#!/usr/bin/env python
# Checks Debian packages from Incoming
-# Copyright (C) 2000, 2001 James Troup <james@nocrew.org>
-# $Id: jennifer,v 1.13 2002-04-16 17:35:16 troup Exp $
+# Copyright (C) 2000, 2001, 2002, 2003 James Troup <james@nocrew.org>
+# $Id: jennifer,v 1.37 2003-09-22 01:28:08 troup Exp $
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
################################################################################
-import FCNTL, errno, fcntl, gzip, os, re, select, shutil, stat, string, sys, time, traceback;
+import errno, fcntl, gzip, os, re, shutil, stat, sys, time, traceback;
import apt_inst, apt_pkg;
import db_access, katie, logging, utils;
from types import *;
-from string import lower;
################################################################################
re_bad_diff = re.compile("^[\-\+][\-\+][\-\+] /dev/null");
-re_is_changes = re.compile (r"(.+?)_(.+?)_(.+?)\.changes$");
+re_is_changes = re.compile(r"(.+?)_(.+?)_(.+?)\.changes$");
+re_valid_version = re.compile(r"^([0-9]+:)?[0-9A-Za-z\.\-\+:]+$");
+re_valid_pkg_name = re.compile(r"^[\dA-Za-z][\dA-Za-z\+\-\.]+$");
################################################################################
# Globals
-jennifer_version = "$Revision: 1.13 $";
+jennifer_version = "$Revision: 1.37 $";
Cnf = None;
Options = None;
changes_files = apt_pkg.ParseCommandLine(Cnf,Arguments,sys.argv);
Options = Cnf.SubTree("Dinstall::Options")
+ if Options["Help"]:
+ usage();
+ elif Options["Version"]:
+ print "jennifer %s" % (jennifer_version);
+ sys.exit(0);
+
Katie = katie.Katie(Cnf);
changes = Katie.pkg.changes;
return changes_files;
-#########################################################################################
+################################################################################
def usage (exit_code=0):
print """Usage: dinstall [OPTION]... [CHANGES]...
-V, --version display the version number and exit"""
sys.exit(exit_code)
-#########################################################################################
-
-# Our very own version of commands.getouputstatus(), hacked to support
-# gpgv's status fd.
-def get_status_output(cmd, status_read, status_write):
- cmd = ['/bin/sh', '-c', cmd];
- p2cread, p2cwrite = os.pipe();
- c2pread, c2pwrite = os.pipe();
- errout, errin = os.pipe();
- pid = os.fork();
- if pid == 0:
- # Child
- os.close(0);
- os.close(1);
- os.dup(p2cread);
- os.dup(c2pwrite);
- os.close(2);
- os.dup(errin);
- for i in range(3, 256):
- if i != status_write:
- try:
- os.close(i);
- except:
- pass;
- try:
- os.execvp(cmd[0], cmd);
- finally:
- os._exit(1);
-
- # parent
- os.close(p2cread)
- os.dup2(c2pread, c2pwrite);
- os.dup2(errout, errin);
-
- output = status = "";
- while 1:
- i, o, e = select.select([c2pwrite, errin, status_read], [], []);
- more_data = [];
- for fd in i:
- r = os.read(fd, 8196);
- if len(r) > 0:
- more_data.append(fd);
- if fd == c2pwrite or fd == errin:
- output = output + r;
- elif fd == status_read:
- status = status + r;
- else:
- utils.fubar("Unexpected file descriptor [%s] returned from select\n" % (fd));
- if not more_data:
- pid, exit_status = os.waitpid(pid, 0)
- try:
- os.close(status_write);
- os.close(status_read);
- os.close(c2pwrite);
- os.close(p2cwrite);
- os.close(errin);
- except:
- pass;
- break;
-
- return output, status, exit_status;
-
-#########################################################################################
-
-def Dict(**dict): return dict
-
-def prefix_multi_line_string(str, prefix):
- out = "";
- for line in string.split(str, '\n'):
- line = string.strip(line);
- if line:
- out = out + "%s %s\n" % (prefix, line);
- # Strip trailing new line
- if out:
- out = out[:-1];
- return out;
+################################################################################
def reject (str, prefix="Rejected: "):
global reject_message;
if str:
- reject_message = reject_message + prefix + str + "\n";
-
-#########################################################################################
-
-def check_signature (filename):
- if not utils.re_taint_free.match(os.path.basename(filename)):
