signed update

e6b98219 · slimm609 · b8b8bb36 · e6b98219 · e6b98219 · e6b98219
Commit e6b98219 authored Jul 24, 2019 by slimm609
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ Updates
   - Changed structure to be more modular and switched to getopts so options can be in any order.   e.g. format=json can be at the end now, however.  
   - All options now require `--$option=$value` instead of `--$option $value`

-   Last Update: 2019-07-23
+   Last Update: 2019-07-24

 For OSX
 -------

--- a/checksec
+++ b/checksec
@@ -68,10 +68,10 @@ format="cli"
 SCRIPT_NAME="checksec"
 SCRIPT_URL="https://github.com/slimm609/checksec.sh/raw/master/${SCRIPT_NAME}"
 SIG_URL="https://github.com/slimm609/checksec.sh/raw/master/$(basename ${SCRIPT_NAME} .sh).sig"
-SCRIPT_VERSION=2019072301
+SCRIPT_VERSION=2019072401
 SCRIPT_MAJOR=2
 SCRIPT_MINOR=0
-SCRIPT_REVISION=0
+SCRIPT_REVISION=1
 pkg_release=false
 commandsmissing=false
 OPT=0
@@ -231,20 +231,20 @@ version() {

 # help
 help() {
-  echo "Usage: checksec [--output {cli|csv|xml|json}] [OPTION]"
+  echo "Usage: checksec [--format={cli,csv,xml,json}] [OPTION]"
  echo
  echo
  echo "Options:"
  echo
  echo " ## Checksec Options"
-  echo "  --file=<file>"
-  echo "  --dir=<directory>"
-  echo "  --proc=<process name>"
+  echo "  --file={file}"
+  echo "  --dir={directory}"
+  echo "  --proc={process name}"
  echo "  --proc-all"
-  echo "  --proc-libs=<process ID>"
-  echo "  --kernel=[kconfig]"
-  echo "  --fortify-file=<executable-file>"
-  echo "  --fortify-proc=<process ID>"
+  echo "  --proc-libs={process ID}"
+  echo "  --kernel[=kconfig]"
+  echo "  --fortify-file={executable-file}"
+  echo "  --fortify-proc={process ID}"
  echo "  --version"
  echo "  --help"
  if ! ${pkg_release}; then
@@ -254,7 +254,8 @@ help() {
  echo " ## Modifiers"
  echo "  --debug"
  echo "  --verbose"
-  echo "  --format=[cli|csv|xml|json]"
+  echo "  --format={cli,csv,xml,json}"
+  echo "  --output={cli,csv,xml,json}"
  echo
  echo "For more information, see:"
  echo "  http://github.com/slimm609/checksec.sh"
@@ -1831,7 +1832,7 @@ while getopts "${optspec}" optchar; do
                  upgrade
                  exit 0
                  ;;
-                format=*)
+                format=*|output=*)
                  output_format=${OPTARG#*=}
                  format
                  ;;
@@ -1889,8 +1890,11 @@ while getopts "${optspec}" optchar; do
    esac
 done

-if [[ "${OPT}" != 1 ]]; then
-  printf "\033[31mError: To many options selected. Please select one at a time.\033[m\n\n" 
+if [[ "${OPT}" == 0 ]]; then
+  printf "\033[31mError: No option selected. Please select an option.\033[m\n\n"
+  exit 1
+elif [[ "${OPT}" != 1 ]]; then
+  printf "\033[31mError: To many options selected. Please select one at a time.\033[m\n\n"
  exit 1
 fi

@@ -1898,7 +1902,7 @@ for variable in CHK_DIR CHK_FILE CHK_FORTIFY_FILE CHK_FORTIFY_PROC CHK_PROC CHK_
  chk_name="${variable#*_}"
  if [[ -n ${!variable+x} ]]; then
   if [[ ${chk_name,,} == ${!variable} ]]; then
-     printf "\033[31mError: Option Required.\033[m\n\n" 
+     printf "\033[31mError: Option Required.\033[m\n\n"
     help
     exit 1
   fi

