#!/usr/bin/env python
# Utility functions
-# Copyright (C) 2000, 2001, 2002 James Troup <james@nocrew.org>
-# $Id: utils.py,v 1.53 2002-11-26 15:49:16 troup Exp $
+# Copyright (C) 2000, 2001, 2002, 2003, 2004 James Troup <james@nocrew.org>
+# $Id: utils.py,v 1.65 2004-04-01 17:13:10 troup Exp $
+
+################################################################################
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
################################################################################
-import commands, os, pwd, re, socket, shutil, string, sys, tempfile, traceback;
+import commands, os, pwd, re, select, socket, shutil, string, sys, tempfile, traceback;
import apt_pkg;
import db_access;
changes_parse_error_exc = "Can't parse line in .changes file";
invalid_dsc_format_exc = "Invalid .dsc file";
nk_format_exc = "Unknown Format: in .changes file";
-no_files_exc = "No Files: field in .dsc file.";
+no_files_exc = "No Files: field in .dsc or .changes file.";
cant_open_exc = "Can't read file.";
unknown_hostname_exc = "Unknown hostname";
cant_overwrite_exc = "Permission denied; can't overwrite existent file."
file_exists_exc = "Destination file exists";
-send_mail_invalid_args_exc = "Both arguments are non-null.";
sendmail_failed_exc = "Sendmail invocation failed";
tried_too_hard_exc = "Tried too hard to find a free filename.";
default_config = "/etc/katie/katie.conf";
default_apt_config = "/etc/katie/apt.conf";
-######################################################################################
+################################################################################
def open_file(filename, mode='r'):
try:
f = open(filename, mode);
except IOError:
- raise cant_open_exc, filename
+ raise cant_open_exc, filename;
return f
-######################################################################################
+################################################################################
def our_raw_input(prompt=""):
if prompt:
sys.stdout.flush();
try:
ret = raw_input();
- return ret
+ return ret;
except EOFError:
- sys.stderr.write('\nUser interrupt (^D).\n');
+ sys.stderr.write("\nUser interrupt (^D).\n");
raise SystemExit;
-######################################################################################
+################################################################################
def str_isnum (s):
for c in s:
return 0;
return 1;
-######################################################################################
+################################################################################
def extract_component_from_section(section):
component = "";
if section.find('/') != -1:
component = section.split('/')[0];
- if component.lower() == "non-us" and section.count('/') > 0:
+ if component.lower() == "non-us" and section.find('/') != -1:
s = component + '/' + section.split('/')[1];
if Cnf.has_key("Component::%s" % s): # Avoid e.g. non-US/libs
component = s;
return (section, component);
-######################################################################################
+################################################################################
+
+# Parses a changes file and returns a dictionary where each field is a
+# key. The mandatory first argument is the filename of the .changes
+# file.
-# dsc_whitespace_rules turns on strict format checking to avoid
+# dsc_whitespace_rules is an optional boolean argument which defaults
+# to off. If true, it turns on strict format checking to avoid
# allowing in source packages which are unextracable by the
# inappropriately fragile dpkg-source.
#
# The rules are:
#
+# o The PGP header consists of "-----BEGIN PGP SIGNED MESSAGE-----"
+# followed by any PGP header data and must end with a blank line.
#
-# o The PGP header consists of "-----BEGIN PGP SIGNED MESSAGE-----"
-# followed by any PGP header data and must end with a blank line.
-#
-# o The data section must end with a blank line and must be followed by
-# "-----BEGIN PGP SIGNATURE-----".
+# o The data section must end with a blank line and must be followed by
+# "-----BEGIN PGP SIGNATURE-----".
