# $FreeBSD$

PORTNAME=	vuls-cve-dictionary

PORTVERSION=	0.1.1

DISTVERSIONPREFIX=	v

CATEGORIES=	security

MAINTAINER=	iscandr@gmail.com

COMMENT=	Build local copies of the National Vulnerabilities Database and Japan Vulnerability Notes

LICENSE=	APACHE20

USES=	go

USE_RC_SUBR=	vuls-cve-dictionary

USERS=	vuls

GROUPS=	vuls

USE_GITHUB=	yes

GH_ACCOUNT=	kotakanbe

GH_PROJECT=	go-cve-dictionary

GH_TAGNAME=	0724974

GH_SUBDIR=	src/github.com/${GH_ACCOUNT_DEFAULT}/${GH_PROJECT}

GH_TUPLE+=  sirupsen:logrus:v1.0.0:logrus/src/github.com/sirupsen/logrus

GH_TUPLE+=  asaskevich:govalidator:v6:govalidator/src/github.com/asaskevich/govalidator

GH_TUPLE+=  cheggaaa:pb:v2.0.4:pb/src/gopkg.in/cheggaaa/pb.v2

GH_TUPLE+=  go-redis:redis:v6.5.0:redis/src/github.com/go-redis/redis

GH_TUPLE+=  google:subcommands:ce3d4cf:subcommands/src/github.com/google/subcommands

GH_TUPLE+=  jinzhu:gorm:eae7f6b:gorm/src/github.com/jinzhu/gorm

GH_TUPLE+=  kotakanbe:logrus-prefixed-formatter:e7519b8:logrusprefixedformatter/src/github.com/kotakanbe/logrus-prefixed-formatter

GH_TUPLE+=  labstack:echo:bc173df:echo/src/github.com/labstack/echo

GH_TUPLE+=  labstack:gommon:1121fd3:gommon/src/github.com/labstack/gommon

GH_TUPLE+=  parnurzeal:gorequest:v0.2.15:gorequest/src/github.com/parnurzeal/gorequest

GH_TUPLE+=  rifflock:lfshook:1.6:lfshook/src/github.com/rifflock/lfshook

GH_TUPLE+=  dgrijalva:jwt-go:v3.0.0:jwtgo/src/github.com/dgrijalva/jwt-go

GH_TUPLE+=  go-sql-driver:mysql:v1.3:mysql/src/github.com/go-sql-driver/mysql

GH_TUPLE+=  jinzhu:inflection:1c35d90:inflection/src/github.com/jinzhu/inflection

GH_TUPLE+=  k0kubun:pp:v2.3.0:pp/src/github.com/k0kubun/pp

GH_TUPLE+=  lib:pq:8837942:pq/src/github.com/lib/pq

GH_TUPLE+=  mgutz:ansi:9520e82:ansi/src/github.com/mgutz/ansi

GH_TUPLE+=  pkg:errors:c605e28:pkgerrors/src/github.com/pkg/errors

GH_TUPLE+=  moul:http2curl:4e24498:http2curl/src/github.com/moul/http2curl

GH_TUPLE+=  golang:net:5f8847a:golangnet/src/golang.org/x/net

GH_TUPLE+=  mattn:go-colorable:v0.0.8:gocolorable/src/github.com/mattn/go-colorable

GH_TUPLE+=  mattn:go-runewidth:97311d9:gorunewidth/src/github.com/mattn/go-runewidth

GH_TUPLE+=  mattn:go-isatty:v0.0.2:goisatty/src/github.com/mattn/go-isatty

GH_TUPLE+=  mattn:go-sqlite3:v1.2.0:gosqlite3/src/github.com/mattn/go-sqlite3

GH_TUPLE+=  valyala:fasttemplate:dcecefd:fasttemplate/src/github.com/valyala/fasttemplate

GH_TUPLE+=  camlistore:go4:034d17a:go4syncutil/src/go4.org

GH_TUPLE+=  VividCortex:ewma:v1.0:ewma/src/gopkg.in/VividCortex/ewma.v1

GH_TUPLE+=  fatih:color:v1.5.0:colorv1/src/gopkg.in/fatih/color.v1

STRIP=		#none

MAKEFILE=	"GNUmakefile"

post-patch:

