X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=blobdiff_plain;f=dgit;h=0908105357426821699bb0953a254f965fbcc02e;hp=3a91929f7cbffb027e891fe8b86ec1a5327682a9;hb=bf3c1aff96cc631d7c3a41ff0e5a52d4574a13a8;hpb=e7d9e0826831352cee9b27b5a94ac728e7d68982 diff --git a/dgit b/dgit index 3a91929f..09081053 100755 --- a/dgit +++ b/dgit @@ -27,12 +27,15 @@ use File::Path; use File::Basename; use Dpkg::Version; use POSIX; +use IPC::Open2; +use File::Temp; our $our_version = 'UNRELEASED'; ###substituted### our $isuite = 'unstable'; our $idistro; our $package; +our @ropts; our $sign = 1; our $dryrun = 0; @@ -42,6 +45,7 @@ our $ignoredirty = 0; our $noquilt = 0; our $existing_package = 'dpkg'; our $cleanmode = 'dpkg-source'; +our $we_are_responder; our %format_ok = map { $_=>1 } ("1.0","3.0 (native)","3.0 (quilt)"); @@ -51,6 +55,8 @@ our (@dput) = qw(dput); our (@debsign) = qw(debsign); our (@gpg) = qw(gpg); our (@sbuild) = qw(sbuild -A); +our (@ssh) = qw(ssh); +our (@dgit) = qw(dgit); our (@dpkgbuildpackage) = qw(dpkg-buildpackage -i\.git/ -I.git); our (@dpkgsource) = qw(dpkg-source -i\.git/ -I.git); our (@dpkggenchanges) = qw(dpkg-genchanges); @@ -62,6 +68,8 @@ our %opts_opt_map = ('dget' => \@dget, 'debsign' => \@debsign, 'gpg' => \@gpg, 'sbuild' => \@sbuild, + 'ssh' => \@ssh, + 'dgit' => \@dgit, 'dpkg-source' => \@dpkgsource, 'dpkg-buildpackage' => \@dpkgbuildpackage, 'dpkg-genchanges' => \@dpkggenchanges, @@ -118,6 +126,138 @@ sub fetchspec () { return "+".rrref().":".lrref(); } +#---------- remote protocol support, common ---------- + +# remote push initiator/responder protocol: +# < dgit-remote-push-ready [optional extra info ignored by old initiators] +# +# > file begin parsed-changelog +# [indicates that output of dpkg-parsechangelog follows] +# > data-block NBYTES +# > [NBYTES bytes of data (no newline)] +# [maybe some more blocks] +# > data-end +# +# > file begin dsc +# [etc] +# +# > file begin changes +# [etc] +# +# > want signed-tag +# [indicates that signed tag is wanted] +# < data-block NBYTES +# < [NBYTES bytes of data (no newline)] +# [maybe some more blocks] +# < data-end +# < files-end +# +# > want signed-changes-dsc +# < data-block NBYTES [transfer of signed changes] +# [etc] +# < data-block NBYTES [transfer of signed dsc] +# [etc] +# < files-end +# +# > complete + +sub badproto ($$) { + my ($fh, $m) = @_; + fail "connection lost: $!" if $fh->error; + fail "connection terminated" if $fh->eof; + fail "protocol violation; $m not expected"; +} + +sub protocol_expect ($&) { + my ($fh, $match) = @_; + local $_; + $_ = <$fh>; + defined && chomp or badproto $fh, "eof"; + return if &$match; + badproto $fh, "\`$_'"; +} + +sub protocol_send_file ($$) { + my ($fh, $ourfn) = @_; + open PF, "<", $ourfn or die "$ourfn: $!"; + for (;;) { + my $d; + my $got = read PF, $d, 65536; + die "$ourfn: $!" unless defined $got; + last if $got; + print $fh "data-block ".length($d)."\n" or die $!; + print $d or die $!; + } + print $fh "data-end\n" or die $!; + close PF; +} + +sub protocol_read_bytes ($$) { + my ($fh, $nbytes) = @_; + $nbytes =~ m/^\d{1,6}$/ or badproto \*RO, "bad byte count"; + my $d; + my $got = read $fh, $d, $nbytes; + $got==$nbytes or badproto $fh, "eof during data block"; + return $d; +} + +sub protocol_receive_file ($$) { + my ($fh, $ourfn) = @_; + open PF, ">", $ourfn or die "$ourfn: $!"; + for (;;) { + protocol_expect \*STDIN, { m/^data-block (.