def parse_changes(filename, dsc_whitespace_rules=0):
- changes_in = open_file(filename);
error = "";
changes = {};
+
+ changes_in = open_file(filename);
lines = changes_in.readlines();
if not lines:
inside_signature = 0;
- indices = indexed_lines.keys()
+ num_of_lines = len(indexed_lines.keys());
index = 0;
first = -1;
- while index < max(indices):
+ while index < num_of_lines:
index += 1;
line = indexed_lines[index];
if line == "":
if dsc_whitespace_rules:
index += 1;
- if index > max(indices):
+ if index > num_of_lines:
raise invalid_dsc_format_exc, index;
line = indexed_lines[index];
if not line.startswith("-----BEGIN PGP SIGNATURE"):
raise invalid_dsc_format_exc, index;
inside_signature = 0;
break;
+ else:
+ continue;
if line.startswith("-----BEGIN PGP SIGNATURE"):
break;
if line.startswith("-----BEGIN PGP SIGNED MESSAGE"):
+ inside_signature = 1;
if dsc_whitespace_rules:
- inside_signature = 1;
- while index < max(indices) and line != "":
+ while index < num_of_lines and line != "":
index += 1;
line = indexed_lines[index];
continue;
+ # If we're not inside the signed data, don't process anything
+ if not inside_signature:
+ continue;
slf = re_single_line_field.match(line);
if slf:
field = slf.groups()[0].lower();
changes_in.close();
changes["filecontents"] = "".join(lines);
- if error != "":
+ if error:
raise changes_parse_error_exc, error;
return changes;
-######################################################################################
+################################################################################
# Dropped support for 1.4 and ``buggy dchanges 3.4'' (?!) compared to di.pl
def build_file_list(changes, is_a_dsc=0):
- files = {}
- format = changes.get("format", "")
+ files = {};
+
+ # Make sure we have a Files: field to parse...
+ if not changes.has_key("files"):
+ raise no_files_exc;
+
+ # Make sure we recognise the format of the Files: field
+ format = changes.get("format", "");
if format != "":
- format = float(format)
+ format = float(format);
if not is_a_dsc and (format < 1.5 or format > 2.0):
raise nk_format_exc, format;
- # No really, this has happened. Think 0 length .dsc file.
- if not changes.has_key("files"):
- raise no_files_exc
-
- for i in changes["files"].split("\n"):
- if i == "":
- break
+ # Parse each entry/line:
+ for i in changes["files"].split('\n'):
+ if not i:
+ break;
s = i.split();
section = priority = "";
try:
if is_a_dsc:
- (md5, size, name) = s
+ (md5, size, name) = s;
else:
- (md5, size, section, priority, name) = s
+ (md5, size, section, priority, name) = s;
except ValueError:
- raise changes_parse_error_exc, i
+ raise changes_parse_error_exc, i;
- if section == "": section = "-"
- if priority == "": priority = "-"
+ if section == "":
+ section = "-";
+ if priority == "":
+ priority = "-";
(section, component) = extract_component_from_section(section);
- files[name] = { "md5sum" : md5,
- "size" : size,
- "section": section,
- "priority": priority,
- "component": component }
+ files[name] = Dict(md5sum=md5, size=size, section=section,
+ priority=priority, component=component);
return files
-######################################################################################
+################################################################################
# Fix the `Maintainer:' field to be an RFC822 compatible address.
-# cf. Packaging Manual (4.2.4)
+# cf. Debian Policy Manual (D.2.4)
#
# 06:28|<Culus> 'The standard sucks, but my tool is supposed to
# interoperate with it. I know - I'll fix the suckage
def fix_maintainer (maintainer):
m = re_parse_maintainer.match(maintainer);
- rfc822 = maintainer
- name = ""
- email = ""
- if m != None and len(m.groups()) == 2:
- name = m.group(1)
- email = m.group(2)
+ rfc822 = maintainer;
+ name = "";
+ email = "";
+ if m and len(m.groups()) == 2:
+ name = m.group(1);
+ email = m.group(2);
if name.find(',') != -1 or name.find('.') != -1:
- rfc822 = re_parse_maintainer.sub(r"\2 (\1)", maintainer)
+ rfc822 = "%s (%s)" % (email, name);
return (rfc822, name, email)
-######################################################################################
+################################################################################
# sendmail wrapper, takes _either_ a message string or a file as arguments
-def send_mail (message, filename):
- # Sanity check arguments
- if message != "" and filename != "":
- raise send_mail_invalid_args_exc;
-
+def send_mail (message, filename=""):
# If we've been passed a string dump it into a temporary file
- if message != "":
+ if message:
filename = tempfile.mktemp();
fd = os.open(filename, os.O_RDWR|os.O_CREAT|os.O_EXCL, 0700);
os.write (fd, message);
raise sendmail_failed_exc, output;
# Clean up any temporary files
- if message !="":
+ if message:
os.unlink (filename);
-######################################################################################
+################################################################################
def poolify (source, component):
- if component != "":
+ if component:
component += '/';
# FIXME: this is nasty
- component = component.lower().replace('non-us/', 'non-US/');
+ component = component.lower().replace("non-us/", "non-US/");
if source[:3] == "lib":
return component + source[:4] + '/' + source + '/'
else:
return component + source[:1] + '/' + source + '/'
