTTPS_PROXY" ] ; then
# WTF HTTP CONNECT failed: 502 Bad Gateway (tor protocol violation)
PROXY_HOST_PORT=`echo "$SSLTEST_HTTPS_PROXY" | sed -e 's@.*/@@'`
OPENSSL_ARGS="$OPENSSL_ARGS -proxy $PROXY_HOST_PORT"
fi
# Make sure a firewall is not between you and your scanning target!
# `sed -e 's@.*/@@' <<< $SSLTEST_HTTPS_PROXY`
# timesout 3x
# TESTSSL_ARGS="$TESTSSL_ARGS --proxy=auto"
# use torsocks instead of
# ANALYZE_ARGS="ANALYZE_ARGS --starttls http_proxy:${PROXY_HOST}:$PROXY_PORT"
CURL_ARGS="$CURL_ARGS -x socks5h://${SOCKS_HOST}:$SOCKS_PORT"
#? NMAP_ARGS="$NMAP_ARGS -x socks4://${SOCKS_HOST}:$SOCKS_PORT"
# no proxy args and no _proxy strings
SSLSCAN_ENVS="$TORSOCKS "
ANALYZE_ENVS="$TORSOCKS "
# proxy timesout
TESTSSL_ENVS="sudo -u $BOX_BYPASS_PROXY_GROUP $TESTSSL_ENVS"
NMAP_ENVS="sudo -u $BOX_BYPASS_PROXY_GROUP "
CURL_ENVS=" "
return 0
}
ssltest_nmap () {
local elt=$1
local site=$2
local outfile=$3
[ -f "$outfile" ] || return 1
local eltfile=`sed -e "s/.out/_$elt.out/" <<< $outfile`
local exe=nmap
DATE DBUG $elt "$NMAP_ENVS $exe $NMAP_ELTS $site" $eltfile
INFO $elt "$NMAP_ENVS $exe $NMAP_ELTS $site" >> $eltfile
$NMAP_ENVS $exe $NMAP_ELTS $site >> $eltfile 2>&1
retval=$?
if grep -q '(1 host up)' $eltfile ; then
if grep -q TLS_AKE_WITH_AES_256_GCM_SHA384 $eltfile ; then
INFO "$elt TLS_AKE_WITH_AES_256_GCM_SHA384 = $eltfile" | tee -a $eltfile
else
INFO "$elt CA=$cacert = $eltfile" | tee -a $eltfile
fi
elif [ $retval -ne 0 ] ; then
ERROR "$elt retval=$retval timeout=$TIMEOUT CA=$cacert = $eltfile" | tee -a $eltfile
else
WARN $elt "NO '(1 host up)' in" $eltfile
fi
return 0
}
## ssltest_nmap
## no good for 1.3
ssltest_sslscan () {
local elt=$1
local site=$2
local outfile=$3
[ -f "$outfile" ] || return 1
local eltfile=`sed -e "s/.out/_$elt.out/" <<< $outfile`
local exe=sslscan
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
DATE DBUG "$SSLSCAN_ENVS $exe $SSLSCAN_ELTS $site" $eltfile
INFO "$SSLSCAN_ENVS $exe $SSLSCAN_ELTS $site" >> $eltfile
$SSLSCAN_ENVS $exe $SSLSCAN_ELTS $site:$SSL_PORT >> $eltfile 2>&1
retval=$?
