mirror of
https://git.freebsd.org/ports.git
synced 2025-04-28 09:36:41 -04:00
security/py-plaso: update to 20240826
This commit is contained in:
Antoine Brodin
parent
463ff015cd
commit
dd7ef094cb
7 changed files with 114 additions and 18 deletions
|
|
@ -1,6 +1,5 @@
|
||||||
PORTNAME= plaso
|
PORTNAME= plaso
|
||||||
PORTVERSION= 20231224
|
PORTVERSION= 20240826
|
||||||
PORTREVISION= 3
|
|
||||||
CATEGORIES= security python
|
CATEGORIES= security python
|
||||||
MASTER_SITES= https://github.com/log2timeline/plaso/releases/download/${PORTVERSION}/ \
|
MASTER_SITES= https://github.com/log2timeline/plaso/releases/download/${PORTVERSION}/ \
|
||||||
LOCAL/antoine
|
LOCAL/antoine
|
||||||
|
|
@ -13,10 +12,13 @@ WWW= https://github.com/log2timeline/plaso/wiki
|
||||||
LICENSE= APACHE20
|
LICENSE= APACHE20
|
||||||
LICENSE_FILE= ${WRKSRC}/LICENSE
|
LICENSE_FILE= ${WRKSRC}/LICENSE
|
||||||
|
|
||||||
|
BUILD_DEPENDS= ${PY_SETUPTOOLS} \
|
||||||
|
${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR}
|
||||||
RUN_DEPENDS= libcaes>=a:security/libcaes \
|
RUN_DEPENDS= libcaes>=a:security/libcaes \
|
||||||
libesedb>=e:devel/libesedb \
|
libesedb>=e:devel/libesedb \
|
||||||
libevt>=a:devel/libevt \
|
libevt>=a:devel/libevt \
|
||||||
libevtx>=a:devel/libevtx \
|
libevtx>=a:devel/libevtx \
|
||||||
|
libfcrypto>=a:security/libfcrypto \
|
||||||
libfwsi>=e:devel/libfwsi \
|
libfwsi>=e:devel/libfwsi \
|
||||||
liblnk>=0:devel/liblnk \
|
liblnk>=0:devel/liblnk \
|
||||||
libmsiecf>=a:devel/libmsiecf \
|
libmsiecf>=a:devel/libmsiecf \
|
||||||
|
|
@ -28,19 +30,18 @@ RUN_DEPENDS= libcaes>=a:security/libcaes \
|
||||||
${PYTHON_PKGNAMEPREFIX}artifacts>=0:security/py-artifacts@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}artifacts>=0:security/py-artifacts@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}bencode.py>=0:converters/py-bencode.py@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}bencode.py>=0:converters/py-bencode.py@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}certifi>=0:security/py-certifi@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}certifi>=0:security/py-certifi@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \
|
|
||||||
${PYTHON_PKGNAMEPREFIX}defusedxml>=0:devel/py-defusedxml@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}defusedxml>=0:devel/py-defusedxml@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}dfdatetime>=0:security/py-dfdatetime@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}dfdatetime>=0:security/py-dfdatetime@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}dfvfs>=0:filesystems/py-dfvfs@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}dfvfs>=0:filesystems/py-dfvfs@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}dfwinreg>=0:security/py-dfwinreg@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}dfwinreg>=0:security/py-dfwinreg@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}dtfabric>=0:devel/py-dtfabric@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}dtfabric>=0:devel/py-dtfabric@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}Flor>=0:textproc/py-flor@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}Flor>=0:textproc/py-flor@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}future>=0:devel/py-future@${PY_FLAVOR} \
|
|
||||||
${PYTHON_PKGNAMEPREFIX}lz4>=0:archivers/py-lz4@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}lz4>=0:archivers/py-lz4@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}opensearch-py>=0:textproc/py-opensearch-py@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}opensearch-py>=0:textproc/py-opensearch-py@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}pefile>=0:devel/py-pefile@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}pefile>=0:devel/py-pefile@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}psutil>=0:sysutils/py-psutil@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}psutil>=0:sysutils/py-psutil@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}pyparsing>=0:devel/py-pyparsing@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}pyparsing>=0:devel/py-pyparsing@${PY_FLAVOR} \
