Jan 192015
 

mandree reported a problem with security/openvpn-auth-ldap.

Bad broken & revision

Bad broken & revision

Looking in the database:

Looking at the database, the webpage is displaying what is there:

freshports.org=# select id, last_commit_id, name, version, revision, broken from ports_active where name = 'openvpn-auth-ldap';
  id   | last_commit_id |       name        |    version    | revision |                                               broken                                                
-------+----------------+-------------------+---------------+----------+-----------------------------------------------------------------------------------------------------
 21504 |         557197 | openvpn-auth-ldap | 2.0.4.0.s1379 | 0        | Untested SVN-based port, report success on https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=190497
(1 row)

Let’s looking at that commit in the database:

freshports.org=# select id, message_id, message_subject, date_added from commit_log where id = 557197;
   id   |                 message_id                  |                       message_subject                       |          date_added           
--------+---------------------------------------------+-------------------------------------------------------------+-------------------------------
 557197 | 201501192036.t0JKaMNA032759@svn.freebsd.org | svn commit: r377473 - head/security/openvpn-auth-ldap/files | 2015-01-19 20:42:15.216586+00
(1 row)

OK, that’s not the commit which changed the BROKEN flag. Let’s look at that commit:

freshports.org=# select id, message_id, message_subject, date_added from commit_log where message_id = '201501192037.t0JKbXZO033083@svn.freebsd.org';
   id   |                 message_id                  |                    message_subject                    |          date_added           
--------+---------------------------------------------+-------------------------------------------------------+-------------------------------
 557194 | 201501192037.t0JKbXZO033083@svn.freebsd.org | svn commit: r377475 - head/security/openvpn-auth-ldap | 2015-01-19 20:41:18.731784+00
(1 row)

The the date_added fields? These commits were processed out of order. No doubt, they arrived out of order because of today’s DDoS.

As you can see, we record the date the commit was processed (date_added) and we also store the svn_revision. It would be fairly easy to locate such commits which were processed out of order and then replay them.

Website Pin Facebook Twitter Myspace Friendfeed Technorati del.icio.us Digg Google StumbleUpon Premium Responsive