	@${REINPLACE_CMD} -e 's|Sirupsen|sirupsen|' \

		${WRKSRC}/log/log.go \

		${WRKSRC}/src/github.com/kotakanbe/logrus-prefixed-formatter/formatter.go \

		${WRKSRC}/src/github.com/rifflock/lfshook/lfshook.go

	@${REINPLACE_CMD} -e 's|github.com/cheggaaa/pb|gopkg.in/cheggaaa/pb.v2|' \

		${WRKSRC}/db/rdb.go \

		${WRKSRC}/db/redis.go \

		${WRKSRC}/jvn/jvn.go \

		${WRKSRC}/nvd/nvd.go

	@${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-runewidth.v0|github.com/mattn/go-runewidth|' \

		${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/util.go

	@${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-colorable.v0|github.com/mattn/go-colorable|' \

		${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/pb.go

	@${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-isatty.v0|github.com/mattn/go-isatty|' \

		${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/pb.go

do-build:

	@cd ${GO_WRKSRC} && \

		${SETENV} ${BUILD_ENV} GOPATH=${WRKSRC} \

		go build -v -x -ldflags "-X main.version=${PORTVERSION}" \

		-o ${STAGEDIR}${PREFIX}/bin/${PORTNAME}

do-install:

	${MKDIR} ${STAGEDIR}/var/db/vuls

	${MKDIR} ${STAGEDIR}/var/log/vuls

.include <bsd.port.mk>

TIMESTAMP = 1499419115

SHA256 (kotakanbe-go-cve-dictionary-v0.1.1-0724974_GH0.tar.gz) = dd52f37af45c81e55a6eaca766040762bbc0cc67fc31c674c9a7c19e8c9a7ad5

SIZE (kotakanbe-go-cve-dictionary-v0.1.1-0724974_GH0.tar.gz) = 25111

SHA256 (sirupsen-logrus-v1.0.0_GH0.tar.gz) = de40c5f36b126217234cf5d40def87ce26789ce95c8f887b229b9f2ea1e3ed6b

SIZE (sirupsen-logrus-v1.0.0_GH0.tar.gz) = 27996

SHA256 (asaskevich-govalidator-v6_GH0.tar.gz) = 17ee798f3758885e6ed6f1cfc81033c3aca4c15a9d2b3856a01e648ffb46f0a0

SIZE (asaskevich-govalidator-v6_GH0.tar.gz) = 39610

SHA256 (cheggaaa-pb-v2.0.4_GH0.tar.gz) = 21388e5df7bed43ae2b8157a4e17b85ef416ca4925723ddc182f43e3fc719225

SIZE (cheggaaa-pb-v2.0.4_GH0.tar.gz) = 17205

SHA256 (go-redis-redis-v6.5.0_GH0.tar.gz) = 992b27dee80639c3605b99525adf76e5e76e4d1acd7e1e97476c5d0446e0d0b8

SIZE (go-redis-redis-v6.5.0_GH0.tar.gz) = 72475

SHA256 (google-subcommands-ce3d4cf_GH0.tar.gz) = 660c4a27138acf9f40eb5b69d8f8401521626bd29235f6472f1b1ac457ab4c99

SIZE (google-subcommands-ce3d4cf_GH0.tar.gz) = 8551

SHA256 (jinzhu-gorm-eae7f6b_GH0.tar.gz) = aff8d777868e65751deadff1353949cdc1c8c0680e4f687c2fa9311fdb6dfe74

SIZE (jinzhu-gorm-eae7f6b_GH0.tar.gz) = 79432

SHA256 (kotakanbe-logrus-prefixed-formatter-e7519b8_GH0.tar.gz) = e14b91af06bc0a752c97519dff4accf4a03547cbb9dd2ba197a9420fb3f14303

SIZE (kotakanbe-logrus-prefixed-formatter-e7519b8_GH0.tar.gz) = 3862

SHA256 (labstack-echo-bc173df_GH0.tar.gz) = 130084d65a0fd9fbeba6f2f88b7f6ef0dcf0d42d988b7720a9e158a16afa23f7