# ECDHE-RSA-AES256-SHA pop.zoho.eu tls1.2
if [ $retval -ne 0 ] ; then
ERROR "$elt failed retval=$retval CA=$cacert = $eltfile" | tee -a $eltfile
elif grep ERROR $eltfile ; then
ERROR "$elt ERROR CA=$cacert = $eltfile" | tee -a $eltfile
retval=-1
elif grep EROR: $eltfile ; then
ERROR "$elt EROR: CA=$cacert = $eltfile" | tee -a $eltfile
retval=-2
elif grep "Certificate information cannot be retrieved." $eltfile ; then
WARN "$elt 'Certificate information cannot be retrieved' = $eltfile" | tee -a $eltfile
elif grep "TLSv1.$SSL_VER.*disabled" $eltfile ; then
ERROR "$elt TLSv1.$SSL_VER disabled = $eltfile" | tee -a $eltfile
retval=-3
elif ! grep '^\(Subject\|Altnames\).*'"$site" $eltfile ; then
# *.zoho.eu
WARN "$elt not 'Subject\|Altnames' = $eltfile" | tee -a $eltfile
elif ! grep -q Accepted $eltfile ; then
WARN "$elt not Accepted CA=$cacert = $eltfile" | tee -a $eltfile
elif [ $SSL_VER = 3 ] && ! grep -q TLS_AES_256_GCM_SHA384 $eltfile ; then
WARN "$elt not TLS_AES_256_GCM_SHA384 CA=$cacert = $eltfile" | tee -a $eltfile
else
DATE INFO "$elt Accepted CA=$cacert = $eltfile " | tee -a $eltfile
fi
return $retval
}
## ssltest_openssl
ssltest_openssl () {
local elt=$1
local site=$2
local exe=openssl
local outfile=$3
[ -f "$outfile" ] || return 1
local eltfile=`sed -e "s/.out/_$elt.out/" <<< $outfile`
local total_s=`expr 2 \* $TIMEOUT`
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
# -msg -msgfile $TMPDIR/$$.$site.s_client.msg
DATE DBUG "$elt s_client $OPENSSL_ELTS" $site $eltfile
INFO "$exe s_client $OPENSSL_ELTS timeout=$total_s" $site >> $eltfile
timeout $total_s $exe s_client $OPENSSL_ELTS $site < /dev/null >> $eltfile 2>&1
retval=$?
if [ $retval -eq 124 ] ; then
WARN "$elt failed timeout=$TIMEOUT CA=$cacert = $eltfile" | tee -a $eltfile
elif [ $retval -eq 1 ] ; then
num=`grep ':SSL alert number' $eltfile | sed -e 's/.*:SSL alert number //'`
if [ $? -eq 0 ] && [ -n "$num" ] ; then
ERROR "$elt failed retval=$retval SSL alert #$num ${SSL_ALERT_CODES[$num]} CA=$cacert = $eltfile" | tee -a $eltfile
else
ERROR "$elt failed retval=$retval err=${OPENSSL_X509_V[$retval]} CA=$cacert = $eltfile" | tee -a $eltfile
cat $eltfile
fi
elif grep ':error:' $eltfile ; then
a=`grep ':error:' $eltfile | sed -e 's/^[0-9]*:[^:]*:[^:]*:[^:]*:[^:]*://' -e 's/:.*//' |head -1 `
ERROR "$elt :error: $a CA=$cacert = $eltfile" | tee -a $eltfile
elif grep 'Cipher is (NONE)\|SSL handshake has read 0 bytes' $eltfile ; then
ERROR "$elt s_client Cipher is (NONE) CA=$cacert = $eltfile" | tee -a $eltfile
elif [ $retval -ne 0 ] ; then
ERROR "$elt failed retval=$retval err=${OPENSSL_X509_V[$retval]} CA=$cacert = $eltfile" | tee -a $eltfile
elif grep 'HTTP CONNECT failed:' $eltfile ; then
WARN "$elt failed HTTP CONNECT failed CA=$cacert = $eltfile" | tee -a $eltfile
elif grep 'unable to get local issuer certificate' $eltfile ; then
WARN "$elt s_client unable to get local issuer certificate CA=$cacert = $eltfile" | tee -a $eltfile
elif grep 'Verification error: certificate has expired' $eltfile ; then