- reject("!!WARNING!! tainted filename: '%s'." % (filename));
- return 0;
-
- status_read, status_write = os.pipe();
- cmd = "gpgv --status-fd %s --keyring %s --keyring %s %s" \
- % (status_write, Cnf["Dinstall::PGPKeyring"], Cnf["Dinstall::GPGKeyring"], filename);
- (output, status, exit_status) = get_status_output(cmd, status_read, status_write);
-
- # Process the status-fd output
- keywords = {};
- bad = internal_error = "";
- for line in string.split(status, '\n'):
- line = string.strip(line);
- if line == "":
- continue;
- split = string.split(line);
- if len(split) < 2:
- internal_error = internal_error + "gpgv status line is malformed (< 2 atoms) ['%s'].\n" % (line);
- continue;
- (gnupg, keyword) = split[:2];
- if gnupg != "[GNUPG:]":
- internal_error = internal_error + "gpgv status line is malformed (incorrect prefix '%s').\n" % (gnupg);
- continue;
- args = split[2:];
- if keywords.has_key(keyword) and keyword != "NODATA":
- internal_error = internal_error + "found duplicate status token ('%s')." % (keyword);
- continue;
- else:
- keywords[keyword] = args;
-
- # If we failed to parse the status-fd output, let's just whine and bail now
- if internal_error:
- reject("internal error while performing signature check on %s." % (filename));
- reject(internal_error, "");
- reject("Please report the above errors to the Archive maintainers by replying to this mail.", "");
- return None;
-
- # Now check for obviously bad things in the processed output
- if keywords.has_key("SIGEXPIRED"):
- reject("key used to sign %s has expired." % (filename));
- bad = 1;
- if keywords.has_key("KEYREVOKED"):
- reject("key used to sign %s has been revoked." % (filename));
- bad = 1;
- if keywords.has_key("BADSIG"):
- reject("bad signature on %s." % (filename));
- bad = 1;
- if keywords.has_key("ERRSIG") and not keywords.has_key("NO_PUBKEY"):
- reject("failed to check signature on %s." % (filename));
- bad = 1;
- if keywords.has_key("NO_PUBKEY"):
- reject("key used to sign %s not found in keyring." % (filename));
- bad = 1;
- if keywords.has_key("BADARMOR"):
- reject("ascii armour of signature was corrupt in %s." % (filename));
- bad = 1;
- if keywords.has_key("NODATA"):
- reject("no signature found in %s." % (filename));
- bad = 1;
-
- if bad:
- return None;
-
- # Next check gpgv exited with a zero return code
- if exit_status:
- reject("gpgv failed while checking %s." % (filename));
- if string.strip(status):
- reject(prefix_multi_line_string(status, " [GPG status-fd output:]"), "");
- else:
- reject(prefix_multi_line_string(output, " [GPG output:]"), "");
- return None;
-
- # Sanity check the good stuff we expect
- if not keywords.has_key("VALIDSIG"):
- reject("signature on %s does not appear to be valid [No VALIDSIG]." % (filename));
- bad = 1;
- else:
- args = keywords["VALIDSIG"];
- if len(args) < 1:
- reject("internal error while checking signature on %s." % (filename));
- bad = 1;
- else:
- fingerprint = args[0];
- if not keywords.has_key("GOODSIG"):
- reject("signature on %s does not appear to be valid [No GOODSIG]." % (filename));
- bad = 1;
- if not keywords.has_key("SIG_ID"):
- reject("signature on %s does not appear to be valid [No SIG_ID]." % (filename));
- bad = 1;
-
- # Finally ensure there's not something we don't recognise
- known_keywords = Dict(VALIDSIG="",SIG_ID="",GOODSIG="",BADSIG="",ERRSIG="",
- SIGEXPIRED="",KEYREVOKED="",NO_PUBKEY="",BADARMOR="",
- NODATA="");
-
- for keyword in keywords.keys():
- if not known_keywords.has_key(keyword):
- reject("found unknown status token '%s' from gpgv with args '%s' in %s." % (keyword, repr(keywords[keyword]), filename));
- bad = 1;
-
- if bad:
- return None;
- else:
- return fingerprint;
+ reject_message += prefix + str + "\n";
################################################################################
base_filename = os.path.basename(filename);
- dest = Cnf["Dir::QueueHoldingDir"] + '/' + base_filename;
+ dest = Cnf["Dir::Queue::Holding"] + '/' + base_filename;
try:
fd = os.open(dest, os.O_RDWR|os.O_CREAT|os.O_EXCL, 0640);
os.close(fd);
try:
shutil.copy(filename, dest);
except IOError, e:
- # In either case (ENOENT or EPERM) we want to remove the
+ # In either case (ENOENT or EACCES) we want to remove the
# O_CREAT | O_EXCLed ghost file, so add the file to the list
# of 'in holding' even if it's not the real file.
if errno.errorcode[e.errno] == 'ENOENT':
raise;
in_holding[base_filename] = "";
- return dest;
################################################################################
global in_holding;
cwd = os.getcwd();
- os.chdir(Cnf["Dir::QueueHoldingDir"]);
+ os.chdir(Cnf["Dir::Queue::Holding"]);
for file in in_holding.keys():
if os.path.exists(file):
- if string.find(file, '/') != -1:
+ if file.find('/') != -1:
utils.fubar("WTF? clean_holding() got a file ('%s') with / in it!" % (file));
else:
os.unlink(file);
# Parse the .changes field into a dictionary
try:
- changes.update(utils.parse_changes(filename, 0));
+ changes.update(utils.parse_changes(filename));
except utils.cant_open_exc:
reject("can't read changes file '%s'." % (filename));
return 0;
# Parse the Files field from the .changes into another dictionary
try:
- files.update(utils.build_file_list(changes, ""));
+ files.update(utils.build_file_list(changes));
except utils.changes_parse_error_exc, line:
reject("error parsing changes file '%s', can't grok: %s." % (filename, line));
except utils.nk_format_exc, format:
if o != "":
del changes[i]
changes[i] = {}
- for j in string.split(o):
+ for j in o.split():
changes[i][j] = 1
# Fix the Maintainer: field to be RFC822 compatible
if katie.re_isanum.match (i) == None:
reject("`%s' from Closes field isn't a number." % (i));
- # Ensure there is a target distribution
- if changes["distribution"].keys() == []:
- reject("huh? Distribution field is empty in changes file.");
-
- # Map frozen to unstable if frozen doesn't exist
- if changes["distribution"].has_key("frozen") and not Cnf.has_key("Suite::Frozen"):
- del changes["distribution"]["frozen"]
- changes["distribution"]["unstable"] = 1;
- reject("Mapping frozen to unstable.","");
-
- # Map testing to unstable
- if changes["distribution"].has_key("testing"):
- if len(changes["distribution"].keys()) > 1:
- del changes["distribution"]["testing"];
- reject("Ignoring testing as a target suite.", "Warning: ");
- else:
- reject("invalid distribution 'testing'.");
-
- # Ensure target distributions exist
- for i in changes["distribution"].keys():
- if not Cnf.has_key("Suite::%s" % (i)):
- reject("Unknown distribution `%s'." % (i));
-
- # Map unreleased arches from stable to unstable
- if changes["distribution"].has_key("stable"):
- for i in changes["architecture"].keys():
- if not Cnf.has_key("Suite::Stable::Architectures::%s" % (i)):
- reject("Mapping stable to unstable for unreleased arch %s." % (i),"");
- del changes["distribution"]["stable"];
- changes["distribution"]["unstable"] = 1;
- break;
-
- # Map arches not being released from frozen to unstable
- if changes["distribution"].has_key("frozen"):
- for i in changes["architecture"].keys():
- if not Cnf.has_key("Suite::Frozen::Architectures::%s" % (i)):
- reject("Mapping frozen to unstable for non-releasing arch `%s'." % (i),"");
- del changes["distribution"]["frozen"]
- changes["distribution"]["unstable"] = 1;
-
- # Map stable uploads to proposed-updates
- if changes["distribution"].has_key("stable"):
- reject("Mapping stable to updates.","");
- del changes["distribution"]["stable"];
- changes["distribution"]["proposed-updates"] = 1;
# chopversion = no epoch; chopversion2 = no epoch and no revision (e.g. for .orig.tar.gz comparison)
changes["chopversion"] = utils.re_no_epoch.sub('', changes["version"])
# of the queue directories.
base_filename = os.path.basename(filename);
for dir in [ "Accepted", "Byhand", "Done", "New" ]:
- if os.path.exists(Cnf["Dir::Queue%sDir" % (dir) ]+'/'+base_filename):
- reject("a changes file with the same name already exists in the %s directory." % (dir));
+ if os.path.exists(Cnf["Dir::Queue::%s" % (dir) ]+'/'+base_filename):
+ reject("%s: a file with this name already exists in the %s directory." % (base_filename, dir));
return 1;
################################################################################
+def check_distributions():
+ "Check and map the Distribution field of a .changes file."