|
||||||
|
${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}pytsk>=0:sysutils/py-pytsk@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}pytsk>=0:sysutils/py-pytsk@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}pytz>=0:devel/py-pytz@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}pytz>=0:devel/py-pytz@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}pyzmq>=0:net/py-pyzmq@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}pyzmq>=0:net/py-pyzmq@${PY_FLAVOR} \
|
||||||
|
|
@ -48,7 +49,6 @@ RUN_DEPENDS= libcaes>=a:security/libcaes \
|
||||||
${PYTHON_PKGNAMEPREFIX}requests>=0:www/py-requests@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}requests>=0:www/py-requests@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}six>=0:devel/py-six@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}six>=0:devel/py-six@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}sqlite3>=0:databases/py-sqlite3@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}sqlite3>=0:databases/py-sqlite3@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}urllib3>=0:net/py-urllib3@${PY_FLAVOR} \
|
|
||||||
${PYTHON_PKGNAMEPREFIX}xattr>=0:devel/py-xattr@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}xattr>=0:devel/py-xattr@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}XlsxWriter>=0:textproc/py-xlsxwriter@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}XlsxWriter>=0:textproc/py-xlsxwriter@${PY_FLAVOR} \
|
||||||
${PYTHON_PKGNAMEPREFIX}pyyaml>=0:devel/py-pyyaml@${PY_FLAVOR} \
|
${PYTHON_PKGNAMEPREFIX}pyyaml>=0:devel/py-pyyaml@${PY_FLAVOR} \
|
||||||
|
|
@ -59,7 +59,7 @@ TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}fakeredis>=0:databases/py-fakeredis@${PY_FL
|
||||||
|
|
||||||
USES= python
|
USES= python
|
||||||
USE_LOCALE= en_US.UTF-8
|
USE_LOCALE= en_US.UTF-8
|
||||||
USE_PYTHON= autoplist concurrent cryptography distutils
|
USE_PYTHON= autoplist concurrent cryptography pep517
|
||||||
# Upstream archive contains files with UTF-8 names
|
# Upstream archive contains files with UTF-8 names
|
||||||
EXTRACT_CMD= ${SETENV} LANG=${USE_LOCALE} LC_ALL=${USE_LOCALE} ${TAR}
|
EXTRACT_CMD= ${SETENV} LANG=${USE_LOCALE} LC_ALL=${USE_LOCALE} ${TAR}
|
||||||
DO_MAKE_TEST= ${SETENV} ${TEST_ENV} ${PYTHON_CMD}
|
DO_MAKE_TEST= ${SETENV} ${TEST_ENV} ${PYTHON_CMD}
|
||||||
|
|
@ -67,13 +67,4 @@ TEST_TARGET= run_tests.py
|
||||||
|
|
||||||
NO_ARCH= yes
|
NO_ARCH= yes
|
||||||
|
|
||||||
post-patch:
|
|
||||||
${REINPLACE_CMD} "s|'share', 'artifacts'|'share', '${PYTHON_PKGNAMEPREFIX}artifacts'|" \
|
|
||||||
${WRKSRC}/plaso/cli/helpers/artifact_definitions.py
|
|
||||||
${REINPLACE_CMD} "s|'share', 'plaso'|'share', '${PYTHON_PKGNAMEPREFIX}plaso'|" \
|
|
||||||
${WRKSRC}/plaso/cli/helpers/data_location.py
|
|
||||||
${REINPLACE_CMD} "s|share/plaso|${DATADIR_REL}|" \
|
|
||||||
${WRKSRC}/setup.py
|
|
||||||
${REINPLACE_CMD} "/cffi/d" ${WRKSRC}/requirements.txt
|
|
||||||
|
|
||||||
.include <bsd.port.mk>
|
.include <bsd.port.mk>
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
TIMESTAMP = 1707838875
|
TIMESTAMP = 1739801390
|
||||||
SHA256 (plaso-20231224.tar.gz) = af106a449746830632affc578e2f80439ae7c4220f17e4a39630e8c9879ba8bf
|
SHA256 (plaso-20240826.tar.gz) = 4ac3a65cf31b87e507edc4c4d628a693703a6f1b933553da2fbe402a2250ef30
|
||||||
SIZE (plaso-20231224.tar.gz) = 195666335
|
SIZE (plaso-20240826.tar.gz) = 196604839
|
||||||
|
|
|
||||||
47
security/py-plaso/files/patch-plaso_output_winevt__rc.py
Normal file
47
security/py-plaso/files/patch-plaso_output_winevt__rc.py
Normal file
|
|
@ -0,0 +1,47 @@
|
||||||
|
--- plaso/output/winevt_rc.py.orig 2024-06-08 09:38:22 UTC
|
||||||
|
+++ plaso/output/winevt_rc.py
|
||||||
|
@@ -16,7 +16,7 @@ class Sqlite3DatabaseFile(object):
|
||||||
|
|
||||||
|
_HAS_TABLE_QUERY = (
|
||||||
|
'SELECT name FROM sqlite_master '
|
||||||
|
- 'WHERE type = "table" AND name = "{0:s}"')
|
||||||
|
+ 'WHERE type = \'table\' AND name = \'{0:s}\'')
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
"""Initializes the database file object."""