WARN "$elt s_client Verification error: certificate has expired = $eltfile | tee -a $eltfile" | tee -a $eltfile
elif ! grep -q '^depth=0 CN.*'$site $eltfile ; then
WARN "$elt s_client CN NOT $site = $eltfile" | tee -a $eltfile
elif grep 'OSCP response: no response' $eltfile ; then
WARN "$elt s_client OSCP response: no response = $eltfile | tee -a $eltfile" | tee -a $eltfile
elif grep 'New, TLSv1.$SSL_VER, Cipher is TLS' $eltfile ; then
DATE INFO "$elt TLSv1.$SSL_VER, Cipher is TLS CA=$cacert = $eltfile " | tee -a $eltfile
else
DATE INFO "$elt client CA=$cacert = $eltfile " | tee -a $eltfile
fi
return $retval
}
## ssltest_testssl
ssltest_testssl () {
local elt=$1
local site=$2
local exe=/usr/local/bin/$elt.sh
local outfile=$3
[ -f "$outfile" ] || return 1
local eltfile=`sed -e "s/.out/_$elt.out/" <<< $outfile`
local total_s=`expr 2 \* $TIMEOUT3`
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
DATE DBUG $elt timeout $total_s "`basename $exe` $TESTSSL_ELTS $site:$SSL_PORT" $eltfile
INFO DBUG $elt timeout $total_s "`basename $exe` $TESTSSL_ELTS $site:$SSL_PORT" >> $eltfile 2>&1
# TLS 1.2 offered (OK)
# TLS 1.3 offered (OK)
# You should not proceed as no protocol was detected. If you still really really want to, say "YES" -->
echo YES | timeout $total_s env $TESTSSL_ENVS $exe $TESTSSL_ELTS $site:$SSL_PORT >>$eltfile 2>&1
retval=$?
subdir=`grep 'DEBUG (level 1): see files in' $eltfile | sed -e 's/.* //' -e "s/[$'].*//"`
if [ -n "$subdir" ] ; then
subdir="${subdir::19}"
if [ -d "$subdir" ] ; then
DBUG found \"$subdir\"
cat "$subdir"/*parse*txt >> $eltfile
fi
fi
if grep "Protocol.*TLSv1.$SSL_VER" $eltfile ; then
# timesout after success
DATE INFO "$elt $site Protocol : TLSv1.$SSL_VER CA=$cacert =$eltfile" | tee -a $eltfile
retval=0
elif grep 'TLS 1.$SSL_VER *.*offered.*(OK)' $eltfile ; then
DATE INFO "$elt $site TLS 1.$SSL_VER offered CA=$cacert =$eltfile" | tee -a $eltfile
retval=0
elif [ $retval -eq 124 ] ; then
WARN $elt $site "timedout timeout=$total_s CA=$cacert = $eltfile" | tee -a $eltfile
elif grep 'TLS 1.$SSL_VER.*not offered and downgraded to a weaker protocol' $eltfile ; then
DATE ERROR "$elt $site TLS 1.$SSL_VER NOT offered CA=$cacert =$eltfile" | tee -a $eltfile
retval=`expr 256 - 1`
elif grep -q 't seem to be a TLS/SSL enabled server' $eltfile ; then
DATE ERROR "$elt $site doesnt seem to be a TLS/SSL enabled server: CA=$cacert =$eltfile" | tee -a $eltfile
retval=`expr 256 - 2`
elif grep -q 'Client problem, No server cerificate could be retrieved' $eltfile ; then
WARN "$elt $site Client problem: CA=$cacert =$eltfile" | tee -a $eltfile
retval=`expr 256 - 3`
elif grep 'Fixme: something weird happened' $eltfile ; then
WARN "$elt $site Fixme: something weird happened CA=$cacert =$eltfile" | tee -a $eltfile
retval=`expr 256 - 4`
elif grep 'Oops: TCP connect problem' $eltfile ; then
WARN "$elt $site Oops: TCP connect problem CA=$cacert =$eltfile" | tee -a $eltfile
retval=`expr 256 - 5`
elif [ $retval -gt 5 ] ; then
# returns 5
WARN "$elt failed retval=$retval CA=$cacert = $eltfile" | tee -a $eltfile
