From nobody Tue Feb 18 10:13:43 2025 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YxwN75XHMz5pLw1; Tue, 18 Feb 2025 10:13:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YxwN72XyWz41F2; Tue, 18 Feb 2025 10:13:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1739873623; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ENBfP9JGI11p6TfcY3cQx7OfFVBuAFO9j8mO72l5pwY=; b=C9901BdQep5ImHj3GaPQJyEDSMQpx7zJwGO1k/4xQaPkHs4RmDXdymO3sh24K+Zk4d7Cz+ l2DSNQa06zE3aRpep3lQcBqYyfH1+3uV+4tHxFiRzEmw9AXDtQUrlBwTLVdc7z2EVkL+9h 71GND5EdH0ptotlSYrraHd1Us3yTa6Yh9Nsx4eGoTHDbYui0DAyUCHJiIVOv167lZnPgka T1InF/TgQDbCr94KB/LPMn3WLdtJYASWC65FWMPX6ajD8bUOtN4jahPW89Utk7wAw/1H0F FE5JbAFT3yY0VoguhfRroLxCf+om9uFsBt6P+yD0yXPJqQs9s3TQ8X6nHceBjw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1739873623; a=rsa-sha256; cv=none; b=AS4STAwB1CfH3gmDASLiPiTZLs/OYbe6lQGR9GbDPdN3J9jw2Cm2P/d49caXRuT6LpwVqO KACsc601Er/KS1oeCRury4PNuGZdQcKxhaJYYEUhKMCZ5zausvJvWjO0Gx1EDJ6In4wXrX 1gvQ16YI58Jc+FWMrXDwRR65zqRDP11tIHdTNTTFHe5zJoFwUBq3oWLY72aFkFDGy699xU QWSwdsifnLCFF7wWa7F3cRc59xtupm8xO7kp0nljAZNDinvuAYDvP7UEOE7thvuHUiEadY cLLlISJT/Z7/zPe4tsl9PPiUOSw2Wqpv30my/Vj+pCxzGbqsMMSUlgUwhbny7A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1739873623; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ENBfP9JGI11p6TfcY3cQx7OfFVBuAFO9j8mO72l5pwY=; b=WsRN/6Zsg8vHtzpyBddjhZ0MhbjGV4RHS7HrJJHJLnG+johmWSFN6goBQXc8y7xLEBxxZD 9BCHcwUYoP/lZqNUVlSWTXa7CzIA3nHR6eZumGVhOQ15pLsmhme48eR2KZZJVZOP3NaFcF lRDVwWSViiDqB6dxqOAf/Pex6kF7TRS7aWtdBP+pBR3QI59BV+XMxwc0EMfaJ0w4vWP8F2 4Qu7cK3qJUFf6oyaqk1lLIfGTUJ7XnDz32HWulJ1xVOcYaBy+D3vlULo7NkXnQYVu7k/sj Dq9Fb8uFjcHyI0WagMq7T4+iF6aYSgrIlC/M81doMsGP6DGFpmtNAPs+0FRn/A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YxwN71QkWz11t; Tue, 18 Feb 2025 10:13:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 51IADhZM075539; Tue, 18 Feb 2025 10:13:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 51IADhc4075536; Tue, 18 Feb 2025 10:13:43 GMT (envelope-from git) Date: Tue, 18 Feb 2025 10:13:43 GMT Message-Id: <202502181013.51IADhc4075536@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Antoine Brodin Subject: git: dd7ef094cbf4 - main - security/py-plaso: update to 20240826 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-all@freebsd.org Sender: owner-dev-commits-ports-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: antoine X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: dd7ef094cbf439f7af5c44c9fbc07c0af649acd8 Auto-Submitted: auto-generated The branch main has been updated by antoine: URL: https://cgit.FreeBSD.org/ports/commit/?id=dd7ef094cbf439f7af5c44c9fbc07c0af649acd8 commit dd7ef094cbf439f7af5c44c9fbc07c0af649acd8 Author: Antoine Brodin AuthorDate: 2025-02-18 10:13:10 +0000 Commit: Antoine Brodin CommitDate: 2025-02-18 10:13:10 +0000 security/py-plaso: update to 20240826 --- security/py-plaso/Makefile | 21 +++------- security/py-plaso/distinfo | 6 +-- .../files/patch-plaso_output_winevt__rc.py | 47 ++++++++++++++++++++++ .../py-plaso/files/patch-plaso_parsers_sqlite.py | 13 ++++++ ...patch-plaso_parsers_sqlite__plugins_imessage.py | 11 +++++ ...so_parsers_sqlite__plugins_windows__timeline.py | 16 ++++++++ .../patch-tests_storage_sqlite_sqlite__file.py | 18 +++++++++ 7 files changed, 114 insertions(+), 18 deletions(-) diff --git a/security/py-plaso/Makefile b/security/py-plaso/Makefile index 78c0b58a819c..fe4c2d123089 100644 --- a/security/py-plaso/Makefile +++ b/security/py-plaso/Makefile @@ -1,6 +1,5 @@ PORTNAME= plaso -PORTVERSION= 20231224 -PORTREVISION= 3 +PORTVERSION= 20240826 CATEGORIES= security python MASTER_SITES= https://github.com/log2timeline/plaso/releases/download/${PORTVERSION}/ \ LOCAL/antoine @@ -13,10 +12,13 @@ WWW= https://github.com/log2timeline/plaso/wiki LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE +BUILD_DEPENDS= ${PY_SETUPTOOLS} \ + ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} RUN_DEPENDS= libcaes>=a:security/libcaes \ libesedb>=e:devel/libesedb \ libevt>=a:devel/libevt \ libevtx>=a:devel/libevtx \ + libfcrypto>=a:security/libfcrypto \ libfwsi>=e:devel/libfwsi \ liblnk>=0:devel/liblnk \ libmsiecf>=a:devel/libmsiecf \ @@ -28,19 +30,18 @@ RUN_DEPENDS= libcaes>=a:security/libcaes \ ${PYTHON_PKGNAMEPREFIX}artifacts>=0:security/py-artifacts@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}bencode.py>=0:converters/py-bencode.py@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}certifi>=0:security/py-certifi@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}defusedxml>=0:devel/py-defusedxml@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}dfdatetime>=0:security/py-dfdatetime@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}dfvfs>=0:filesystems/py-dfvfs@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}dfwinreg>=0:security/py-dfwinreg@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}dtfabric>=0:devel/py-dtfabric@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}Flor>=0:textproc/py-flor@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}future>=0:devel/py-future@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}lz4>=0:archivers/py-lz4@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}opensearch-py>=0:textproc/py-opensearch-py@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pefile>=0:devel/py-pefile@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}psutil>=0:sysutils/py-psutil@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyparsing>=0:devel/py-pyparsing@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pytsk>=0:sysutils/py-pytsk@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pytz>=0:devel/py-pytz@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyzmq>=0:net/py-pyzmq@${PY_FLAVOR} \ @@ -48,7 +49,6 @@ RUN_DEPENDS= libcaes>=a:security/libcaes \ ${PYTHON_PKGNAMEPREFIX}requests>=0:www/py-requests@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}six>=0:devel/py-six@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}sqlite3>=0:databases/py-sqlite3@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}urllib3>=0:net/py-urllib3@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}xattr>=0:devel/py-xattr@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}XlsxWriter>=0:textproc/py-xlsxwriter@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pyyaml>=0:devel/py-pyyaml@${PY_FLAVOR} \ @@ -59,7 +59,7 @@ TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}fakeredis>=0:databases/py-fakeredis@${PY_FL USES= python USE_LOCALE= en_US.UTF-8 -USE_PYTHON= autoplist concurrent cryptography distutils +USE_PYTHON= autoplist concurrent cryptography pep517 # Upstream archive contains files with UTF-8 names EXTRACT_CMD= ${SETENV} LANG=${USE_LOCALE} LC_ALL=${USE_LOCALE} ${TAR} DO_MAKE_TEST= ${SETENV} ${TEST_ENV} ${PYTHON_CMD} @@ -67,13 +67,4 @@ TEST_TARGET= run_tests.py NO_ARCH= yes -post-patch: - ${REINPLACE_CMD} "s|'share', 