+
+ # Handle suite mappings
+ for map in Cnf.ValueList("SuiteMappings"):
+ args = map.split();
+ type = args[0];
+ if type == "map" or type == "silent-map":
+ (source, dest) = args[1:3];
+ if changes["distribution"].has_key(source):
+ del changes["distribution"][source]
+ changes["distribution"][dest] = 1;
+ if type != "silent-map":
+ reject("Mapping %s to %s." % (source, dest),"");
+ elif type == "map-unreleased":
+ (source, dest) = args[1:3];
+ if changes["distribution"].has_key(source):
+ for arch in changes["architecture"].keys():
+ if arch not in Cnf.ValueList("Suite::%s::Architectures" % (source)):
+ reject("Mapping %s to %s for unreleased architecture %s." % (source, dest, arch),"");
+ del changes["distribution"][source];
+ changes["distribution"][dest] = 1;
+ break;
+ elif type == "ignore":
+ suite = args[1];
+ if changes["distribution"].has_key(suite):
+ del changes["distribution"][suite];
+ reject("Ignoring %s as a target suite." % (suite), "Warning: ");
+
+ # Ensure there is (still) a target distribution
+ if changes["distribution"].keys() == []:
+ reject("no valid distribution.");
+
+ # Ensure target distributions exist
+ for suite in changes["distribution"].keys():
+ if not Cnf.has_key("Suite::%s" % (suite)):
+ reject("Unknown distribution `%s'." % (suite));
+
+################################################################################
+
def check_files():
global reprocess
for file in file_keys:
# Ensure the file does not already exist in one of the accepted directories
for dir in [ "Accepted", "Byhand", "New" ]:
- if os.path.exists(Cnf["Dir::Queue%sDir" % (dir) ]+'/'+file):
+ if os.path.exists(Cnf["Dir::Queue::%s" % (dir) ]+'/'+file):
reject("%s file already exists in the %s directory." % (file, dir));
if not utils.re_taint_free.match(file):
reject("!!WARNING!! tainted filename: '%s'." % (file));
files[file]["type"] = "deb";
# Extract package control information
+ deb_file = utils.open_file(file);
try:
- control = apt_pkg.ParseSection(apt_inst.debExtractControl(utils.open_file(file)));
+ control = apt_pkg.ParseSection(apt_inst.debExtractControl(deb_file));
except:
reject("%s: debExtractControl() raised %s." % (file, sys.exc_type));
+ deb_file.close();
# Can't continue, none of the checks on control would work.
continue;
+ deb_file.close();
# Check for mandatory fields
for field in [ "Package", "Architecture", "Version" ]:
if control.Find(field) == None:
reject("%s: No %s field in control." % (file, field));
+ # Can't continue
+ continue;
# Ensure the package name matches the one give in the .changes
if not changes["binary"].has_key(control.Find("Package", "")):
reject("%s: control file lists name as `%s', which isn't in changes file." % (file, control.Find("Package", "")));
+ # Validate the package field
+ package = control.Find("Package");
+ if not re_valid_pkg_name.match(package):
+ reject("%s: invalid package name '%s'." % (file, package));
+
+ # Validate the version field
+ version = control.Find("Version");
+ if not re_valid_version.match(version):
+ reject("%s: invalid version number '%s'." % (file, version));
+
# Ensure the architecture of the .deb is one we know about.
- if not Cnf.has_key("Suite::Unstable::Architectures::%s" % (control.Find("Architecture", ""))):
- reject("Unknown architecture '%s'." % (control.Find("Architecture", "")));
+ default_suite = Cnf.get("Dinstall::DefaultSuite", "Unstable")
+ architecture = control.Find("Architecture");
+ if architecture not in Cnf.ValueList("Suite::%s::Architectures" % (default_suite)):
+ reject("Unknown architecture '%s'." % (architecture));