SIZE (labstack-echo-bc173df_GH0.tar.gz) = 322895

SHA256 (labstack-gommon-1121fd3_GH0.tar.gz) = b2799817a7225c50d37549db05b981cfa416ea7e3ee54aeb53187c3a29f83805

SIZE (labstack-gommon-1121fd3_GH0.tar.gz) = 10176

SHA256 (parnurzeal-gorequest-v0.2.15_GH0.tar.gz) = 776fbd9a5ebe79e6e1091cae47d5ace67f7bf49a224a35f2c84e27f3f464817f

SIZE (parnurzeal-gorequest-v0.2.15_GH0.tar.gz) = 25591

SHA256 (rifflock-lfshook-1.6_GH0.tar.gz) = 64f6a7b085bbceec503f311d9f130436457b996f7260dad7db6638ceb19d9f45

SIZE (rifflock-lfshook-1.6_GH0.tar.gz) = 3515

SHA256 (dgrijalva-jwt-go-v3.0.0_GH0.tar.gz) = af12bdfbfb897c4a5c86aeffd11cab35ee18ab0180b1a6e22e1a1a61d9f70543

SIZE (dgrijalva-jwt-go-v3.0.0_GH0.tar.gz) = 33451

SHA256 (go-sql-driver-mysql-v1.3_GH0.tar.gz) = 410bcaca471ea38892101464cc8b4a9cf63a9c7f94fce8728243829e36cd865b

SIZE (go-sql-driver-mysql-v1.3_GH0.tar.gz) = 59830

SHA256 (jinzhu-inflection-1c35d90_GH0.tar.gz) = 9403d9051e6fb253555c83261ce4c9ff9cb0210a4f326b8568b18d3e1bfbed24

SIZE (jinzhu-inflection-1c35d90_GH0.tar.gz) = 4499

SHA256 (k0kubun-pp-v2.3.0_GH0.tar.gz) = e411569ac6fe6413b24b63765fd9d6b7cbb03d162068c31186db947aeaf4b0b8

SIZE (k0kubun-pp-v2.3.0_GH0.tar.gz) = 8778

SHA256 (lib-pq-8837942_GH0.tar.gz) = a7b8aec65325b03799c5336af3ace1a04ade723a30c9abe927f2b16ffbc61385

SIZE (lib-pq-8837942_GH0.tar.gz) = 85539

SHA256 (mgutz-ansi-9520e82_GH0.tar.gz) = eed589c0869270ea90e776fa623a0a29a5973f2acc86fbf305573b4861887140

SIZE (mgutz-ansi-9520e82_GH0.tar.gz) = 4870

SHA256 (pkg-errors-c605e28_GH0.tar.gz) = 06fa83babc1d9aa80b0decb6d36504090bbde8a38d9a722a1f7a26616590a0d0

SIZE (pkg-errors-c605e28_GH0.tar.gz) = 11476

SHA256 (moul-http2curl-4e24498_GH0.tar.gz) = 48957974315c9689a27e4a65315d4eb0e94cb04e266a59f813ad9e1b99df8e66

SIZE (moul-http2curl-4e24498_GH0.tar.gz) = 100177

SHA256 (golang-net-5f8847a_GH0.tar.gz) = 55a46531c8c0fb60ae7566cae1c59681c9869e5df1c4a9a8304448afef65164a

SIZE (golang-net-5f8847a_GH0.tar.gz) = 909712

SHA256 (mattn-go-colorable-v0.0.8_GH0.tar.gz) = 4f7b0196c6d7a7be96ba394c94860384b537cec6e0da57951bccda0d42c1c23c

SIZE (mattn-go-colorable-v0.0.8_GH0.tar.gz) = 7526

SHA256 (mattn-go-runewidth-97311d9_GH0.tar.gz) = 8330497728f75464111ee7145fc97cfa588cb0d6561b3af5447aa05d489bca85

SIZE (mattn-go-runewidth-97311d9_GH0.tar.gz) = 22384

SHA256 (mattn-go-isatty-v0.0.2_GH0.tar.gz) = c0681d72b185a8d4aa8f6a557d181bf25c6e3e7f3874711de507e550b25408bf