-######################################################################################
+################################################################################
def move (src, dest, overwrite = 0, perms = 0664):
if os.path.exists(dest) and os.path.isdir(dest):
# Don't overwrite unless forced to
if os.path.exists(dest):
if not overwrite:
- raise file_exists_exc;
+ fubar("Can't move %s to %s - file already exists." % (src, dest));
else:
if not os.access(dest, os.W_OK):
- raise cant_overwrite_exc
+ fubar("Can't move %s to %s - can't write to existing file." % (src, dest));
shutil.copy2(src, dest);
os.chmod(dest, perms);
os.unlink(src);
shutil.copy2(src, dest);
os.chmod(dest, perms);
-######################################################################################
+################################################################################
def where_am_i ():
res = socket.gethostbyaddr(socket.gethostname());
else:
return default_apt_config;
-######################################################################################
+################################################################################
# Escape characters which have meaning to SQL's regex comparison operator ('~')
# (woefully incomplete)
s = s.replace('.', '\\\\.');
return s
-######################################################################################
+################################################################################
# Perform a substition of template
def TemplateSubst(map, filename):
file.close();
return template;
-######################################################################################
+################################################################################
def fubar(msg, exit_code=1):
sys.stderr.write("E: %s\n" % (msg));
def warn(msg):
sys.stderr.write("W: %s\n" % (msg));
-######################################################################################
+################################################################################
# Returns the user name with a laughable attempt at rfc822 conformancy
# (read: removing stray periods).
def whoami ():
return pwd.getpwuid(os.getuid())[4].split(',')[0].replace('.', '');
-######################################################################################
+################################################################################
def size_type (c):
t = " b";
################################################################################
def cc_fix_changes (changes):
- o = changes.get("architecture", "")
- if o != "":
- del changes["architecture"]
- changes["architecture"] = {}
+ o = changes.get("architecture", "");
+ if o:
+ del changes["architecture"];
+ changes["architecture"] = {};
for j in o.split():
- changes["architecture"][j] = 1
+ changes["architecture"][j] = 1;
# Sort by source name, source version, 'have source', and then by filename
def changes_compare (a, b):
################################################################################
-def prefix_multi_line_string(str, prefix):
+def prefix_multi_line_string(str, prefix, include_blank_lines=0):
out = "";
for line in str.split('\n'):
line = line.strip();
- if line:
+ if line or include_blank_lines:
out += "%s%s\n" % (prefix, line);
# Strip trailing new line
if out:
# Process suite
if Options["Suite"]:
suite_ids_list = [];
- for suite in Options["Suite"].split():
+ for suite in split_args(Options["Suite"]):
suite_id = db_access.get_suite_id(suite);
if suite_id == -1:
warn("suite '%s' not recognised." % (suite));
# Process component
if Options["Component"]:
component_ids_list = [];
- for component in Options["Component"].split():
+ for component in split_args(Options["Component"]):
component_id = db_access.get_component_id(component);
if component_id == -1:
warn("component '%s' not recognised." % (component));
if Options["Architecture"]:
arch_ids_list = [];
check_source = 0;
- for architecture in Options["Architecture"].split():
+ for architecture in split_args(Options["Architecture"]):
if architecture == "source":
check_source = 1;
else:
################################################################################
-apt_pkg.init()
+# Function for use in sorting lists of architectures.
+# Sorts normally except that 'source' dominates all others.
+
+def arch_compare_sw (a, b):
+ if a == "source" and b == "source":
+ return 0;
+ elif a == "source":
+ return -1;
+ elif b == "source":
+ return 1;
+
+ return cmp (a, b);
+
+################################################################################
+
+# Split command line arguments which can be separated by either commas
+# or whitespace. If dwim is set, it will complain about string ending
+# in comma since this usually means someone did 'madison -a i386, m68k
+# foo' or something and the inevitable confusion resulting from 'm68k'
+# being treated as an argument is undesirable.
+
+def split_args (s, dwim=1):
+ if s.find(",") == -1:
+ return s.split();
+ else:
+ if s[-1:] == "," and dwim:
+ fubar("split_args: found trailing comma, spurious space maybe?");
+ return s.split(",");
+
+################################################################################
+
+def Dict(**dict): return dict
+
+########################################
+
+# Our very own version of commands.getouputstatus(), hacked to support
+# gpgv's status fd.