# Ensure the architecture of the .deb is one of the ones
# listed in the .changes.
- if not changes["architecture"].has_key(control.Find("Architecture", "")):
- reject("%s: control file lists arch as `%s', which isn't in changes file." % (file, control.Find("Architecture", "")));
+ if not changes["architecture"].has_key(architecture):
+ reject("%s: control file lists arch as `%s', which isn't in changes file." % (file, architecture));
+
+ # Sanity-check the Depends field
+ depends = control.Find("Depends");
+ if depends == '':
+ reject("%s: Depends field is empty." % (file));
# Check the section & priority match those given in the .changes (non-fatal)
if control.Find("Section") != None and files[file]["section"] != "" and files[file]["section"] != control.Find("Section"):
if control.Find("Priority") != None and files[file]["priority"] != "" and files[file]["priority"] != control.Find("Priority"):
reject("%s control file lists priority as `%s', but changes file has `%s'." % (file, control.Find("Priority", ""), files[file]["priority"]),"Warning: ");
- files[file]["package"] = control.Find("Package");
- files[file]["architecture"] = control.Find("Architecture");
- files[file]["version"] = control.Find("Version");
+ files[file]["package"] = package;
+ files[file]["architecture"] = architecture;
+ files[file]["version"] = version;
files[file]["maintainer"] = control.Find("Maintainer", "");
- if file[-5:] == ".udeb":
+ if file.endswith(".udeb"):
files[file]["dbtype"] = "udeb";
- elif file[-4:] == ".deb":
+ elif file.endswith(".deb"):
files[file]["dbtype"] = "deb";
else:
reject("%s is neither a .deb or a .udeb." % (file));
- files[file]["source"] = control.Find("Source", "");
- if files[file]["source"] == "":
- files[file]["source"] = files[file]["package"];
+ files[file]["source"] = control.Find("Source", files[file]["package"]);
# Get the source version
source = files[file]["source"];
source_version = ""
- if string.find(source, "(") != -1:
+ if source.find("(") != -1:
m = utils.re_extract_src_version.match(source)
source = m.group(1)
source_version = m.group(2)
file_package = m.group(1);
if files[file]["package"] != file_package:
reject("%s: package part of filename (%s) does not match package name in the %s (%s)." % (file, file_package, files[file]["dbtype"], files[file]["package"]));
- epochless_version = utils.re_no_epoch.sub('', control.Find("Version", ""))
+ epochless_version = utils.re_no_epoch.sub('', control.Find("Version"));
# version
file_version = m.group(2);
if epochless_version != file_version:
reject("source version (%s) for %s doesn't match changes version %s." % (source_version, file, changes["version"]));
else:
# Check in the SQL database
- if not Katie.source_exists(source_package, source_version):
+ if not Katie.source_exists(source_package, source_version, changes["distribution"].keys()):
# Check in one of the other directories
source_epochless_version = utils.re_no_epoch.sub('', source_version);
dsc_filename = "%s_%s.dsc" % (source_package, source_epochless_version);
- if os.path.exists(Cnf["Dir::QueueByhandDir"] + '/' + dsc_filename):
+ if os.path.exists(Cnf["Dir::Queue::Byhand"] + '/' + dsc_filename):
files[file]["byhand"] = 1;
- elif os.path.exists(Cnf["Dir::QueueNewDir"] + '/' + dsc_filename):
+ elif os.path.exists(Cnf["Dir::Queue::New"] + '/' + dsc_filename):
files[file]["new"] = 1;
- elif not os.path.exists(Cnf["Dir::QueueAcceptedDir"] + '/' + dsc_filename):
+ elif not os.path.exists(Cnf["Dir::Queue::Accepted"] + '/' + dsc_filename):
reject("no source found for %s %s (%s)." % (source_package, source_version, file));
+ # Check the version and for file overwrites
+ reject(Katie.check_binary_against_db(file),"");
# Checks for a source package...
else:
# Check the signature of a .dsc file
if files[file]["type"] == "dsc":
- dsc["fingerprint"] = check_signature(file);
+ dsc["fingerprint"] = utils.check_signature(file, reject);
files[file]["architecture"] = "source";
for suite in changes["distribution"].keys():
# Skip byhand
if files[file].has_key("byhand"):
- continue
+ continue;
+ # Handle component mappings
+ for map in Cnf.ValueList("ComponentMappings"):
+ (source, dest) = map.split();
+ if files[file]["component"] == source:
+ files[file]["original component"] = source;
+ files[file]["component"] = dest;
# Ensure the component is valid for the target suite
- if Cnf.has_key("Suite:%s::Components" % (suite)) and not Cnf.has_key("Suite::%s::Components::%s" % (suite, files[file]["component"])):
+ if Cnf.has_key("Suite:%s::Components" % (suite)) and \
+ files[file]["component"] not in Cnf.ValueList("Suite::%s::Components" % (suite)):
reject("unknown component `%s' for suite `%s'." % (files[file]["component"], suite));
continue
