1 import sys, os, textwrap
4 import daklib.utils, daklib.database
7 import daklib.extensions
8 from daklib.extensions import replace_dak_function
10 def check_transition():
11 changes = dak_module.changes
12 reject = dak_module.reject
15 sourcepkg = changes["source"]
17 # No sourceful upload -> no need to do anything else, direct return
18 # We also work with unstable uploads, not experimental or those going to some
19 # proposed-updates queue
20 if "source" not in changes["architecture"] or "unstable" not in changes["distribution"]:
23 # Also only check if there is a file defined (and existant) with
25 transpath = Cnf.get("Dinstall::Reject::ReleaseTransitions", "")
26 if transpath == "" or not os.path.exists(transpath):
30 sourcefile = file(transpath, 'r')
31 sourcecontent = sourcefile.read()
33 transitions = syck.load(sourcecontent)
34 except syck.error, msg:
35 # This shouldn't happen, there is a wrapper to edit the file which
36 # checks it, but we prefer to be safe than ending up rejecting
38 daklib.utils.warn("Not checking transitions, the transitions file is broken: %s." % (msg))
41 # Now look through all defined transitions
42 for trans in transitions:
43 t = transitions[trans]
47 # Will be None if nothing is in testing.
48 current = daklib.database.get_suite_version(source, "testing")
49 if current is not None:
50 compare = apt_pkg.VersionCompare(current, expected)
52 if current is None or compare < 0:
53 # This is still valid, the current version in testing is older than
54 # the new version we wait for, or there is none in testing yet
56 # Check if the source we look at is affected by this.
57 if sourcepkg in t['packages']:
58 # The source is affected, lets reject it.
60 rejectmsg = "%s: part of the %s transition.\n\n" % (
63 if current is not None:
64 currentlymsg = "at version %s" % (current)
66 currentlymsg = "not present in testing"
68 rejectmsg += "Transition description: %s\n\n" % (t["reason"])
70 rejectmsg += "\n".join(textwrap.wrap("""Your package
71 is part of a testing transition designed to get %s migrated (it is
72 currently %s, we need version %s). This transition is managed by the
73 Release Team, and %s is the Release-Team member responsible for it.
74 Please mail debian-release@lists.debian.org or contact %s directly if you
75 need further assistance. You might want to upload to experimental until this
76 transition is done."""
77 % (source, currentlymsg, expected,t["rm"], t["rm"])))
79 reject(rejectmsg + "\n")
82 @replace_dak_function("process-unchecked", "check_signed_by_key")
83 def check_signed_by_key(oldfn):
84 changes = dak_module.changes
85 reject = dak_module.reject
87 if changes["source"] == "dpkg":
88 fpr = changes["fingerprint"]
89 (uid, uid_name) = dak_module.lookup_uid_from_fingerprint(fpr)
90 if fpr == "5906F687BD03ACAD0D8E602EFCF37657" or uid == "iwj":
91 reject("Upload blocked due to hijack attempt 2008/03/19")
93 # NB: 1.15.0, 1.15.2 signed by this key targetted at unstable
94 # have been made available in the wild, and should remain
95 # blocked until Debian's dpkg has revved past those version