from daklib.textutils import fix_maintainer, ParseMaintError
import daklib.lintian as lintian
import daklib.utils as utils
-from daklib.upload import InvalidHashException
+import daklib.upload
import apt_inst
import apt_pkg
from apt_pkg import version_compare
+import datetime
import errno
import os
import subprocess
def check_replay(self, upload):
# Use private session as we want to remember having seen the .changes
# in all cases.
- session = DBConn().session()
+ session = upload.session
history = SignatureHistory.from_signed_file(upload.changes)
r = history.query(session)
if r is not None:
raise Reject('Signature for changes file was already seen at {0}.\nPlease refresh the signature of the changes file if you want to upload it again.'.format(r.seen))
- session.add(history)
- session.commit()
return True
"""Check signature of changes and dsc file (if included in upload)
try:
for f in files:
f.check(upload.directory)
- except IOError as e:
- if e.errno == errno.ENOENT:
- raise Reject('{0} refers to non-existing file: {1}\n'
- 'Perhaps you need to include it in your upload?'
- .format(filename, os.path.basename(e.filename)))
- raise
- except InvalidHashException as e:
+ except daklib.upload.FileDoesNotExist as e:
+ raise Reject('{0}: {1}\n'
+ 'Perhaps you need to include the file in your upload?'
+ .format(filename, unicode(e)))
+ except daklib.upload.UploadException as e:
raise Reject('{0}: {1}'.format(filename, unicode(e)))
+class SignatureTimestampCheck(Check):
+ """Check timestamp of .changes signature"""
+ def check(self, upload):
+ changes = upload.changes
+
+ now = datetime.datetime.utcnow()
+ timestamp = changes.signature_timestamp
+ age = now - timestamp
+
+ age_max = datetime.timedelta(days=365)
+ age_min = datetime.timedelta(days=-7)
+
+ if age > age_max:
+ raise Reject('{0}: Signature from {1} is too old (maximum age is {2} days)'.format(changes.filename, timestamp, age_max.days))
+ if age < age_min:
+ raise Reject('{0}: Signature from {1} is too far in the future (tolerance is {2} days)'.format(changes.filename, timestamp, abs(age_min.days)))
+
+ return True
+
class ChangesCheck(Check):
"""Check changes file for syntax errors."""
def check(self, upload):
fn = binary.hashed_file.filename
control = binary.control
- for field in ('Package', 'Architecture', 'Version', 'Description'):
+ for field in ('Package', 'Architecture', 'Version', 'Description', 'Section'):
if field not in control:
raise Reject('{0}: Missing mandatory field {0}.'.format(fn, field))
if not allow_no_arch_indep_uploads \
and 'all' not in changes.architectures \
+ and 'experimental' not in changes.distributions \
and changes.source.package_list.has_arch_indep_packages():
raise Reject('Uploads not including architecture-independent packages are not allowed.')