if not Katie.in_override_p(files[file]["package"], files[file]["component"], suite, files[file].get("dbtype",""), file):
files[file]["new"] = 1;
- if files[file]["type"] == "deb":
- reject(Katie.check_binaries_against_db(file, suite),"");
-
# Validate the component
component = files[file]["component"];
component_id = db_access.get_component_id(component);
continue;
# Validate the priority
- if string.find(files[file]["priority"],'/') != -1:
+ if files[file]["priority"].find('/') != -1:
reject("file '%s' has invalid priority '%s' [contains '/']." % (file, files[file]["priority"]));
- # Check the md5sum & size against existing files (if any)
- location = Cnf["Dir::PoolDir"];
- files[file]["location id"] = db_access.get_location_id (location, component, archive);
+ # Determine the location
+ location = Cnf["Dir::Pool"];
+ location_id = db_access.get_location_id (location, component, archive);
+ if location_id == -1:
+ reject("[INTERNAL ERROR] couldn't determine location (Component: %s, Archive: %s)" % (component, archive));
+ files[file]["location id"] = location_id;
+ # Check the md5sum & size against existing files (if any)
files[file]["pool name"] = utils.poolify (changes["source"], files[file]["component"]);
files_id = db_access.get_files_id(files[file]["pool name"] + file, files[file]["size"], files[file]["md5sum"], files[file]["location id"]);
if files_id == -1:
files[file]["files id"] = files_id
# Check for packages that have moved from one component to another
- if files[file]["oldfiles"].has_key(suite) and files[file]["oldfiles"][suite]["name"] != files[file]["component"]:
- files[file]["othercomponents"] = files[file]["oldfiles"][suite]["name"];
+ q = Katie.projectB.query("""
+SELECT c.name FROM binaries b, bin_associations ba, suite s, location l,
+ component c, architecture a, files f
+ WHERE b.package = '%s' AND s.suite_name = '%s'
+ AND (a.arch_string = '%s' OR a.arch_string = 'all')
+ AND ba.bin = b.id AND ba.suite = s.id AND b.architecture = a.id
+ AND f.location = l.id AND l.component = c.id AND b.file = f.id"""
+ % (files[file]["package"], suite,
+ files[file]["architecture"]));
+ ql = q.getresult();
+ if ql:
+ files[file]["othercomponents"] = ql[0][0];
# If the .changes file says it has source, it must have source.
if changes["architecture"].has_key("source"):
global reprocess;
for file in files.keys():
+ # The .orig.tar.gz can disappear out from under us is it's a
+ # duplicate of one in the archive.
+ if not files.has_key(file):
+ continue;
if files[file]["type"] == "dsc":
# Parse the .dsc file
try:
- dsc.update(utils.parse_changes(file, 1));
+ dsc.update(utils.parse_changes(file, dsc_whitespace_rules=1));
except utils.cant_open_exc:
# if not -n copy_to_holding() will have done this for us...
if Options["No-Action"]:
reject("syntax error in .dsc file '%s', line %s." % (file, line));
# Build up the file list of files mentioned by the .dsc
try:
- dsc_files.update(utils.build_file_list(dsc, 1));
+ dsc_files.update(utils.build_file_list(dsc, is_a_dsc=1));
except utils.no_files_exc:
reject("no Files: field in .dsc file.");
continue;
if not dsc.has_key(i):
reject("Missing field `%s' in dsc file." % (i));
- # The dpkg maintainer from hell strikes again! Bumping the
- # version number of the .dsc breaks extraction by stable's
- # dpkg-source.
+ # Validate the source and version fields
+ if dsc.has_key("source") and not re_valid_pkg_name.match(dsc["source"]):
+ reject("%s: invalid source name '%s'." % (file, dsc["source"]));
+ if dsc.has_key("version") and not re_valid_version.match(dsc["version"]):
+ reject("%s: invalid version number '%s'." % (file, dsc["version"]));
+
+ # Bumping the version number of the .dsc breaks extraction by stable's
+ # dpkg-source. So let's not do that...
if dsc["format"] != "1.0":
- reject("""[dpkg-sucks] source package was produced by a broken version
- of dpkg-dev 1.9.1{3,4}; please rebuild with >= 1.9.15 version
- installed.""");
+ reject("%s: incompatible 'Format' version produced by a broken version of dpkg-dev 1.9.1{3,4}." % (file));
+
+ # Build-Depends: ARRAY(<hex>) is not good ...
+ if (dsc.get("build-depends","").find("ARRAY") == 0 or
+ dsc.get("build-depends-indep","").find("ARRAY") == 0):
+ reject("%s: invalid Build-Depends field produced by a broken version of dpkg-dev (1.10.11)" % (file));
# Ensure the version number in the .dsc matches the version number in the .changes
epochless_dsc_version = utils.re_no_epoch.sub('', dsc.get("version"));
################################################################################
-# Some cunning stunt broke dpkg-source in dpkg 1.8{,.1}; detect the
+# dpkg-source broke .diff.gz generation in dpkg 1.8.x; detect the
# resulting bad source packages and reject them.
-# Even more amusingly the fix in 1.8.1.1 didn't actually fix the
-# problem just changed the symptoms.
