| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
buster's git rejects ext:: by default. See #XXXX and
man git-config |less +/'protocol.*allow'
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We achieve this by passing -L to curl.
We also pass an appropriate-seeming --proto-redir, because the curl
manual is not entirely reassuring that following redirections with the
default configuration is safe.
This finally fixes #867185/#867309. What happens there is that curl
gets a redirect, along with an HTML error document. curl then exits
with status zero, effectively pretending that the error document is
the resource which was requested. dgit notices that something is
wrong because the file does not have the expected cryptographic
checksum.
I suspect that there are other download problems which would give a
similar effect. Sadly the curl manpage doesn't seem to suggest a way
to avoid this. At least, dgit will never carry on in such a
situation, since it insists that the file has the right hash. And if
it does have the right hash we don't really care how it was obtained.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
|
|
| |
When dgit wanted to report that a file it downloaded had the wrong
checksum, it would instead crash with this message. This was due to
complete_file_from_dsc's $got (which is relied on by the callers of
$checkhash) being shadowed inside $checkhash.
This is part of #867185/#867185.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
buildinfos are supposed to be signed. And, indeed, if they are
present, debsign wants to sign them. That means they need to be
transferred to the signing end, and back again.
We check that the filename is not totally unreasonable, but do not
attempt to verify it completely. If there are situations where
unwanted or confusing buildinfos are generated, this is the fault of
the build process. dgit rpush should, in this respect, do the same as
debsign+dput - ie faithfully sign and upload what the build has
provided.
We do check that the buildinfo doesn't look too much like a .changes,
and mentions the same files as the .changes (insofar as they mention
files in common). This is a rather nugatory defence against some
kinds of bait and switch attacks.
This is in some sense an incompatible protocol change: if the build
host has a new dgit, and sends buildinfos, an old dgit on the
initiator will declare a protocol violation. However, the new
protocol elements occur only when needed. in this situation, the only
way to get things to work at all with the old dgit at either end would
be to strip out the buildinfos, which is obviously undesirable.
Closes:#867693.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
| |
This very slight refactoring makes it easier to add additional files
here, and also factors out the appending of $dryrunsuffix to each one.
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Nicholas D Steeves <nsteeves@gmail.com>
|
|
|
|
| |
Signed-off-by: Nicholas D Steeves <nsteeves@gmail.com>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
Nothing sets this yet, so no functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some maintainers have written commas in the maintainer field of their
changelog entries. Such changelog entries could not be imported.
clogp_authline had code to replace multiple maintainers (which are
hypothetical right now) into just the first, but that trips on these
maintainers with commas.
Ultimately we should expect that the Maintainer: field from
dpkg-parsechangelog is in (a subset of) RFC5322 recipient field
format. In that format, any commas would need to be quoted.
So:
If the Maintainer field from dpkg-parsechangelog has a comma which has
no @ or " before it, then we consider it a single old-school
comma-containing maintainer. If it were intended as multiple
maintainers, then the first maintainer has no email address. Not
coping properly with that very-hypothetical future seems OK. We
simply delete the comma, so that the things we record in the git
history are more conservative.
If there is a " we leave things untouched in the hope that this is a
single address, albeit with some quoting. The alternative would be to
try to use a full RFC5322 parser. That's quite a risky change.
Perhaps we will revisit this after stretch.
For now this Closes:#852661.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
| |
Check that commits have smae authorship as appears in the changelog.
(Or, at least, the same authorship set.)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Specifically:
* Pass -q to git-symbolic-ref. That means that it doesn't print
an error message when HEAD is not a symbolic ref (ie, a
detached head), and it means that the exit status is then 1
rather than 128.
* If the return value from cmdoutput_errok is undef, check $? (which
is the exit status <<8) and then simply pass on the undef.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
| |
We are going to need to reuse this to print a proper error message.
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
so as to avoid blank line in commit messages. Closes:#853093.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
Test for #853085.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
Copy to dgit private workarea. Closes:#853085.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check that the overwritten version's changelog entry is not
UNRELEASED.
This could easily happen if this release was being made from a git
branch which predates the previous package upload, with working
practices which commit finalised UNRELEASED changelog entries with the
complete version number for the next upload. (Such practices seem
quite common.)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
| |
This means that t-defdistro works without t-chain-test and
reinvocation.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
`make dgit-maint-merge.7.view' runs `man -l ...'
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
Would have detected #851906 (and hopefully #850521).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
|
|
|
| |
In 468edf05661e "dgit: clone-dgit-repos-server: Set $access_forpush"
we set this to 0.
But this is wrong. The dgit-repos-server is used for pushing, not for
readonly access. The readonly url may be entirely wrong, and indeed
it is, for Debian.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
|
|
| |
We need to set this or access_*() fails. Set it to a dummy value.
The user will need to specify -d to get the server for a non-default
distro, which is hopefully obvious.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
| |
Add dummy implementation of file_in_archive_aptget copied from
file_in_archive_dummycat. Re:#851697.
|
|
|
|
|
|
|
|
|
|
|
| |
But still insist on email address and date).
Peter Green reports that eg 71e128629ec786f3 in upstream xen.git is
such a commit (and is accepted by github).
Closes:#851716.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
|
|
| |
Closes:#851800.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|
|
|
|
| |
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
|