X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=daklib%2Fchecks.py;h=436827372c9b9d27074b722ded838a1c1ac5de92;hb=ec40405e0692fd28e4c5c76d2b7c3db57631a518;hp=dce112b878ed77cfeba890f0263d37e2993e3359;hpb=5c903326aaf0db9191d58691d38d7198684f41ce;p=dak.git

diff --git a/daklib/checks.py b/daklib/checks.py
index dce112b8..43682737 100644
--- a/daklib/checks.py
+++ b/daklib/checks.py
@@ -109,6 +109,16 @@ class Check(object):
         return False
 
 class SignatureAndHashesCheck(Check):
+    def check_replay(self, upload):
+        # Use private session as we want to remember having seen the .changes
+        # in all cases.
+        session = upload.session
+        history = SignatureHistory.from_signed_file(upload.changes)
+        r = history.query(session)
+        if r is not None:
+            raise Reject('Signature for changes file was already seen at {0}.\nPlease refresh the signature of the changes file if you want to upload it again.'.format(r.seen))
+        return True
+
     """Check signature of changes and dsc file (if included in upload)
 
     Make sure the signature is valid and done by a known user.
@@ -117,6 +127,7 @@ class SignatureAndHashesCheck(Check):
         changes = upload.changes
         if not changes.valid_signature:
             raise Reject("Signature for .changes not valid.")
+        self.check_replay(upload)
         self._check_hashes(upload, changes.filename, changes.files.itervalues())
 
         source = None