+def gpgv_get_status_output(cmd, status_read, status_write):
+ cmd = ['/bin/sh', '-c', cmd];
+ p2cread, p2cwrite = os.pipe();
+ c2pread, c2pwrite = os.pipe();
+ errout, errin = os.pipe();
+ pid = os.fork();
+ if pid == 0:
+ # Child
+ os.close(0);
+ os.close(1);
+ os.dup(p2cread);
+ os.dup(c2pwrite);
+ os.close(2);
+ os.dup(errin);
+ for i in range(3, 256):
+ if i != status_write:
+ try:
+ os.close(i);
+ except:
+ pass;
+ try:
+ os.execvp(cmd[0], cmd);
+ finally:
+ os._exit(1);
+
+ # Parent
+ os.close(p2cread)
+ os.dup2(c2pread, c2pwrite);
+ os.dup2(errout, errin);
+
+ output = status = "";
+ while 1:
+ i, o, e = select.select([c2pwrite, errin, status_read], [], []);
+ more_data = [];
+ for fd in i:
+ r = os.read(fd, 8196);
+ if len(r) > 0:
+ more_data.append(fd);
+ if fd == c2pwrite or fd == errin:
+ output += r;
+ elif fd == status_read:
+ status += r;
+ else:
+ fubar("Unexpected file descriptor [%s] returned from select\n" % (fd));
+ if not more_data:
+ pid, exit_status = os.waitpid(pid, 0)
+ try:
+ os.close(status_write);
+ os.close(status_read);
+ os.close(c2pread);
+ os.close(c2pwrite);
+ os.close(p2cwrite);
+ os.close(errin);
+ os.close(errout);
+ except:
+ pass;
+ break;
+
+ return output, status, exit_status;
+
+############################################################
+
+
+def check_signature (filename, reject):
+ """Check the signature of a file and return the fingerprint if the
+signature is valid or 'None' if it's not. The first argument is the
+filename whose signature should be checked. The second argument is a
+reject function and is called when an error is found. The reject()
+function must allow for two arguments: the first is the error message,
+the second is an optional prefix string. It's possible for reject()
+to be called more than once during an invocation of check_signature()."""
+
+ # Ensure the filename contains no shell meta-characters or other badness
+ if not re_taint_free.match(os.path.basename(filename)):
+ reject("!!WARNING!! tainted filename: '%s'." % (filename));
+ return 0;
+
+ # Invoke gpgv on the file
+ status_read, status_write = os.pipe();
+ cmd = "gpgv --status-fd %s --keyring %s --keyring %s %s" \
+ % (status_write, Cnf["Dinstall::PGPKeyring"], Cnf["Dinstall::GPGKeyring"], filename);
+ (output, status, exit_status) = gpgv_get_status_output(cmd, status_read, status_write);
+
+ # Process the status-fd output
+ keywords = {};
+ bad = internal_error = "";
+ for line in status.split('\n'):
+ line = line.strip();
+ if line == "":
+ continue;
+ split = line.split();
+ if len(split) < 2:
+ internal_error += "gpgv status line is malformed (< 2 atoms) ['%s'].\n" % (line);
+ continue;
+ (gnupg, keyword) = split[:2];
+ if gnupg != "[GNUPG:]":
+ internal_error += "gpgv status line is malformed (incorrect prefix '%s').\n" % (gnupg);
+ continue;
+ args = split[2:];
+ if keywords.has_key(keyword) and (keyword != "NODATA" and keyword != "SIGEXPIRED"):
+ internal_error += "found duplicate status token ('%s').\n" % (keyword);
+ continue;
+ else:
+ keywords[keyword] = args;
+
+ # If we failed to parse the status-fd output, let's just whine and bail now
+ if internal_error:
+ reject("internal error while performing signature check on %s." % (filename));
+ reject(internal_error, "");
+ reject("Please report the above errors to the Archive maintainers by replying to this mail.", "");
+ return None;
+
+ # Now check for obviously bad things in the processed output
+ if keywords.has_key("SIGEXPIRED"):
+ reject("The key used to sign %s has expired." % (filename));
+ bad = 1;
+ if keywords.has_key("KEYREVOKED"):
+ reject("The key used to sign %s has been revoked." % (filename));
+ bad = 1;
+ if keywords.has_key("BADSIG"):
+ reject("bad signature on %s." % (filename));
+ bad = 1;
+ if keywords.has_key("ERRSIG") and not keywords.has_key("NO_PUBKEY"):
+ reject("failed to check signature on %s." % (filename));
+ bad = 1;
+ if keywords.has_key("NO_PUBKEY"):
+ args = keywords["NO_PUBKEY"];
+ if len(args) >= 1:
+ key = args[0];
