From f36b534c67dee67850fe4ac1d0ad6afa600703e8 Mon Sep 17 00:00:00 2001
From: m-1-k-3 <m1k3@s3cur1ty.de>
Date: Tue, 4 Jul 2023 10:09:31 +0200
Subject: [PATCH] trivy action

---
 .github/workflows/trivy-container-check.yml | 2 +-
 config/bin_version_strings.cfg              | 1 +
 modules/L22_upnp_hnap_checks.sh             | 5 +++--
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/trivy-container-check.yml b/.github/workflows/trivy-container-check.yml
index 487e97b98..02f8bef69 100644
--- a/.github/workflows/trivy-container-check.yml
+++ b/.github/workflows/trivy-container-check.yml
@@ -39,7 +39,7 @@ jobs:
           docker save -o vuln-image.tar embeddedanalyzer/emba
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe
         with:
           input: /github/workspace/vuln-image.tar
           timeout: "60m"
diff --git a/config/bin_version_strings.cfg b/config/bin_version_strings.cfg
index 2e268b375..5ba5edd92 100644
--- a/config/bin_version_strings.cfg
+++ b/config/bin_version_strings.cfg
@@ -62,6 +62,7 @@ binutils;;gplv3;"\(GNU\ Binutils\ for\ Debian\)\ [0-9](\.[0-9]+)+?$";"sed -r 's/
 bird;;unknown;"^BIRD\ version\ [0-9](\.[0-9]+)+?$";"sed -r 's/BIRD\ version\ ([0-9](\.[0-9]+)+?)$/bird:\1/'";
 blkid;;unknown;"^blkid\ [0-9](\.[0-9]+)+?\ \(.*\)$";"sed -r 's/blkid\ ([0-9](\.[0-9]+)+?)\ .*/blkid:\1/'";
 blockman;;unknown;"^blockman\ [0-9](\.[0-9]+)+?\.blockman\ build-[0-9]+$";"sed -r 's/blockman\ ([0-9](\.[0-9]+)+?)\..*/blockman:\1/'";
+boa;;unknown;"Boa\ HTTPd\ [0-9](\.[0-9]+)+?(rc[0-9]+)?";"sed -r 's/Boa\ HTTPd\ ([0-9](\.[0-9]+)+?(rc[0-9]+)?)/boa:boa:\1/'";
 booster;;unknown;"BoosterMainFunction:305:\ Version:\ [0-9](\.[0-9])+?";"sed -r 's/BoosterMainFunction:305:\ Version:\ ([0-9](\.[0-9]+)+?).*/booster:\1/'";
 bootlogd;;unknown;"\ bootlogd\ [0-9](\.[0-9]+)+?\ ";"sed -r 's/\ bootlogd\ ([0-9](\.[0-9]+)+?)\ .*/bootlogd:\1/'";
 bpalogin;;gplv2;"BPALogin\ v[0-9](\.[0-9])+?\ -\ portable\ BigPond\ Broadband\ login\ client$";"sed -r 's/BPALogin\ v([0-9](\.[0-9]+)+?)\ .*/bpalogin:\1/'";
diff --git a/modules/L22_upnp_hnap_checks.sh b/modules/L22_upnp_hnap_checks.sh
index 4d3caf649..57973df2a 100755
--- a/modules/L22_upnp_hnap_checks.sh
+++ b/modules/L22_upnp_hnap_checks.sh
@@ -20,6 +20,7 @@ L22_upnp_hnap_checks() {
 
   export UPNP_UP=0
   export HNAP_UP=0
+  export JNAP_UP=0
 
   if [[ "$SYS_ONLINE" -eq 1 ]] && [[ "$TCP" == "ok" ]]; then
     module_log_init "${FUNCNAME[0]}"
@@ -131,7 +132,7 @@ check_basic_hnap_jnap() {
         curl -v -L --max-redir 0 -f -m 5 -s -X POST -H "${JNAP_ACTION}" -d "{}" https://"${IP_ADDRESS_}":"${PORT}"/JNAP/ >> "$LOG_PATH_MODULE"/jnap-discovery-check.txt || true
       fi
 
-      if [[ -f "$LOG_PATH_MODULE"/hnap-discovery-check.txt ]]; then
+      if [[ -s "$LOG_PATH_MODULE"/hnap-discovery-check.txt ]]; then
         print_ln
         # tee -a "$LOG_FILE" < "$LOG_PATH_MODULE"/hnap-discovery-check.txt
         sed 's/></>\n</g' "$LOG_PATH_MODULE"/hnap-discovery-check.txt | tee -a "$LOG_FILE"
@@ -140,7 +141,7 @@ check_basic_hnap_jnap() {
         HNAP_UP=$(grep -c "HNAP1" "$LOG_PATH_MODULE"/hnap-discovery-check.txt || true)
       fi
 
-      if [[ -f "$LOG_PATH_MODULE"/jnap-discovery-check.txt ]]; then
+      if [[ -s "$LOG_PATH_MODULE"/jnap-discovery-check.txt ]]; then
         print_ln
         tee -a "$LOG_FILE" < "$LOG_PATH_MODULE"/jnap-discovery-check.txt
         print_ln