SIZE (mattn-go-isatty-v0.0.2_GH0.tar.gz) = 3258

SHA256 (mattn-go-sqlite3-v1.2.0_GH0.tar.gz) = ec21a30c397d0d3153d54b3aa71065481dd9702819006fb8bc0443a6ab47caa8

SIZE (mattn-go-sqlite3-v1.2.0_GH0.tar.gz) = 1998473

SHA256 (valyala-fasttemplate-dcecefd_GH0.tar.gz) = ba29e16f9b2d6425f500b40747b139c6ce88cdd26b60dcf5967fe9e6cf5f3eb7

SIZE (valyala-fasttemplate-dcecefd_GH0.tar.gz) = 11627

SHA256 (camlistore-go4-034d17a_GH0.tar.gz) = 1c9111f937747660e5cee7c6c435d010011d6fe506df5603b88cce4dd102f39c

SIZE (camlistore-go4-034d17a_GH0.tar.gz) = 78850

SHA256 (VividCortex-ewma-v1.0_GH0.tar.gz) = 7e62b9cc28b336f2496aa98da60f3a8ba6a1f0112f0493c60959e9bcc25709f3

SIZE (VividCortex-ewma-v1.0_GH0.tar.gz) = 3609

SHA256 (fatih-color-v1.5.0_GH0.tar.gz) = f22564848cd7d24022413c719bbc9c35d014ba7d19ee802b29ba5a93016d3250

SIZE (fatih-color-v1.5.0_GH0.tar.gz) = 586937

--- commands/fetchjvn.go.orig	2017-07-08 14:49:54 UTC

+++ commands/fetchjvn.go

@@ -3,7 +3,6 @@ package commands

 import (

 	"context"

 	"flag"

-	"os"

 	"strconv"

 	"time"

@@ -45,7 +44,7 @@ func (*FetchJvnCmd) Usage() string {

 		[-latest]

 		[-last2y]

 		[-years] 1998 1999 ...

-		[-dbpath=$PWD/cve.sqlite3 or connection string]

+		[-dbpath=/var/db/vuls/cve.sqlite3 or connection string]

 		[-dbtype=mysql|postgres|sqlite3|redis]

 		[-http-proxy=http://192.168.0.1:8080]

 		[-debug]

@@ -65,8 +64,7 @@ func (p *FetchJvnCmd) SetFlags(f *flag.F

 	defaultLogDir := util.GetDefaultLogDir()

 	f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log")

-	pwd := os.Getenv("PWD")

-	f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3",

+	f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3",

 		"/path/to/sqlite3 or SQL connection string")

 	f.StringVar(&p.dbtype, "dbtype", "sqlite3",

--- commands/fetchnvd.go.orig	2017-07-08 14:50:40 UTC

+++ commands/fetchnvd.go

@@ -3,7 +3,6 @@ package commands

 import (

 	"context"

 	"flag"

-	"os"

 	"strconv"

 	"time"

@@ -65,8 +64,7 @@ func (p *FetchNvdCmd) SetFlags(f *flag.F

 	defaultLogDir := util.GetDefaultLogDir()

 	f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log")

-	pwd := os.Getenv("PWD")

-	f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3",

+	f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3",

 		"/path/to/sqlite3 or SQL connection string")

 	f.StringVar(&p.dbtype, "dbtype", "sqlite3",

--- commands/server.go.orig	2017-06-26 10:39:59 UTC

+++ commands/server.go

@@ -3,7 +3,6 @@ package commands

 import (

 	"context"

 	"flag"

-	"os"

 	"github.com/google/subcommands"

 	c "github.com/kotakanbe/go-cve-dictionary/config"

@@ -37,7 +36,7 @@ func (*ServerCmd) Usage() string {

 	server

 		[-bind=127.0.0.1]

 		[-port=8000]

-		[-dbpath=$PWD/cve.sqlite3 or connection string]

+		[-dbpath=/var/db/vuls/cve.sqlite3 or connection string]

 		[-dbtype=mysql|postgres|sqlite3|redis]