elif grep ': unable to\| error:' $eltfile ; then
ERROR "$elt.bash unable to / error: CA=$cacert = $eltfile" | tee -a $eltfile
retval=`expr 256 - 6`
elif grep 'unexpected error' $eltfile ; then
ERROR "$elt.bash unexpected error CA=$cacert = $eltfile" | tee -a $eltfile
retval=`expr 256 - 7`
elif [ "$retval" -eq 1 ] ; then
DATE ERROR "$elt.bash error retval=$retval: CA=$cacert = $eltfile " | tee -a $eltfile
elif grep -q "Negotiated protocol.*TLSv1.$SSL_VER" $eltfile ; then
# TLS_AES_256_GCM_SHA384
DATE INFO "$elt.bash TLSv1.$SSL_VER retval=$retval: CA=$cacert = $eltfile " | tee -a $eltfile
elif [ "$retval" -ne 0 ] ; then
# 5 is success
DATE WARN "$elt.bash error retval=$retval: CA=$cacert = $eltfile " | tee -a $eltfile
else
DATE INFO "$elt.bash no error retval=$retval: CA=$cacert = $eltfile " | tee -a $eltfile
fi
if grep ' VULNERABLE ' $eltfile ; then
WARN "$elt.bash VULNERABLE: CA=$cacert = $eltfile " | tee -a $eltfile
fi
grep 'Overall Grade' $eltfile
return $retval
}
## ssltest_analyze_ssl $elt $site
ssltest_analyze_ssl () {
local elt=$1
local site=$2
local exe=/usr/local/bin/analyze-ssl.pl.bash
local outfile=$3
[ -f "$outfile" ] || return 1
local eltfile=`sed -e "s/.out/_$elt.out/" <<< $outfile`
local total_s=`expr 2 \* $TIMEOUT`
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
DATE DBUG $elt "timeout $total_s $ANALYZE_ENVS `basename $exe` $ANALYZE_ELTS $site:$SSL_PORT" $eltfile
INFO "timeout $total_s $ANALYZE_ENVS `basename $exe` $ANALYZE_ELTS $site:$SSL_PORT" >> $eltfile
timeout $total_s $ANALYZE_ENVS $exe $ANALYZE_ELTS $site:$SSL_PORT >> $eltfile 2>&1
retval=$?
if [ ! -s $eltfile ] ; then
ERROR "$elt failed empty $eltfile" | tee -a $eltfile
retval=`expr 256 - 1`
elif grep "successful connect with TLSv1_$SSL_VER" $eltfile && \
grep 'all certificates verified' $eltfile ; then
# succeeds but timesout
DATE INFO "$elt successful connect with TLSv1_$SSL_VER retval=$retval error = $eltfile" | tee -a $eltfile
elif [ $retval -eq 124 ] ; then
WARN "$elt timedout timeout=$total_s CA=$cacert = $eltfile" | tee -a $eltfile
elif [ $retval -ne 0 ] ; then
ERROR "$elt failed retval=$retval = $eltfile" | tee -a $eltfile
elif grep ERROR: $eltfile ; then
ERROR "$elt failed ERROR: = $eltfile" | tee -a $eltfile
retval=`expr 256 - 3`
elif grep 'certificate verify - name does not match' $eltfile ; then
ERROR "$elt failed name does not match = $eltfile" | tee -a $eltfile
retval=`expr 256 - 4`
elif ! grep 'certificate verified : ok' $eltfile ; then
ERROR "$elt failed NO certificate verified = $eltfile" | tee -a $eltfile
retval=`expr 256 - 5`
elif grep 'certificate verified : FAIL' $eltfile ; then
ERROR "$elt certificate verified : FAIL = $eltfile" | tee -a $eltfile
retval=`expr 256 - 6`
elif grep 'handshake failed with HIGH' $eltfile ; then
WARN "$elt failed handshake failed with HIGH = $eltfile" | tee -a $eltfile
retval=`expr 256 - 7`
elif grep '^ \! ' $eltfile ; then
ERROR "$elt failed \! = $eltfile" | tee -a $eltfile
retval=`expr 256 - 8`
else