|
||||||
|
@@ -166,7 +166,7 @@ class WinevtResourcesSqlite3DatabaseReader(object):
|
||||||
|
"""
|
||||||
|
table_names = ['event_log_providers']
|
||||||
|
column_names = ['event_log_provider_key']
|
||||||
|
- condition = f'log_source == "{log_source:s}"'
|
||||||
|
+ condition = f'log_source == \'{log_source:s}\''
|
||||||
|
|
||||||
|
values_list = list(self._database_file.GetValues(
|
||||||
|
table_names, column_names, condition))
|
||||||
|
@@ -202,7 +202,7 @@ class WinevtResourcesSqlite3DatabaseReader(object):
|
||||||
|
return None
|
||||||
|
|
||||||
|
column_names = ['message_string']
|
||||||
|
- condition = f'message_identifier == "0x{message_identifier:08x}"'
|
||||||
|
+ condition = f'message_identifier == \'0x{message_identifier:08x}\''
|
||||||
|
|
||||||
|
values = list(self._database_file.GetValues(
|
||||||
|
[table_name], column_names, condition))
|
||||||
|
@@ -290,7 +290,7 @@ class WinevtResourcesSqlite3DatabaseReader(object):
|
||||||
|
return None
|
||||||
|
|
||||||
|
column_names = ['value']
|
||||||
|
- condition = f'name == "{attribute_name:s}"'
|
||||||
|
+ condition = f'name == \'{attribute_name:s}\''
|
||||||
|
|
||||||
|
values = list(self._database_file.GetValues(
|
||||||
|
[table_name], column_names, condition))
|
||||||
|
@@ -485,7 +485,7 @@ class WinevtResourcesHelper(object):
|
||||||
|
'windows_wevt_template_event'):
|
||||||
|
# TODO: add message_file_identifiers to filter_expression
|
||||||
|
filter_expression = (
|
||||||
|
- f'provider_identifier == "{provider_identifier:s}" and '
|
||||||
|
+ f'provider_identifier == \'{provider_identifier:s}\' and '
|
||||||
|
f'identifier == {message_identifier:d}')
|
||||||
|
if event_version is not None:
|
||||||
|
filter_expression = (
|
||||||
13
security/py-plaso/files/patch-plaso_parsers_sqlite.py
Normal file
13
security/py-plaso/files/patch-plaso_parsers_sqlite.py
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
--- plaso/parsers/sqlite.py.orig 2024-06-08 09:38:22 UTC
|
||||||
|
+++ plaso/parsers/sqlite.py
|
||||||
|
@@ -118,8 +118,8 @@ class SQLiteDatabase(object):
|
||||||
|
SCHEMA_QUERY = (
|
||||||
|
'SELECT tbl_name, sql '
|
||||||
|
'FROM sqlite_master '
|
||||||
|
- 'WHERE type = "table" AND tbl_name != "xp_proc" '
|
||||||
|
- 'AND tbl_name != "sqlite_sequence"')
|
||||||
|
+ 'WHERE type = \'table\' AND tbl_name != \'xp_proc\' '
|
||||||
|
+ 'AND tbl_name != \'sqlite_sequence\'')
|
||||||
|
|
||||||
|
def __init__(self, filename, temporary_directory=None):
|
||||||
|
"""Initializes a SQLite database.
