[Openvas-devel] OpenVAS NVT Feed as Tarball

Dirk Jagdmann d.jagdmann at dn-systems.de
Thu Oct 22 20:53:17 CEST 2009


Hello Vlatko,

your new script looks good, but I don't like the concatenation of multiple
program invocations with &&, because if one of them fails, nobody knows which
one failed. I suggest replacing something like:

mkdir -p "$NVT_DIR" \
&& wget "$OVHTTPFEED" -O $TMPNVT \
&& cd "$NVT_DIR" \
&& tar xvjf $TMPNVT \
&& rm -f $TMPVNT \
&& echo "[i] Download complete"

with

errexit()
{
  echo "$*"
  exit 1
}

mkdir -p "$NVT_DIR" || errexit "could not mkdir $NVT_DIR"
wget "$OVHTTPFEED" -O $TMPNVT || errexit "could not download feed with wget"
cd "$NVT_DIR" || errexit "could not chdir to $NVT_DIR"
tar xvjf $TMPNVT || errexit "could not untar $TMPNVT"
rm -f $TMPVNT || errexit "could not remove $TMPNVT" # although a failure here
would not be fatal...
echo "[i] Download complete"


Further I don't understand why you use eval "..." when checking the md5sums of
the tarball, with a function like errexit() you can check the chdir and md5sum
invocation in two steps.

And as a third point, your parsing of the command line arguments to your script
only works when a single argument is given. If I invoke something like
"openvas-nvt-sync --check --curl" it's not going to work. What you need here is
a "while" loop to check $# combined with "shift" in the loop body to parse all
arguments present on the command line.

-- 
Dirk Jagdmann <d.jagdmann at dn-systems.de> : Coder
Tel. +49-5121-28989-15
--
DN-Systems Enterprise Internet Solutions GmbH
Hornemannstr. 11 31137 Hildesheim, Germany
Tel. +49-5121-28989-0 Fax. +49-5121-28989-11
Handelsregister HRB-3213 Amtsgericht Hildesheim
Geschäftsführer: Lukas Grunwald


More information about the Openvas-devel mailing list