8 files changed, 156 insertions, 38 deletions

diff --git a/app-admin/checksec/Manifest b/app-admin/checksec/Manifest
index 1c6e73c8..d3506ea3 100644
--- a/app-admin/checksec/Manifest
+++ b/app-admin/checksec/Manifest
@@ -1 +1 @@
-DIST checksec-1.5.sh 27095 SHA256 77b8a7fd9393d10def665658a41176ee745d5c7969a4a0f43cefcc8a4cd90947
+DIST checksec-1.7.3.tar.gz 49136 SHA256 d9bb3dd6be95a4d30d3ebe6adb8ae2aa64db0b9d2c475db00134a9596d555cbf
diff --git a/app-admin/checksec/checksec-1.5.ebuild b/app-admin/checksec/checksec-1.5.ebuild
deleted file mode 100644
index fcca6c67..00000000
--- a/app-admin/checksec/checksec-1.5.ebuild
+++ /dev/null
@@ -1,22 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=6
-RESTRICT="mirror"
-
-DESCRIPTION="Check for hardened protections like RELRO, NoExec, Stack protection, ASLR, PIE"
-HOMEPAGE="http://www.trapkit.de/tools/checksec.html"
-SRC_URI="http://www.trapkit.de/tools/${PN}.sh -> ${P}.sh"
-
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-S="${WORKDIR}"
-
-src_install() {
-	newbin "${DISTDIR}/${P}.sh" "${PN}"
-	insinto /usr/share/zsh/site-functions
-	doins "${FILESDIR}/_${PN}"
-}
diff --git a/app-admin/checksec/checksec-1.7.3.ebuild b/app-admin/checksec/checksec-1.7.3.ebuild
new file mode 100644
index 00000000..c4cf0bec
--- /dev/null
+++ b/app-admin/checksec/checksec-1.7.3.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+MY_PN=${PN}.sh
+DESCRIPTION="Tool to check properties of executables (e.g. ASLR/PIE, RELRO, PaX, Canaries)"
+HOMEPAGE="https://github.com/slimm609/checksec.sh"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="vanilla"
+
+case ${PV} in
+99999999*)
+	LIVE=:
+	EGIT_REPO_URI="git://github.com/slimm609/${MY_PN}.git"
+	inherit git-r3
+	PROPERTIES="live"
+	KEYWORDS=""
+	SRC_URI="";;
+*)
+	LIVE=false
+	#RESTRICT="mirror"
+	SRC_URI="https://github.com/slimm609/${MY_PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~x86"
+	S="${WORKDIR}"/${MY_PN}-${PV}
+esac
+
+
+DOCS=( ChangeLog README.md )
+
+src_prepare() {
+	eapply "${FILESDIR}"/path.patch
+	if ! use vanilla
+	then	sed -e '/--update/d' "${FILESDIR}/_${PN}" >_${PN} || die
+		sed -i -e '/--update.*)/,/;;/d' ${PN} || die
+	fi
+	eapply_user
+}
+
+src_install() {
+	dobin ${PN}
+	insinto /usr/share/zsh/site-functions
+	doins _${PN}
+	einstalldocs
+}
diff --git a/app-admin/checksec/checksec-99999999.ebuild b/app-admin/checksec/checksec-99999999.ebuild
new file mode 100644
index 00000000..c4cf0bec
--- /dev/null
+++ b/app-admin/checksec/checksec-99999999.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+MY_PN=${PN}.sh
+DESCRIPTION="Tool to check properties of executables (e.g. ASLR/PIE, RELRO, PaX, Canaries)"
+HOMEPAGE="https://github.com/slimm609/checksec.sh"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="vanilla"
+
+case ${PV} in
+99999999*)
+	LIVE=:
+	EGIT_REPO_URI="git://github.com/slimm609/${MY_PN}.git"
+	inherit git-r3
+	PROPERTIES="live"
+	KEYWORDS=""
+	SRC_URI="";;
+*)
+	LIVE=false
+	#RESTRICT="mirror"
+	SRC_URI="https://github.com/slimm609/${MY_PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~x86"
+	S="${WORKDIR}"/${MY_PN}-${PV}
+esac
+
+
+DOCS=( ChangeLog README.md )
+
+src_prepare() {
+	eapply "${FILESDIR}"/path.patch
+	if ! use vanilla
+	then	sed -e '/--update/d' "${FILESDIR}/_${PN}" >_${PN} || die
+		sed -i -e '/--update.*)/,/;;/d' ${PN} || die
+	fi
+	eapply_user
+}
+
+src_install() {
+	dobin ${PN}
+	insinto /usr/share/zsh/site-functions
+	doins _${PN}
+	einstalldocs
+}
diff --git a/app-admin/checksec/files/_checksec b/app-admin/checksec/files/_checksec
index b30e0160..35b3a6ae 100644
--- a/app-admin/checksec/files/_checksec
+++ b/app-admin/checksec/files/_checksec
@@ -1,18 +1,38 @@
 #compdef checksec
-_checksec_procname() {
-	compadd "$expl[@]" ${${${${(f)"$(_call_program processes-names ps ${${EUID/(#s)0(#e)/xa}//[0-9]#/}ho command 2> /dev/null)"//[][\(\)]/}:#(ps|COMMAND|-*)}%%\ *}:t}