 		[-debug]

 		[-debug-sql]

@@ -56,8 +55,7 @@ func (p *ServerCmd) SetFlags(f *flag.Fla

 	defaultLogDir := util.GetDefaultLogDir()

 	f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log")

-	pwd := os.Getenv("PWD")

-	f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3",

+	f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3",

 		"/path/to/sqlite3 or SQL connection string")

 	f.StringVar(&p.dbtype, "dbtype", "sqlite3",

#!/bin/sh

# PROVIDE: vuls-cve-dictionary

# REQUIRE: LOGIN

# KEYWORD: shutdown

#

# Add the following lines to /etc/rc.conf.local or /etc/rc.conf

# to enable this service:

#

# vuls_cve_dictionary_enable (bool):     Set to NO by default

#                                        Set it to YES to enable the CVE server

# vuls_cve_dictionary_user (string):     Set user to run vuls_cve_dictionary

#                                        Default is "vuls"

# vuls_cve_dictionary_group (string):    Set group to run vuls_cve_dictionary

#                                        Default is "vuls"

# vuls_cve_dictionary_db_path (string):  Set database path

#                                        Default is "/var/db/vuls/cve.sqlite3"

# vuls_cve_dictionary_db_type (string):  Set database type

#                                        Default is "sqlite3"

# vuls_cve_dictionary_log_file (string): Set file that vuls_cve_dictionary will log to

#                                        Default is "/var/log/vuls/vuls_cve_dictionary.log"

# vuls_cve_dictionary_args (string):     Set additional command line arguments

#                                        Default is ""

. /etc/rc.subr

name=vuls_cve_dictionary

rcvar=vuls_cve_dictionary_enable

load_rc_config $name

: ${vuls_cve_dictionary_enable:="NO"}

: ${vuls_cve_dictionary_user:="vuls"}

: ${vuls_cve_dictionary_group:="vuls"}

: ${vuls_cve_dictionary_db_path:="/var/db/vuls/cve.sqlite3"}

: ${vuls_cve_dictionary_db_type:="sqlite3"}

: ${vuls_cve_dictionary_log_file:="/var/log/vuls/vuls_cve_dictionary.log"}

: ${vuls_cve_dictionary_args:=""}

pidfile=/var/run/vuls_cve_dictionary.pid

command="/usr/sbin/daemon"

procname="%%PREFIX%%/bin/vuls-cve-dictionary"

command_args="-p ${pidfile} /usr/bin/env ${procname} server \

                -dbpath=${vuls_cve_dictionary_db_path} \

                -dbtype=${vuls_cve_dictionary_db_type} \

                ${vuls_cve_dictionary_args} >> ${vuls_cve_dictionary_log_file} 2>&1"

start_precmd=vuls_cve_dictionary_startprecmd

vuls_cve_dictionary_startprecmd()

{

    if [ ! -e ${pidfile} ]; then

        install -o ${vuls_cve_dictionary_user} -g ${vuls_cve_dictionary_group} \

            -m 640 /dev/null ${pidfile};

    fi

    if [ ! -f "${vuls_cve_dictionary_log_file}" ]; then

        install -o ${vuls_cve_dictionary_user} -g ${vuls_cve_dictionary_group} \

            -m 640 /dev/null ${vuls_cve_dictionary_log_file};

    fi

}

load_rc_config $name

run_rc_command "$1"

vuls-cve-dictionary builds a a local copy of the National Vulnerabilities

Database(NVD) and Japan Vulnerability Notes(JVN). NVD and JVN contain security

vulnerabilities according to their CVE identifiers including exhaustive

information and a risk score. The local copy is generated in sqlite format.

A server is included for easy querying.

WWW: https://github.com/kotakanbe/go-cve-dictionary/

===============================================================================

Download CVEs:

for i in `seq 2002 $(date +"%Y")`; \

    do vuls-cve-dictionary fetchnvd -years $i; \

    done

===============================================================================

bin/%%GO_PKGNAME%%

@dir(vuls,vuls,0775) /var/db/vuls

@dir(vuls,vuls,0775) /var/log/vuls