'artifacts'|'share', '${PYTHON_PKGNAMEPREFIX}artifacts'|" \ - ${WRKSRC}/plaso/cli/helpers/artifact_definitions.py - ${REINPLACE_CMD} "s|'share', 'plaso'|'share', '${PYTHON_PKGNAMEPREFIX}plaso'|" \ - ${WRKSRC}/plaso/cli/helpers/data_location.py - ${REINPLACE_CMD} "s|share/plaso|${DATADIR_REL}|" \ - ${WRKSRC}/setup.py - ${REINPLACE_CMD} "/cffi/d" ${WRKSRC}/requirements.txt - .include diff --git a/security/py-plaso/distinfo b/security/py-plaso/distinfo index a2cd2b3a9e7c..89e97705d81c 100644 --- a/security/py-plaso/distinfo +++ b/security/py-plaso/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1707838875 -SHA256 (plaso-20231224.tar.gz) = af106a449746830632affc578e2f80439ae7c4220f17e4a39630e8c9879ba8bf -SIZE (plaso-20231224.tar.gz) = 195666335 +TIMESTAMP = 1739801390 +SHA256 (plaso-20240826.tar.gz) = 4ac3a65cf31b87e507edc4c4d628a693703a6f1b933553da2fbe402a2250ef30 +SIZE (plaso-20240826.tar.gz) = 196604839 diff --git a/security/py-plaso/files/patch-plaso_output_winevt__rc.py b/security/py-plaso/files/patch-plaso_output_winevt__rc.py new file mode 100644 index 000000000000..8513d7181c47 --- /dev/null +++ b/security/py-plaso/files/patch-plaso_output_winevt__rc.py @@ -0,0 +1,47 @@ +--- plaso/output/winevt_rc.py.orig 2024-06-08 09:38:22 UTC ++++ plaso/output/winevt_rc.py +@@ -16,7 +16,7 @@ class Sqlite3DatabaseFile(object): + + _HAS_TABLE_QUERY = ( + 'SELECT name FROM sqlite_master ' +- 'WHERE type = "table" AND name = "{0:s}"') ++ 'WHERE type = \'table\' AND name = \'{0:s}\'') + + def __init__(self): + """Initializes the database file object.""" +@@ -166,7 +166,7 @@ class WinevtResourcesSqlite3DatabaseReader(object): + """ + table_names = ['event_log_providers'] + column_names = ['event_log_provider_key'] +- condition = f'log_source == "{log_source:s}"' ++ condition = f'log_source == \'{log_source:s}\'' + + values_list = list(self._database_file.GetValues( + table_names, column_names, condition)) +@@ -202,7 +202,7 @@ class WinevtResourcesSqlite3DatabaseReader(object): + return None + + column_names = ['message_string'] +- condition = f'message_identifier == "0x{message_identifier:08x}"' ++ condition = f'message_identifier == \'0x{message_identifier:08x}\'' + + values = list(self._database_file.GetValues( + [table_name], column_names, condition)) +@@ -290,7 +290,7 @@ class WinevtResourcesSqlite3DatabaseReader(object): + return None + + column_names = ['value'] +- condition = f'name == "{attribute_name:s}"' ++ condition = f'name == \'{attribute_name:s}\'' + + values = list(self._database_file.GetValues( + [table_name], column_names, condition)) +@@ -485,7 +485,7 @@ class WinevtResourcesHelper(object): + 'windows_wevt_template_event'): + # TODO: add message_file_identifiers to filter_expression + filter_expression = ( +- f'provider_identifier == "{provider_identifier:s}" and ' ++ f'provider_identifier == \'{provider_identifier:s}\' and ' + f'identifier == {message_identifier:d}') + if event_version is not None: + filter_expression = ( diff --git a/security/py-plaso/files/patch-plaso_parsers_sqlite.py b/security/py-plaso/files/patch-plaso_parsers_sqlite.py new file mode 100644 index 000000000000..617764ff23a8 --- /dev/null +++ b/security/py-plaso/files/patch-plaso_parsers_sqlite.py @@ -0,0 +1,13 @@ +--- plaso/parsers/sqlite.py.orig 2024-06-08 09:38:22 UTC ++++ plaso/parsers/sqlite.py +@@ -118,8 +118,8 @@ class SQLiteDatabase(object): + SCHEMA_QUERY = ( + 'SELECT tbl_name, sql ' + 'FROM sqlite_master ' +- 