-}
-_arguments : \
-'--help[print help]' \
+local curcontext="$curcontext" state state_descr line
+typeset -A opt_args
+_arguments -C : \
 '--version[print version]' \
-'--file[FILE (check FILE)]:file to check:_files' \
-'--fortify-file[FILE (check FILE for fortify)]:file for fortify:_files' \
-'--fortify-proc[ID (check ID'\''s process for fortify)]:process ID for fortify: _pids' \
-'--proc[NAME (check process NAME)]:process name:_checksec_procname' \
-'--proc-all[check all procname]' \
-'--proc-libs[ID (check ID'\''s process libs)]:process ID to check: _pids' \
+{'(--help)-h','(-h)--help'}'[print help]' \
+'-d[debug mode]' \
+{'(--update)--upgrade','(--upgrade)--update'}'[update program]' \
+{'(--format --output)-o','(-o --output)--format','(-o --format)--output'}'[use specified output format]:output format:->format' \
+{'(--dir)-d','(-d)--dir'}'[\[-v\] check specified DIR]:vdir:->vdir' \
+'--file[check specified FILE]:file to check:_files' \
+'--proc[check specifiec process NAME)]:process name:->procname' \
+'--proc-all[check all processes]' \
+'--proc-libs[check specified ID'\''s process libs)]:process ID to check: _pids' \
 '--kernel[check kernel]' \
-'--dir[DIR \[-v\] (check DIR)]:dir:_files -/'
-local stat=$?
-unset -f _checksec_procname
-return stat
+'--fortify-file[check specified FILE for fortify)]:file for fortify:_files' \
+'--fortify-proc[check specied ID'\''s process for fortify)]:process ID for fortify: _pids'
+local ret=$?
+case $state in
+format)
+	local formats
+	formats=(
+	'cli:use cli output format'
+	'csv:use csv output format'
+	'xml:use xml output format'
+	'json:use json output format'
+	)
+	_describe -t formats 'output format' formats
+	ret=$?;;
+procname)
+	compadd "$expl[@]" ${${${${(f)"$(_call_program processes-names ps ${${EUID/(#s)0(#e)/xa}//[0-9]#/}ho command 2> /dev/null)"//[][\(\)]/}:#(ps|COMMAND|-*)}%%\ *}:t}
+	ret=$?;;
+vdir)
+	compadd "$expl[@]" -v
+	_files -/
+	ret=0;;
+esac
+return ret
diff --git a/app-admin/checksec/files/path.patch b/app-admin/checksec/files/path.patch
new file mode 100644
index 00000000..18344610
--- /dev/null
+++ b/app-admin/checksec/files/path.patch
@@ -0,0 +1,10 @@
+--- 1/checksec
++++ 1/checksec
+@@ -59,6 +59,7 @@
+ 
+ #set global lang to C
+ export LC_ALL="C"
++export PATH="${PATH}:/usr/sbin:/sbin"  # for sysctl
+ 
+ # global vars
+ debug=false
diff --git a/app-admin/checksec/metadata.xml b/app-admin/checksec/metadata.xml
index b919c846..3d46eda1 100644
--- a/app-admin/checksec/metadata.xml
+++ b/app-admin/checksec/metadata.xml
@@ -4,5 +4,16 @@
 	<maintainer type="person">
 		<email>martin@mvath.de</email>
 		<name>Martin Väth</name>
+		<description>maintainer of the updates in the mv overlay</description>
 	</maintainer>
+	<maintainer type="person">
+		<email>sping@gentoo.org</email>
+		<name>Sebastian Pipping</name>
+	</maintainer>
+	<upstream>
+		<remote-id type="github">slimm609/checksec.sh</remote-id>
+	</upstream>
+        <use>
+                <flag name="vanilla">Use unpatched version with self-update functionality (not recommended)</flag>
+        </use>
 </pkgmetadata>
diff --git a/profiles/use.local.desc b/profiles/use.local.desc
index bcbb5a4e..e9e939e6 100644
--- a/profiles/use.local.desc
+++ b/profiles/use.local.desc
@@ -2,6 +2,7 @@
 # your descriptions to your package's metadata.xml ONLY.
 # * generated automatically using egencache *
 
+app-admin/checksec:vanilla - Use unpatched version with self-update functionality (not recommended)
 app-portage/eix:debug - Build with upstream's CXXFLAGS/LDFLAGS for debugging support; not recommended for normal use.
 app-portage/eix:dep - Make DEP=true the default which enables support for {,R,P}DEPEND but requires roughly double disk and memory.
 app-portage/eix:doc - Create description of the eix cache file additionally in html format