m/^(\S+) (\S+) (\S+)$/ or die "$_ ?";
my ($old, $sha1, $refname) = ($1, $2, $3);
if ($refname =~ m{^refs/tags/(?=debian/)}) {
- die if defined $tagname;
+ reject "pushing multiple tags!" if defined $tagname;
$tagname = $'; #';
$tagval = $sha1;
reject "tag $tagname already exists -".
" not replacing previously-pushed version"
if $old =~ m/[^0]/;
} elsif ($refname =~ m{^refs/dgit/}) {
- die if defined $suite;
+ reject "pushing multiple heads!" if defined $suite;
$suite = $'; #';
$oldcommit = $old;
$commit = $sha1;
} else {
- die;
+ reject "pushing unexpected ref!";
}
}
STDIN->error and die $!;
- die unless defined $tagname;
- die unless defined $suite;
+ reject "push is missing tag ref update" unless defined $tagname;
+ reject "push is missing head ref update" unless defined $suite;
debug " updates ok.";
}
while (<DT>) {
m/^fingerprint:\s+$keyid$/oi
..0 or next;
- m/^\S/
- or reject "key $keyid missing Allow section in permissions!";
+ if (s/^allow:/ /i..0) {
+ } else {
+ m/^./
+ or reject "key $keyid missing Allow section in permissions!";
+ next;
+ }
# in right stanza...
- s/^allow:/ /i
- ..0 or next;
- s/^\s+//
+ s/^[ \t]+//
or reject "package $package not allowed for key $keyid";
# in allow field...
s/\([^()]+\)//;
sub tagh1 ($) {
my ($tag) = @_;
my $vals = $tagh{$tag};
- reject "missing tag $tag in signed tag object" unless $vals;
- reject "multiple tags $tag in signed tag object" unless @$vals == 1;
+ reject "missing header $tag in signed tag object" unless $vals;
+ reject "multiple headers $tag in signed tag object" unless @$vals == 1;
return $vals->[0];
}
sub checks () {
debug "checks";
checksuite();
- tagh1('type') eq 'commit' or die;
- tagh1('object') eq $commit or die;
- tagh1('tag') eq $tagname or die;
+ tagh1('type') eq 'commit' or reject "tag refers to wrong kind of object";
+ tagh1('object') eq $commit or reject "tag refers to wrong commit";
+ tagh1('tag') eq $tagname or reject "tag name in tag is wrong";
my $v = $version;
$v =~ y/~:/_%/;