+ reject("The key (0x%s) used to sign %s wasn't found in the keyring(s)." % (key, filename));
+ bad = 1;
+ if keywords.has_key("BADARMOR"):
+ reject("ASCII armour of signature was corrupt in %s." % (filename));
+ bad = 1;
+ if keywords.has_key("NODATA"):
+ reject("no signature found in %s." % (filename));
+ bad = 1;
+
+ if bad:
+ return None;
+
+ # Next check gpgv exited with a zero return code
+ if exit_status:
+ reject("gpgv failed while checking %s." % (filename));
+ if status.strip():
+ reject(prefix_multi_line_string(status, " [GPG status-fd output:] "), "");
+ else:
+ reject(prefix_multi_line_string(output, " [GPG output:] "), "");
+ return None;
+
+ # Sanity check the good stuff we expect
+ if not keywords.has_key("VALIDSIG"):
+ reject("signature on %s does not appear to be valid [No VALIDSIG]." % (filename));
+ bad = 1;
+ else:
+ args = keywords["VALIDSIG"];
+ if len(args) < 1:
+ reject("internal error while checking signature on %s." % (filename));
+ bad = 1;
+ else:
+ fingerprint = args[0];
+ if not keywords.has_key("GOODSIG"):
+ reject("signature on %s does not appear to be valid [No GOODSIG]." % (filename));
+ bad = 1;
+ if not keywords.has_key("SIG_ID"):
+ reject("signature on %s does not appear to be valid [No SIG_ID]." % (filename));
+ bad = 1;
+
+ # Finally ensure there's not something we don't recognise
+ known_keywords = Dict(VALIDSIG="",SIG_ID="",GOODSIG="",BADSIG="",ERRSIG="",
+ SIGEXPIRED="",KEYREVOKED="",NO_PUBKEY="",BADARMOR="",
+ NODATA="");
+
+ for keyword in keywords.keys():
+ if not known_keywords.has_key(keyword):
+ reject("found unknown status token '%s' from gpgv with args '%r' in %s." % (keyword, keywords[keyword], filename));
+ bad = 1;
+
+ if bad:
+ return None;
+ else:
+ return fingerprint;
+
+################################################################################
+
+# Inspired(tm) by http://www.zopelabs.com/cookbook/1022242603
+
+def wrap(paragraph, max_length, prefix=""):
+ line = "";
+ s = "";
+ have_started = 0;
+ words = paragraph.split();
+
+ for word in words:
+ word_size = len(word);
+ if word_size > max_length:
+ if have_started:
+ s += line + '\n' + prefix;
+ s += word + '\n' + prefix;
+ else:
+ if have_started:
+ new_length = len(line) + word_size + 1;
+ if new_length > max_length:
+ s += line + '\n' + prefix;
+ line = word;
+ else:
+ line += ' ' + word;
+ else:
+ line = word;
+ have_started = 1;
+
+ if have_started:
+ s += line;
+
+ return s;
+
+################################################################################
+
+# Relativize an absolute symlink from 'src' -> 'dest' relative to 'root'.
+# Returns fixed 'src'
+def clean_symlink (src, dest, root):
+ src = src.replace(root, '', 1);
+ dest = dest.replace(root, '', 1);
+ dest = os.path.dirname(dest);
+ new_src = '../' * len(dest.split('/'));
+ return new_src + src;
+
+################################################################################
+
+def temp_filename(directory=None, dotprefix=None, perms=0700):
+ """Return a secure and unique filename by pre-creating it.
+If 'directory' is non-null, it will be the directory the file is pre-created in.
+If 'dotprefix' is non-null, the filename will be prefixed with a '.'."""
+
+ if directory:
+ old_tempdir = tempfile.tempdir;
+ tempfile.tempdir = directory;
+
+ filename = tempfile.mktemp();
+
+ if dotprefix:
+ filename = "%s/.%s" % (os.path.dirname(filename), os.path.basename(filename));
+ fd = os.open(filename, os.O_RDWR|os.O_CREAT|os.O_EXCL, perms);
+ os.close(fd);
+
+ if directory:
+ tempfile.tempdir = old_tempdir;
+
+ return filename;
+
+################################################################################
+
+apt_pkg.init();
Cnf = apt_pkg.newConfiguration();
apt_pkg.ReadConfigFileISC(Cnf,default_config);
if which_conf_file() != default_config:
- apt_pkg.ReadConfigFileISC(Cnf,which_conf_file())
+ apt_pkg.ReadConfigFileISC(Cnf,which_conf_file());
################################################################################
projects / dak.git / blobdiff