*})$|data-end$/ }; + length $1 or last; + my $d = protocol_read_bytes \*STDIN, $1; + print PF $d or die $!; + } +} + +#---------- remote protocol support, responder ---------- + +sub responder_send_command ($) { + my ($command) = @_; + return unless $we_are_responder; + # called even without $we_are_responder + print DEBUG "<< $command\n"; + print $command, "\n" or die $!; +} + +sub responder_send_file ($$) { + my ($keyword, $ourfn) = @_; + return unless $we_are_responder; + responder_send_command "file begin $cmdprefix"; + protocol_send_file \*STDOUT, $ourfn; +} + +sub responder_receive_files ($@) { + my ($keyword, @ourfns) = @_; + die unless $we_are_responder; + responder_send_command "want $keyword"; + foreach my $fn (@ourfns) { + protocol_receive_file \*STDIN, $fn; + } + protocol_expect \*STDIN, { m/^files-end$/ }; +} + +#---------- remote protocol support, initiator ---------- + +sub initiator_expect (&) { + my ($match) = @_; + protocol_expect \*RO, &$match; +} + +#---------- end remote code ---------- + +sub progress { + if ($we_are_responder) { + my $m = join '', @_; + responder_send_command "progress ".length($m) or die $!; + print $m or die $!; + } else { + print @_, "\n"; + } +} + our $ua; sub url_get { @@ -126,7 +266,7 @@ sub url_get { $ua->env_proxy; } my $what = $_[$#_]; - print "downloading $what...\n"; + progress "downloading $what..."; my $r = $ua->get(@_) or die $!; return undef if $r->code == 404; $r->is_success or fail "failed to fetch $what: ".$r->status_line; @@ -135,19 +275,25 @@ sub url_get { our ($dscdata,$dscurl,$dsc,$skew_warning_vsn); -sub printcmd { - my $fh = shift @_; - my $intro = shift @_; - print $fh $intro or die $!; +sub shellquote { + my @out; local $_; foreach my $a (@_) { $_ = $a; if (s{['\\]}{\\$&}g || m{\s} || m{[^-_./0-9a-z]}i) { - print $fh " '$_'" or die $!; + push @out, "'$_'"; } else { - print $fh " $_" or die $!; + push @out, $_; } } + return join '', @out; +} + +sub printcmd { + my $fh = shift @_; + my $intro = shift @_; + print $fh $intro or die $!; + print $fh shellquote @_ or die $!; print $fh "\n" or die $!; } @@ -172,9 +318,9 @@ sub runcmd { sub printdone { if (!$dryrun) { - print "dgit ok: @_\n"; + progress "dgit ok: @_"; } else { - print "would be ok: @_ (but dry run only)\n"; + progress "would be ok: @_ (but dry run only)"; } } @@ -200,7 +346,7 @@ sub cmdoutput { } sub dryrun_report { - printcmd(\*STDOUT,"#",@_); + printcmd(\*STDERR,"#",@_); } sub runcmd_ordryrun { @@ -239,6 +385,11 @@ sub badusage { exit 8; } +sub nextarg { + @ARGV or badusage "too few arguments"; + return scalar shift @ARGV; +} + sub cmd_help () { print $helpmsg or die $!; exit 0; @@ -441,7 +592,7 @@ sub canonicalise_suite () { $csuite = archive_query('canonicalise_suite'); if ($isuite ne $csuite) { # madison canonicalises for us - print "canonical suite name for $isuite is $csuite\n"; + progress "canonical suite name for $isuite is $csuite"; } } @@ -611,7 +762,7 @@ END close C or die $!; my $outputhash = make_commit qw(../commit.tmp); my $cversion = getfield $clogp, 'Version'; - print "synthesised git commit from .dsc $cversion\n"; + progress "synthesised git commit from .dsc $cversion"; if ($lastpush_hash) { runcmd @git, qw(reset --hard), $lastpush_hash; runcmd qw(sh -ec), 'dpkg-parsechangelog >>../changelogold.tmp'; @@ -666,7 +817,7 @@ sub ensure_we_have_orig () { fail "existing file $f has hash $got but .dsc". " demands hash $fi->{Hash}". " (perhaps you should delete this file?)"; - print "using existing $f\n"; + progress "using existing $f"; next; } else { die "$f $!" unless $!