-
def check_diff ():
for filename in files.keys():
if files[filename]["type"] == "diff.gz":
file = gzip.GzipFile(filename, 'r');
for line in file.readlines():
if re_bad_diff.search(line):
- reject("[dpkg-sucks] source package was produced by a broken version of dpkg-dev 1.8.x; please rebuild with >= 1.8.3 version installed.");
+ reject("%s: invalid .diff.gz produced by a broken version of dpkg-dev 1.8.x." % (filename));
break;
################################################################################
if changes["architecture"].has_key("source"):
if not changes.has_key("urgency"):
changes["urgency"] = Cnf["Urgency::Default"];
- if not Cnf.has_key("Urgency::Valid::%s" % changes["urgency"]):
+ if changes["urgency"] not in Cnf.ValueList("Urgency::Valid"):
reject("%s is not a valid urgency; it will be treated as %s by testing." % (changes["urgency"], Cnf["Urgency::Default"]), "Warning: ");
changes["urgency"] = Cnf["Urgency::Default"];
- changes["urgency"] = lower(changes["urgency"]);
+ changes["urgency"] = changes["urgency"].lower();
################################################################################
try:
file_handle = utils.open_file(file);
except utils.cant_open_exc:
- pass;
- else:
- if apt_pkg.md5sum(file_handle) != files[file]["md5sum"]:
- reject("md5sum check failed for %s." % (file));
+ continue;
+
+ # Check md5sum
+ if apt_pkg.md5sum(file_handle) != files[file]["md5sum"]:
+ reject("%s: md5sum check failed." % (file));
+ file_handle.close();
+ # Check size
+ actual_size = os.stat(file)[stat.ST_SIZE];
+ size = int(files[file]["size"]);
+ if size != actual_size:
+ reject("%s: actual file size (%s) does not match size (%s) in .changes"
+ % (file, actual_size, size));
+
+ for file in dsc_files.keys():
+ try:
+ file_handle = utils.open_file(file);
+ except utils.cant_open_exc:
+ continue;
+
+ # Check md5sum
+ if apt_pkg.md5sum(file_handle) != dsc_files[file]["md5sum"]:
+ reject("%s: md5sum check failed." % (file));
+ file_handle.close();
+ # Check size
+ actual_size = os.stat(file)[stat.ST_SIZE];
+ size = int(dsc_files[file]["size"]);
+ if size != actual_size:
+ reject("%s: actual file size (%s) does not match size (%s) in .dsc"
+ % (file, actual_size, size));
################################################################################
# Sanity check the time stamps of files inside debs.
# [Files in the near future cause ugly warnings and extreme time
-# travel can causes errors on extraction]
+# travel can cause errors on extraction]
def check_timestamps():
class Tar:
apt_inst.debExtract(deb_file,tar.callback,"control.tar.gz");
deb_file.seek(0);
apt_inst.debExtract(deb_file,tar.callback,"data.tar.gz");
+ deb_file.close();
#
future_files = tar.future_files.keys();
if future_files:
% (filename, num_ancient_files, ancient_file,
time.ctime(ancient_date)));
except:
- reject("%s: timestamp check failed; caught %s" % (filename, sys.exc_type));
+ reject("%s: deb contents timestamp check failed [%s: %s]" % (filename, sys.exc_type, sys.exc_value));
################################################################################
################################################################################
if Options["No-Action"] or Options["Automatic"]:
answer = 'S'
- if string.find(reject_message, "Rejected") != -1:
+ if reject_message.find("Rejected") != -1:
if upload_too_new():
print "SKIP (too new)\n" + reject_message,;
prompt = "[S]kip, Quit ?";
if Options["Automatic"]:
answer = 'R';
elif new:
- print "NEW to %s\n%s%s" % (string.join(changes["distribution"].keys(), ", "), reject_message, summary),;
+ print "NEW to %s\n%s%s" % (", ".join(changes["distribution"].keys()), reject_message, summary),;
prompt = "[N]ew, Skip, Quit ?";
if Options["Automatic"]:
answer = 'N';
if Options["Automatic"]:
answer = 'A';
- while string.find(prompt, answer) == -1:
+ while prompt.find(answer) == -1:
answer = utils.our_raw_input(prompt);
m = katie.re_default_answer.match(prompt);
if answer == "":
answer = m.group(1);
- answer = string.upper(answer[:1]);
+ answer = answer[:1].upper();
if answer == 'R':
os.chdir (pkg.directory);
def accept (summary, short_summary):
Katie.accept(summary, short_summary);
-
- # Check for override disparities
- if not Cnf["Dinstall::Options::No-Mail"]:
- Katie.check_override();
+ Katie.check_override();
# Finally, remove the originals from the unchecked directory
os.chdir (pkg.directory);
print "Moving to BYHAND holding area."