'WHERE type = "table" AND tbl_name != "xp_proc" ' +- 'AND tbl_name != "sqlite_sequence"') ++ 'WHERE type = \'table\' AND tbl_name != \'xp_proc\' ' ++ 'AND tbl_name != \'sqlite_sequence\'') + + def __init__(self, filename, temporary_directory=None): + """Initializes a SQLite database. diff --git a/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_imessage.py b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_imessage.py new file mode 100644 index 000000000000..7e11a5b021d3 --- /dev/null +++ b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_imessage.py @@ -0,0 +1,11 @@ +--- plaso/parsers/sqlite_plugins/imessage.py.orig 2024-06-08 09:38:22 UTC ++++ plaso/parsers/sqlite_plugins/imessage.py +@@ -81,7 +81,7 @@ class IMessagePlugin(interface.SQLitePlugin): + + _CLIENT_VERSION_QUERY = ( + 'SELECT key, value FROM _SqliteDatabaseProperties ' +- 'WHERE key = "_ClientVersion"') ++ 'WHERE key = \'_ClientVersion\'') + + def _GetClientVersion(self, cache, database): + """Retrieves the client version. diff --git a/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_windows__timeline.py b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_windows__timeline.py new file mode 100644 index 000000000000..19263bebcf9b --- /dev/null +++ b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_windows__timeline.py @@ -0,0 +1,16 @@ +--- plaso/parsers/sqlite_plugins/windows_timeline.py.orig 2024-06-08 09:38:22 UTC ++++ plaso/parsers/sqlite_plugins/windows_timeline.py +@@ -89,10 +89,10 @@ class WindowsTimelinePlugin(interface.SQLitePlugin): + QUERIES = [ + (('SELECT StartTime, Payload, PackageName FROM Activity ' + 'INNER JOIN Activity_PackageId ON Activity.Id = ' +- 'Activity_PackageId.ActivityId WHERE instr(Payload, "UserEngaged") > 0' +- ' AND Platform = "packageid"'), 'ParseUserEngagedRow'), ++ 'Activity_PackageId.ActivityId WHERE instr(Payload, \'UserEngaged\') > 0' ++ ' AND Platform = \'packageid\''), 'ParseUserEngagedRow'), + (('SELECT StartTime, Payload, AppId FROM Activity ' +- 'WHERE instr(Payload, "UserEngaged") = 0'), 'ParseGenericRow')] ++ 'WHERE instr(Payload, \'UserEngaged\') = 0'), 'ParseGenericRow')] + + SCHEMAS = [{ + 'Activity': ( diff --git a/security/py-plaso/files/patch-tests_storage_sqlite_sqlite__file.py b/security/py-plaso/files/patch-tests_storage_sqlite_sqlite__file.py new file mode 100644 index 000000000000..96cf800956fc --- /dev/null +++ b/security/py-plaso/files/patch-tests_storage_sqlite_sqlite__file.py @@ -0,0 +1,18 @@ +--- tests/storage/sqlite/sqlite_file.py.orig 2024-06-08 09:38:23 UTC ++++ tests/storage/sqlite/sqlite_file.py +@@ -136,13 +136,13 @@ class SQLiteStorageFileTest(test_lib.StorageTestCase): + event_data_stream.CONTAINER_TYPE, column_names=column_names)) + self.assertEqual(len(containers), 1) + +- filter_expression = 'md5_hash == "8f0bf95a7959baad9666b21a7feed79d"' ++ filter_expression = 'md5_hash == \'8f0bf95a7959baad9666b21a7feed79d\'' + containers = list(test_store._GetAttributeContainersWithFilter( + event_data_stream.CONTAINER_TYPE, column_names=column_names, + filter_expression=filter_expression)) + self.assertEqual(len(containers), 1) + +- filter_expression = 'md5_hash != "8f0bf95a7959baad9666b21a7feed79d"' ++ filter_expression = 'md5_hash != \'8f0bf95a7959baad9666b21a7feed79d\'' + containers = list(test_store._GetAttributeContainersWithFilter( + event_data_stream.CONTAINER_TYPE, column_names=column_names, + filter_expression=filter_expression))