X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=daklib%2Futils.py;h=dbc8c16c0fce391c8b8f5fc9764f57223d15bd22;hb=74c5a1256401a709d74c496b972cc0bd38decaa8;hp=7979344dd3271be2f31ecebbf87ce2768be552e7;hpb=c78191d7291045156d3a36493a41c7dd7741f7bc;p=dak.git diff --git a/daklib/utils.py b/daklib/utils.py index 7979344d..dbc8c16c 100755 --- a/daklib/utils.py +++ b/daklib/utils.py @@ -1,7 +1,7 @@ #!/usr/bin/env python # vim:set et ts=4 sw=4: -# Utility functions +""" Utility functions """ # Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006 James Troup ################################################################################ @@ -26,30 +26,14 @@ import codecs, commands, email.Header, os, pwd, re, select, socket, shutil, \ sys, tempfile, traceback, stat import apt_pkg import database +import time from dak_exceptions import * +from regexes import re_html_escaping, html_escaping, re_single_line_field, \ + re_multi_line_field, re_srchasver, re_verwithext, \ + re_parse_maintainer, re_taint_free, re_gpg_uid ################################################################################ -re_comments = re.compile(r"\#.*") -re_no_epoch = re.compile(r"^\d+\:") -re_no_revision = re.compile(r"-[^-]+$") -re_arch_from_filename = re.compile(r"/binary-[^/]+/") -re_extract_src_version = re.compile (r"(\S+)\s*\((.*)\)") -re_isadeb = re.compile (r"(.+?)_(.+?)_(.+)\.u?deb$") -re_issource = re.compile (r"(.+)_(.+?)\.(orig\.tar\.gz|diff\.gz|tar\.gz|dsc)$") - -re_single_line_field = re.compile(r"^(\S*)\s*:\s*(.*)") -re_multi_line_field = re.compile(r"^\s(.*)") -re_taint_free = re.compile(r"^[-+~/\.\w]+$") - -re_parse_maintainer = re.compile(r"^\s*(\S.*\S)\s*\<([^\>]+)\>") -re_gpg_uid = re.compile('^uid.*<([^>]*)>') - -re_srchasver = re.compile(r"^(\S+)\s+\((\S+)\)$") -re_verwithext = re.compile(r"^(\d+)(?:\.(\d+))(?:\s+\((\S+)\))?$") - -re_srchasver = re.compile(r"^(\S+)\s+\((\S+)\)$") - default_config = "/etc/dak/dak.conf" default_apt_config = "/etc/dak/apt.conf" @@ -62,6 +46,11 @@ known_hashes = [("sha1", apt_pkg.sha1sum, (1, 8)), ################################################################################ +def html_escape(s): + return re_html_escaping.sub(lambda x: html_escaping.get(x.group(0)), s) + +################################################################################ + def open_file(filename, mode='r'): try: f = open(filename, mode) @@ -389,25 +378,24 @@ def parse_checksums(where, files, manifest, hashname): field = 'checksums-%s' % hashname if not field in manifest: return rejmsg - input = manifest[field] - for line in input.split('\n'): + for line in manifest[field].split('\n'): if not line: break - hash, size, file = line.strip().split(' ') - if not files.has_key(file): + checksum, size, checkfile = line.strip().split(' ') + if not files.has_key(checkfile): # TODO: check for the file's entry in the original files dict, not # the one modified by (auto)byhand and other weird stuff # rejmsg.append("%s: not present in files but in checksums-%s in %s" % # (file, hashname, where)) continue - if not files[file]["size"] == size: + if not files[checkfile]["size"] == size: rejmsg.append("%s: size differs for files and checksums-%s entry "\ - "in %s" % (file, hashname, where)) + "in %s" % (checkfile, hashname, where)) continue - files[file][hash_key(hashname)] = hash + files[checkfile][hash_key(hashname)] = checksum for f in files.keys(): if not files[f].has_key(hash_key(hashname)): - rejmsg.append("%s: no entry in checksums-%s in %s" % (file, + rejmsg.append("%s: no entry in checksums-%s in %s" % (checkfile, hashname, where)) return rejmsg @@ -436,7 +424,10 @@ def build_file_list(changes, is_a_dsc=0, field="files", hashname="md5sum"): format = format[:2] if is_a_dsc: - if format != (1,0): + # format = (1,0) are the only formats we currently accept, + # format = (0,0) are missing format headers of which we still + # have some in the archive. + if format != (1,0) and format != (0,0): raise UnknownFormatError, "%s" % (changes.get("format","0.0")) else: if (format < (1,5) or format > (1,8)): @@ -558,8 +549,7 @@ switched to 'email (name)' format.""" def send_mail (message, filename=""): # If we've been passed a string dump it into a temporary file if message: - filename = tempfile.mktemp() - fd = os.open(filename, os.O_RDWR|os.O_CREAT|os.O_EXCL, 0700) + (fd, filename) = tempfile.mkstemp() os.write (fd, message) os.close (fd) @@ -675,11 +665,11 @@ def regex_safe (s): # Perform a substition of template def TemplateSubst(map, filename): - file = open_file(filename) - template = file.read() + templatefile = open_file(filename) + template = templatefile.read() for x in map.keys(): template = template.replace(x,map[x]) - file.close() + templatefile.close() return template ################################################################################ @@ -775,13 +765,13 @@ def find_next_free (dest, too_many=100): ################################################################################ def result_join (original, sep = '\t'): - list = [] + resultlist = [] for i in xrange(len(original)): if original[i] == None: - list.append("") + resultlist.append("") else: - list.append(original[i]) - return sep.join(list) + resultlist.append(original[i]) + return sep.join(resultlist) ################################################################################ @@ -1108,7 +1098,7 @@ on error.""" return "%s: tainted filename" % (filename) # Invoke gpgv on the file - status_read, status_write = os.pipe(); + status_read, status_write = os.pipe() cmd = "gpgv --status-fd %s --keyring /dev/null %s" % (status_write, filename) (_, status, _) = gpgv_get_status_output(cmd, status_read, status_write) @@ -1180,7 +1170,7 @@ used.""" return None # Build the command line - status_read, status_write = os.pipe(); + status_read, status_write = os.pipe() cmd = "gpgv --status-fd %s %s %s %s" % ( status_write, gpg_keyring_args(keyrings), sig_filename, data_filename) @@ -1220,11 +1210,22 @@ used.""" if keywords.has_key("NODATA"): reject("no signature found in %s." % (sig_filename)) bad = 1 + if keywords.has_key("EXPKEYSIG"): + args = keywords["EXPKEYSIG"] + if len(args) >= 1: + key = args[0] + reject("Signature made by expired key 0x%s" % (key)) + bad = 1 if keywords.has_key("KEYEXPIRED") and not keywords.has_key("GOODSIG"): args = keywords["KEYEXPIRED"] + expiredate="" if len(args) >= 1: - key = args[0] - reject("The key (0x%s) used to sign %s has expired." % (key, sig_filename)) + timestamp = args[0] + if timestamp.count("T") == 0: + expiredate = time.strftime("%Y-%m-%d", time.gmtime(timestamp)) + else: + expiredate = timestamp + reject("The key used to sign %s has expired on %s" % (sig_filename, expiredate)) bad = 1 if bad: @@ -1337,26 +1338,16 @@ def clean_symlink (src, dest, root): ################################################################################ -def temp_filename(directory=None, dotprefix=None, perms=0700): +def temp_filename(directory=None, prefix="dak", suffix=""): """Return a secure and unique filename by pre-creating it. If 'directory' is non-null, it will be the directory the file is pre-created in. -If 'dotprefix' is non-null, the filename will be prefixed with a '.'.""" +If 'prefix' is non-null, the filename will be prefixed with it, default is dak. +If 'suffix' is non-null, the filename will end with it. - if directory: - old_tempdir = tempfile.tempdir - tempfile.tempdir = directory - - filename = tempfile.mktemp() - - if dotprefix: - filename = "%s/.%s" % (os.path.dirname(filename), os.path.basename(filename)) - fd = os.open(filename, os.O_RDWR|os.O_CREAT|os.O_EXCL, perms) - os.close(fd) - - if directory: - tempfile.tempdir = old_tempdir +Returns a pair (fd, name). +""" - return filename + return tempfile.mkstemp(suffix, prefix, directory) ################################################################################