DATE INFO "$elt no error = $eltfile" | tee -a $eltfile
fi
return $retval
}
## ssltest_curl
ssltest_curl () {
local elt=$1
local site=$2
local exe="/usr/local/bin/s$elt.bash -- "
local outfile=$3
[ -f "$outfile" ] || { WARN no outfile ; return 1 ; }
local eltfile=`sed -e "s/.out/_$elt.out/" <<< $outfile`
local total_s=`expr 2 \* $TIMEOUT`
local prot
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
[ -n "$SSL_PORT" ] || { WARN no SSL_PORT ; return 3 ; }
exe=curl
if [ "$SSL_PORT" = 443 ] ; then
prot=https
elif [ "$SSL_PORT" = 995 ] ; then
prot=pop3s
exe=curl
CURL_ELTS="$CURL_ELTS -l"
elif [ "$SSL_PORT" = 587 ] ; then
prot=smtps
exe=curl
# CURL_ELTS="$CURL_ELTS"
else
ERROR $elt unrecognized port protocol $SSL_PORT
return 3
fi
DATE DBUG $elt $CURL_ENVS "`basename $exe` $CURL_ELTS ${prot}://$site:$SSL_PORT" $eltfile
INFO $elt "$CURL_ENVS `basename $exe` $CURL_ELTS ${prot}://$site:$SSL_PORT" >> $eltfile
$CURL_ENVS $exe $CURL_ELTS ${prot}://$site:$SSL_PORT >> $eltfile 2>&1
retval=$?
# grep '= /tmp/scurl'
ERRF=$eltfile
if [ $SSL_VER -eq 3 ] && ! grep "SSL connection using TLSv1.$SSL_VER" $ERRF ; then
ERROR "$elt NO SSL connection using TLSv1.$SSL_VER CA=$cacert = $ERRF" | tee -a $eltfile
retval=`expr 256 - 1`
cat $eltfile
elif ! grep -q "SSL connection using TLSv1.[3$SSL_VER]" $ERRF ; then
ERROR "$elt NO SSL connection using TLSv1.$SSL_VER CA=$cacert = $ERRF" | tee -a $eltfile
retval=`expr 256 - 1`
cat $eltfile
elif [ $retval -eq 77 ] || grep -q 'CURLE_SSL_CACERT_BADFILE' $ERRF ; then
ERROR "$elt retval=$retval ${CURLE[$retval]} CAFILE=$CAFILE = $ERRF" | tee -a $eltfile
elif [ $retval -eq 28 ] || grep -q 'CURLE_OPERATION_TIMEDOUT' $ERRF ; then
WARN "$elt retval=$retval CURLE_OPERATION_TIMEDOUT ${CURLE[$retval]} CAFILE=$CAFILE = $ERRF" | tee -a $eltfile
elif [ $retval -eq 91 ] || grep -q 'CURLE_SSL_INVALIDCERTSTATUS' $ERRF ; then
WARN "$elt retval=$retval ${CURLE[$retval]} CAFILE=$CAFILE = $ERRF" | tee -a $eltfile
elif [ $retval -eq 28 ] || grep 'Connection timed out' $ERRF ; then
WARN "$elt retval=$retval ${CURLE[$retval]} CAFILE=$CAFILE = $ERRF" | tee -a $eltfile
elif [ $retval -eq 22 ] || grep -q 'curl: (22) The requested URL returned error:' $ERRF; then
# on 22 - change to HTTP code
code=`grep 'curl: (22) The requested URL returned error:' $ERRF | sed -s 's/.*returned error: //'`
if [ "$code" = 416 ] ; then
INFO "$elt retval=$retval ${CURLE[$retval]} code=$code CA=$cacert = $ERRF" | tee -a $eltfile
retval=$code
elif [ -n "$code" ] && [ "$code" -ge 400 ] ; then
# 403 Cloudflare
ERROR "$elt retval=$retval ${CURLE[$retval]} code=$code CA=$cacert = $ERRF" | tee -a $eltfile
retval=$code
else
WARN "$elt retval=$retval ${CURLE[$retval]} code=$code CA=$cacert = $ERRF" | tee -a $eltfile
fi
elif [ $retval -ne 0 ] ; then
# curl: (3) URL using bad/illegal format or missing URL - worked
WARN "$elt retval=$retval ${CURLE[$retval]} CA=$cacert = $ERRF" | tee -a $eltfile
elif ! grep "subject: CN=$site" $ERRF ; then
ERROR "$elt NO subject: CN=$site CA=$cacert = $ERRF" | tee -a $eltfile
retval=`expr 256 - 2`