|
||||||
|
|
@ -0,0 +1,11 @@
|
||||||
|
--- plaso/parsers/sqlite_plugins/imessage.py.orig 2024-06-08 09:38:22 UTC
|
||||||
|
+++ plaso/parsers/sqlite_plugins/imessage.py
|
||||||
|
@@ -81,7 +81,7 @@ class IMessagePlugin(interface.SQLitePlugin):
|
||||||
|
|
||||||
|
_CLIENT_VERSION_QUERY = (
|
||||||
|
'SELECT key, value FROM _SqliteDatabaseProperties '
|
||||||
|
- 'WHERE key = "_ClientVersion"')
|
||||||
|
+ 'WHERE key = \'_ClientVersion\'')
|
||||||
|
|
||||||
|
def _GetClientVersion(self, cache, database):
|
||||||
|
"""Retrieves the client version.
|
||||||
|
|
@ -0,0 +1,16 @@
|
||||||
|
--- plaso/parsers/sqlite_plugins/windows_timeline.py.orig 2024-06-08 09:38:22 UTC
|
||||||
|
+++ plaso/parsers/sqlite_plugins/windows_timeline.py
|
||||||
|
@@ -89,10 +89,10 @@ class WindowsTimelinePlugin(interface.SQLitePlugin):
|
||||||
|
QUERIES = [
|
||||||
|
(('SELECT StartTime, Payload, PackageName FROM Activity '
|
||||||
|
'INNER JOIN Activity_PackageId ON Activity.Id = '
|
||||||
|
- 'Activity_PackageId.ActivityId WHERE instr(Payload, "UserEngaged") > 0'
|
||||||
|
- ' AND Platform = "packageid"'), 'ParseUserEngagedRow'),
|
||||||
|
+ 'Activity_PackageId.ActivityId WHERE instr(Payload, \'UserEngaged\') > 0'
|
||||||
|
+ ' AND Platform = \'packageid\''), 'ParseUserEngagedRow'),
|
||||||
|
(('SELECT StartTime, Payload, AppId FROM Activity '
|
||||||
|
- 'WHERE instr(Payload, "UserEngaged") = 0'), 'ParseGenericRow')]
|
||||||
|
+ 'WHERE instr(Payload, \'UserEngaged\') = 0'), 'ParseGenericRow')]
|
||||||
|
|
||||||
|
SCHEMAS = [{
|
||||||
|
'Activity': (
|
||||||
|
|
@ -0,0 +1,18 @@
|
||||||
|
--- tests/storage/sqlite/sqlite_file.py.orig 2024-06-08 09:38:23 UTC
|
||||||
|
+++ tests/storage/sqlite/sqlite_file.py
|
||||||
|
@@ -136,13 +136,13 @@ class SQLiteStorageFileTest(test_lib.StorageTestCase):
|
||||||
|
event_data_stream.CONTAINER_TYPE, column_names=column_names))
|
||||||
|
self.assertEqual(len(containers), 1)
|
||||||
|
|
||||||
|
- filter_expression = 'md5_hash == "8f0bf95a7959baad9666b21a7feed79d"'
|
||||||
|
+ filter_expression = 'md5_hash == \'8f0bf95a7959baad9666b21a7feed79d\''
|
||||||
|
containers = list(test_store._GetAttributeContainersWithFilter(
|
||||||
|
event_data_stream.CONTAINER_TYPE, column_names=column_names,
|
||||||
|
filter_expression=filter_expression))
|
||||||
|
self.assertEqual(len(containers), 1)
|
||||||
|
|
||||||
|
- filter_expression = 'md5_hash != "8f0bf95a7959baad9666b21a7feed79d"'
|
||||||
|
+ filter_expression = 'md5_hash != \'8f0bf95a7959baad9666b21a7feed79d\''
|
||||||
|
containers = list(test_store._GetAttributeContainersWithFilter(
|
||||||
|
event_data_stream.CONTAINER_TYPE, column_names=column_names,
|
||||||
|
filter_expression=filter_expression))
|
||||||
Loading…
Add table
Reference in a new issue