#!/usr/bin/perl -w

# $Id: parse-announce,v 1.3 2008/01/14 16:33:12 lkundrak Exp $

use strict;
use Mail::Mbox::MessageParser;
use Email::Simple;

die "\nUsage: parse-announce mbox-file audit-file\n\n" if not defined($ARGV[1]);

my $mbox_filename = $ARGV[0];
my $audit_filename = $ARGV[1];
my (@file, %cve_id, $audit_version);

$ARGV[1] =~ /(\d+)$/;
$audit_version = $1;

# Suck in the audit file
open(FH, $ARGV[1]);
while (<FH>) {
    my ($temp_cve, $temp_text, $temp_line, $temp_package);
    chomp;
    $temp_line = $_;
    push @file, $temp_line;

    if ($temp_line =~ /^(CVE-\d{4}-\d{4}) (.*)/) {
        $temp_cve = $1;
        $temp_text = $2;
        if ($temp_text =~ /\(([\w\-\_\.]+)[\,\)]/) {
            $temp_package = $1;
        } elsif ($temp_text =~ /\*\* (\w+)/) {
            $temp_package = $1;
        } else {
            die "Couldn't determine the package name from the audit file";
        }

        $cve_id{$temp_cve} = {} if not $cve_id{$temp_cve};
        $cve_id{$temp_cve}->{$temp_package} = [$#file, $temp_line];
    }
}

close(FH);

my $folder_reader = new Mail::Mbox::MessageParser({
    'file_name' => $mbox_filename,
    'enable_cache' => 0,
});

die $folder_reader unless ref $folder_reader;

while (!$folder_reader->end_of_file()) {
    my (@cves, $errata_id, $temp_cve);
    my ($product, $package);


    my $email = $folder_reader->read_next_email();
    my $mail = Email::Simple->new($$email);
    my $subject = $mail->header('Subject');
    my $body = $mail->body;

    if ($body =~ m/Product\s*:\s+Fedora Core (\d+)/) {
        $product = $1;
    } else {
        # Add support for fedora extras here
        warn "Product name couldn't be found";
        next;
    }

    if ($body =~ m/Name\s*:\s+(\w+)/) {
        $package = $1;
    } else {
        warn "Package Name couldn't be found";
        next;
    }

    if ($body =~ m/(FEDORA-\d{4}-\d+)/) {
        $errata_id = $1;
    } else {
        warn "Errata ID couldn't be found";
        next;
    }

    while ($body =~ m/(CVE-\d{4}-\d{4})/g) {
        if ($cve_id{$1}) {
            if ($cve_id{$1}->{$package} and $product eq $audit_version) {
                $cve_id{$1}->{$package}->[1] .= "[since $errata_id]";
                my $file_line = $cve_id{$1}->{$package}->[0];
                next if $file[$file_line] =~ /\[since FEDORA/;
                $file[$file_line] = $file[$file_line] . " [since $errata_id]"
            }
        } else {
            print "$1 **FIXME** ($package) [since $errata_id]\n";
        }
    }
}

foreach (@file) {
    print $_, "\n";
}