elif grep "503 - Forwarding failure" $ERRF ; then
WARN "$elt 503 - Forwarding failure CA=$cacert = $ERRF" | tee -a $eltfile
retval=`expr 256 - 3`
elif grep 'we are not connected' $eltfile ; then
WARN "$elt CA=$cacert = $ERRF" | tee -a $eltfile
retval=0
else
INFO "$elt CA=$cacert = $ERRF" | tee -a $eltfile
retval=0
fi
# TLSv1.3 (IN), TLS handshake, Finished
return $retval
}
## ssllabs_analyze
ssltest_analyze () {
local elt=$1
local site=$2
local exe="/usr/local/bin/scurl.bash -- "
local outfile=$3
[ -f "$outfile" ] || return 1
local eltfile=`sed -e "s/.out/_$elt.html/" <<< $outfile`
local total_s=`expr 2 \* $TIMEOUT`
local url="https://www.ssllabs.com/ssltest/analyze.html?d=$site"
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
umask 0022
DATE DBUG "$elt $CURL_ELTS SSL_PORT=$SSL_PORT $url" $eltfile
INFO "<\!-- $CURL_ENVS $elt $CURL_ELTS $url -->" >> $eltfile
$CURL_ENVS $exe $CURL_ELTS $url >> $eltfile 2>&1
retval=$?
if [ $retval -ne 0 ] ; then
DATE WARN "$elt retval=$retval $url" $eltfile >> $outfile
else
DATE INFO "$elt retval=$retval $url" $eltfile >> $outfile
fi
return $retval
}
## ssltest_ssllabs
ssltest_ssllabs() {
local elt=$1
local site=$2
local outfile=$3
[ -f "$outfile" ] || return 1
local site_ip=$4
local eltfile=`sed -e "s/.out/_$elt.html/" <<< $outfile`
local host=www.ssllabs.com
local url="ssltest/analyze.html?d=$site&s=$site_ip"
local exe="/usr/local/bin/scurl.bash -- "
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
umask 0022
DATE DBUG "$elt $CURL_ELTS $url" $eltfile
INFO "<\!-- $CURL_ENVS $elt $CURL_ELTS $url -->" >> $eltfile
$CURL_ENVS $exe $CURL_ELTS $url >> $eltfile 2>&1
retval=$?
if [ $retval -ne 0 ] ; then
DATE WARN "$elt retval=$retval $url" $eltfile | tee -a $eltfile
elif grep -A 2 ">TLS 1.$SSL_VER<" $eltfile | grep 'No' ; then
DATE ERROR "$elt retval=$retval $url" $eltfile | tee -a $eltfile
retval=`expr 256 - 1`
elif grep -A 2 ">TLS 1.$SSL_VER<" $eltfile | grep 'Yes' ; then
DATE INFO "$elt retval=$retval $url" $eltfile | tee -a $eltfile
retval=0
else
DATE WARN "$elt retval=$retval $url" $eltfile | tee -a $eltfile
fi
return $retval
}
## ssltest_http2_alt_svc
ssltest_http2_alt_svc() {
local elt=$1
local site=$2
local outfile=$3
[ -f "$outfile" ] || return 1
local eltfile=`sed -e "s/.out/_$elt.html/" <<< $outfile`
local exe="/usr/local/bin/scurl.bash -- "
local host=www.integralblue.com
local url=1.1.1.1/fun-stuff/dns-over-tor/
[ -n "$SSL_VER" ] || { WARN no SSL_VER ; return 2 ; }
umask 0022
if [ -n "$socks_proxy" ] ; then
export socks_proxy=`sed -e 's/socks[a-z0-9]*:/socks5h:/' <<< $socks_proxy`
$exe --head --http2 -x $socks_proxy https://$host/$url > $eltfile 2>&1
else
$exe --head --http2 https://$host/$url > $eltfile 2>&1
fi
#? grep '^HTTP/2 301' $eltfile || exit 1
grep '^HTTP/2 ' $eltfile || return 11
grep 'alt-svc:' $eltfile || return 12
onion=`grep 'alt-svc:' $eltfile | sed -e 's/.*h2=.//' -e 's/";.*//'` # || exit 3
if [ -n "$socks_proxy" ] ; then
$exe --head -x $socks_proxy https://$onion/$url >> $eltfile 2>&1
retval=$?