Logger.log(["Moving to byhand", pkg.changes_file]);
- Katie.dump_vars(Cnf["Dir::QueueByhandDir"]);
+ Katie.dump_vars(Cnf["Dir::Queue::Byhand"]);
file_keys = files.keys();
# Move all the files into the byhand directory
- utils.move (pkg.changes_file, Cnf["Dir::QueueByhandDir"]);
+ utils.move (pkg.changes_file, Cnf["Dir::Queue::Byhand"]);
for file in file_keys:
- utils.move (file, Cnf["Dir::QueueByhandDir"], perms=0660);
+ utils.move (file, Cnf["Dir::Queue::Byhand"], perms=0660);
# Check for override disparities
- if not Cnf["Dinstall::Options::No-Mail"]:
- Katie.Subst["__SUMMARY__"] = summary;
- Katie.check_override();
+ Katie.Subst["__SUMMARY__"] = summary;
+ Katie.check_override();
# Finally remove the originals.
os.chdir (pkg.directory);
print "Moving to NEW holding area."
Logger.log(["Moving to new", pkg.changes_file]);
- Katie.dump_vars(Cnf["Dir::QueueNewDir"]);
+ Katie.dump_vars(Cnf["Dir::Queue::New"]);
file_keys = files.keys();
- # Move all the files into the accepted directory
- utils.move (pkg.changes_file, Cnf["Dir::QueueNewDir"]);
+ # Move all the files into the 'new' directory
+ utils.move (pkg.changes_file, Cnf["Dir::Queue::New"]);
for file in file_keys:
- utils.move (file, Cnf["Dir::QueueNewDir"], perms=0660);
+ utils.move (file, Cnf["Dir::Queue::New"], perms=0660);
if not Options["No-Mail"]:
print "Sending new ack.";
Subst["__SUMMARY__"] = summary;
- new_ack_message = utils.TemplateSubst(Subst,open(Cnf["Dir::TemplatesDir"]+"/jennifer.new","r").read());
- utils.send_mail(new_ack_message,"");
+ new_ack_message = utils.TemplateSubst(Subst,Cnf["Dir::Templates"]+"/jennifer.new");
+ utils.send_mail(new_ack_message);
# Finally remove the originals.
os.chdir (pkg.directory);
# If this is the Real Thing(tm), copy things into a private
# holding directory first to avoid replacable file races.
if not Options["No-Action"]:
- os.chdir(Cnf["Dir::QueueHoldingDir"]);
+ os.chdir(Cnf["Dir::Queue::Holding"]);
copy_to_holding(pkg.changes_file);
# Relativize the filename so we use the copy in holding
# rather than the original...
pkg.changes_file = os.path.basename(pkg.changes_file);
- changes["fingerprint"] = check_signature(pkg.changes_file);
+ changes["fingerprint"] = utils.check_signature(pkg.changes_file, reject);
changes_valid = check_changes();
if changes_valid:
while reprocess:
+ check_distributions();
check_files();
- check_md5sums();
check_dsc();
check_diff();
+ check_md5sums();
check_urgency();
check_timestamps();
Katie.update_subst(reject_message);
changes_files = init();
- if Options["Help"]:
- usage();
-
- if Options["Version"]:
- print "jennifer %s" % (jennifer_version);
- sys.exit(0);
-
# -n/--dry-run invalidates some other options which would involve things happening
if Options["No-Action"]:
Options["Automatic"] = "";
# Ensure all the arguments we were given are .changes files
for file in changes_files:
- if file[-8:] != ".changes":
+ if not file.endswith(".changes"):
utils.warn("Ignoring '%s' because it's not a .changes file." % (file));
changes_files.remove(file);
# Check that we aren't going to clash with the daily cron job
- if not Options["No-Action"] and os.path.exists("%s/Archive_Maintenance_In_Progress" % (Cnf["Dir::RootDir"])) and not Options["No-Lock"]:
+ if not Options["No-Action"] and os.path.exists("%s/Archive_Maintenance_In_Progress" % (Cnf["Dir::Root"])) and not Options["No-Lock"]:
utils.fubar("Archive maintenance in progress. Try again later.");
# Obtain lock if not in no-action mode and initialize the log
if not Options["No-Action"]:
lock_fd = os.open(Cnf["Dinstall::LockFile"], os.O_RDWR | os.O_CREAT);
- fcntl.lockf(lock_fd, FCNTL.F_TLOCK);
+ try:
+ fcntl.lockf(lock_fd, fcntl.LOCK_EX | fcntl.LOCK_NB);
+ except IOError, e:
+ if errno.errorcode[e.errno] == 'EACCES' or errno.errorcode[e.errno] == 'EAGAIN':
+ utils.fubar("Couldn't obtain lock; assuming another jennifer is already running.");
+ else:
+ raise;
Logger = Katie.Logger = logging.Logger(Cnf, "jennifer");
# debian-{devel-,}-changes@lists.debian.org toggles writes access based on this header