--- a/checksec.sig
+++ b/checksec.sig
--- a/extras/man/checksec.1
+++ b/extras/man/checksec.1
 \" Process this file with
 .\" groff -man -Tascii foo.1
 .\"
-.TH CHECKSEC 1 "FEBURARY 2016" Linux "User Manuals"
+.TH CHECKSEC 1 "FEBURARY 2019" Linux "User Manuals"
 .SH NAME
 checksec \- check executables and kernel properties
 .SH SYNOPSIS
@@ -13,41 +13,41 @@ is a bash script used to check the properties of executables
 options (like GRSecurity and SELinux).
 .SH OPTIONS
 .TP
-\fB\-o\fP or \fB\--output\fP or \fB\--format\fP \fB{cli|csv|xml|json}\fP
+\fB\--output=\fP or \fB\--format=\fP \fB{cli|csv|xml|json}\fP
 Output the results in different formats for ingestion to other applications.
 NOTE: This option must go before any other options currently
 .TP
-\fB\-h\fP or \fB\--help\fP
+\fB\--help\fP
 Displays the help text
 .TP
-\fB\-f\fP or \fB\--file\fP
+\fB\--file={filename}\fP
 Checks individual files for security features compiled into the executable
 .TP
-\fB\-d\fP or \fB\--dir\fP
+\fB\--dir={directory}\fP
 Recursively checks all executable files in the directory for security features compiled into the executables
 .TP
-\fB\-p\fP or \fB\--proc\fP
+\fB\--proc={pid}\fP
 Checks the security features of a running process by name
 .TP
-\fB\-pa\fP or \fB\--proc-all\fP
+\fB\--proc-all\fP
 Checks the security features of all running processes
 .TP
-\fB\-pl\fP or \fB\--proc-libs\fP
+\fB\--proc-libs\fP
 Checks the security features of the all libraries of a running process ID
 .TP
-\fB\-k\fP or \fB\--kernel\fP
+\fB\--kernel[=kconfig]\fP
 Checks the security features of the running kernel or a specified kernel config
 .TP
-\fB\-ff\fP or \fB\--fortify-file\fP
+\fB\--fortify-file={filename}\fP
 Checks the fortifiability of a file and if any of the fortifiable features have already been compiled into the file
 .TP
-\fB\-fp\fP or \fB\--fortify-proc\fP
+\fB\--fortify-proc={pid}\fP
 Checks the fortifiability of a running process and if any of the fortifiable features have already been compiled in  
 .TP
 \fB\--version\fP 
 Shows the current version of the running software
 .TP
-\fB\-u\fP or \fB\--update\fP or \fB\--upgrade\fP
+\fB\--update\fP or \fB\--upgrade\fP
 Checks source for a signed update and updates the application if available

 .SH DIAGNOSTICS

--- a/extras/zsh/_checksec
+++ b/extras/zsh/_checksec
@@ -3,18 +3,19 @@ local curcontext="$curcontext" state state_descr line
 typeset -A opt_args
 _arguments -C : \
 '--version[print version]' \
-{'(--help)-h','(-h)--help'}'[print help]' \
-'--debug[debug mode]' \
+{'(--help)','--help'}'[print help]' \
+'--debug' \
+'--verbose' \
 {'(--update)--upgrade','(--upgrade)--update'}'[update program]' \
-{'(--format --output)-o','(-o --output)--format','(-o --format)--output'}'[use specified output format]:output format:->format' \
-{'(--dir)-d','(-d)--dir'}'[\[-v\] check specified DIR]:vdir:->vdir' \
-{'(--file)-f','(-f)--file'}'[check specified FILE]:file to check:_files' \
-{'(--proc)-p','(-p)--proc'}'[check specified process NAME)]:process name:->procname' \
-{'(--proc-all)-pa','(-pa)--proc-all'}'[check all processes]' \
-{'(--proc-libs)-pl','(-pl)--proc-libs'}'[check specified ID'\''s process libs)]:process ID to check: _pids' \
-{'(--kernel)-k','(-k)--kernel'}'[check kernel]' \
-{'(--fortify-file)-ff','(-ff)--fortify-file'}'[check specified FILE for fortify)]:file for fortify:_files' \
-{'(--fortify-proc)-fp','(-fp)--fortify-proc'}'[check specified ID'\''s process for fortify)]:process ID for fortify: _pids'
+{'(--format= --output=)','(--output=)--format=','(--format=)--output='}'[use specified output format]:output format:->format' \
+{'(--dir=)','--dir='}'[check specified DIR]:vdir:->vdir' \
+{'(--file=)','--file='}'[check specified FILE]:file to check:_files' \
+{'(--proc=)','--proc='}'[check specified process NAME)]:process name:->procname' \
+{'(--proc-all)','--proc-all'}'[check all processes]' \
+{'(--proc-libs)','--proc-libs'}'[check specified ID'\''s process libs)]:process ID to check: _pids' \
+{'(--kernel)','--kernel'}'[check kernel]' \
+{'(--fortify-file=)','--fortify-file='}'[check specified FILE for fortify)]:file for fortify:_files' \
+{'(--fortify-proc=)','--fortify-proc='}'[check specified ID'\''s process for fortify)]:process ID for fortify: _pids'
 local ret=$?
 case $state in
 format)