else
$exe --head https://$onion/$url >> $eltfile 2>&1
retval=$?
fi
if [ $retval -eq 0 ] ; then
DATE INFO $elt https://$host/$url | tee -a $eltfile
else
DATE WARN $elt https://$host/$url | tee -a $eltfile
fi
return $?
}

View File

@ -1,344 +0,0 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
export PATH=/sbin:$PATH
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
#[ -n "$TESTF_VAR_LOCAL" ] && PREFIX=$TESTF_VAR_LOCAL
. $PREFIX/bin/usr_local_tput.bash || exit 2
. /usr/local/bin/proxy_ping_lib.bash >/dev/null || \
{ ERROR loading /usr/local/bin/proxy_ping_lib.bash ; exit 3; }
#? . $PREFIX/src/usr_local_src.bash || exit 2
DNS_TRIES=3
LOGP=TestSSL_`date -u +%y-%m-%d_%H_$$`
rm -f $TMPDIR/${LOGP}*
# analyze-ssl passed files.pythonhosted.org
# INFO: 226s analyze-ssl no error = /tmp/_files.pythonhosted.org_analyze-ssl.out
[ -z "$SSLTEST_TESTS" ] && SSLTEST_TESTS="curl openssl testssl nmap" # sslscan
[ -z "$SSLTEST_CERTS" ] && SSLTEST_CERTS="/etc/ssl/certs/ca-certificates.crt /usr/local/etc/ssl/cacert-testforge.pem"
[ -z "$SSLTEST_TIMEOUT" ] && SSLTEST_TIMEOUT=30
[ -z "$SSLTEST_SOCKS_PROXY" -a -n "$socks_proxy" ] && SSLTEST_SOCKS_PROXY=$socks_proxy \
&& DBUG SSLTEST_SOCKS_PROXY=$socks_proxy
if [ -z "$SSLTEST_HTTPS_PROXY" -a -n "$https_proxy" ] ; then
SSLTEST_HTTPS_PROXY=$https_proxy
DBUG SSLTEST_HTTPS_PROXY=$SSLTEST_HTTPS_PROXY
fi
[ -z "$SSLTEST_HTTP_PROXY" -a -n "$http_proxy" ] && SSLTEST_HTTP_PROXY=$http_proxy \
&& DBUG SSLTEST_HTTP_PROXY=$http_proxy
[ -z "$BOX_BYPASS_PROXY_GROUP" ] && BOX_BYPASS_PROXY_GROUP=bin
SSL_LIB=openssl
# [ "$MODE" ] && proxy_ping_test.bash $MODE
declare -a BADSSL_SITES
BADSSL_SITES=(
self-signed.badssl.com
expired.badssl.com
mixed.badssl.com
rc4.badssl.com
hsts.badssl.com
)
declare -a GOODSSL_SITES
GOODSSL_SITES=(
files.pythonhosted.org
mirrors.dotsrc.org
deb.devuan.org
# dfw.source.kernel.org
# cdn.kernel.org
)
badssl=0
goodssl=0
[ "$#" -eq 0 ] && goodssl=1
tests="$SSLTEST_TESTS"
verbosity=2
outdir=/tmp
timeout=$SSLTEST_TIMEOUT
onion=0
CAFILE=/usr/local/etc/ssl/cacert-testforge.pem
TMPDIR=/tmp
SSL_PORT=443