==&ENOENT; @@ -713,12 +864,12 @@ sub fetch_from_archive () { if (defined $dsc_hash) { $dsc_hash =~ m/\w+/ or fail "invalid hash in .dsc \`$dsc_hash'"; $dsc_hash = $&; - print "last upload to archive specified git hash\n"; + progress "last upload to archive specified git hash"; } else { - print "last upload to archive has NO git hash\n"; + progress "last upload to archive has NO git hash"; } } else { - print "no version available from the archive\n"; + progress "no version available from the archive"; } my $lrref_fn = ".git/".lrref(); @@ -826,11 +977,11 @@ sub clone ($) { close H or die $!; runcmd @git, qw(remote add), 'origin', access_giturl(); if (check_for_git()) { - print "fetching existing git history\n"; + progress "fetching existing git history"; git_fetch_us(); runcmd_ordryrun @git, qw(fetch origin); } else { - print "starting new git history\n"; + progress "starting new git history"; } fetch_from_archive() or no_such_package; runcmd @git, qw(reset --hard), lrref(); @@ -880,50 +1031,130 @@ sub commit_quilty_patch () { } fail "unexpected output from git status (is tree clean?)" if $bad; if (!%adds) { - print "nothing quilty to commit, ok.\n"; + progress "nothing quilty to commit, ok."; return; } runcmd_ordryrun @git, qw(add), sort keys %adds; my $m = "Commit Debian 3.0 (quilt) metadata"; - print "$m\n"; + progress "$m"; runcmd_ordryrun @git, qw(commit -m), $m; } sub madformat ($) { my ($format) = @_; return 0 unless $format eq '3.0 (quilt)'; - print "Format \`$format', urgh\n"; + progress "Format \`$format', urgh"; if ($noquilt) { - print "Not doing any fixup of \`$format' due to --no-quilt-fixup"; + progress "Not doing any fixup of \`$format' due to --no-quilt-fixup"; return 0; } return 1; } -sub dopush () { - print DEBUG "actually entering push\n"; - my $clogp = parsechangelog(); +sub push_parse_changelog ($) { + my ($clogpfn) = @_; + + my $clogp = Dpkg::Control::Hash->new(); + $clogp->load($clogpfn); + $package = getfield $clogp, 'Source'; my $cversion = getfield $clogp, 'Version'; + my $tag = debiantag($cversion); + runcmd @git, qw(check-ref-format), $tag; + my $dscfn = dscfn($cversion); - stat "../$dscfn" or - fail "looked for .dsc $dscfn, but $!;". - " maybe you forgot to build"; - $dsc = parsecontrol("../$dscfn","$dscfn"); - my $dscpackage = getfield $dsc, 'Source'; - my $format = getfield $dsc, 'Format'; + + return ($clogp, $cversion, $tag, $dscfn); +} + +sub push_parse_dsc ($$) { + my ($dscfn,$dscfnwhat, $cversion) = @_; + $dsc = parsecontrol($dscfn,$dscfnwhat); my $dversion = getfield $dsc, 'Version'; + my $dscpackage = getfield $dsc, 'Source'; ($dscpackage eq $package && $dversion eq $cversion) or fail "$dsc is for $dscpackage $dversion". " but debian/changelog is for $package $cversion"; +} + +sub push_mktag ($$$$$$$$) { + my ($head,$clogp,$tag, + $dsc,$dscfn, + $changesfile,$changesfilewhat, + $tfn) = @_; + + $dsc->{$ourdscfield[0]} = $head; + $dsc->save("$dscfn.tmp") or die $!; + + my $changes = parsecontrol($changesfile,$changesfilewhat); + foreach my $field (qw(Source Distribution Version)) { + $changes->{$field} eq $clogp->{$field} or + fail "changes field $field \`$changes->{$field}'". + " does not match changelog \`$clogp->{$field}'"; + } + + # We make the git tag by hand because (a) that makes it easier + # to control the "tagger" (b) we can do remote signing + my $authline = clogp_authline $clogp; + open TO, '>', $tfn->('.tmp') or die $!; + print TO <('.tmp'); + if ($sign) { + if (!defined $keyid) { + $keyid = access_cfg('keyid','RETURN-UNDEF'); + } + unlink $tfn->('.tmp.asc') or $!==&ENOENT or die $!; + my @sign_cmd = (@gpg, qw(--detach-sign --armor)); + push @sign_cmd, qw(-u),$keyid if defined $keyid; + push @sign_cmd, $tfn->('.tmp'); + runcmd_ordryrun @sign_cmd; + if (!$dryrun) { + $tagobjfn = $tfn->('.signed.tmp'); + runcmd shell_cmd "exec >$tagobjfn", qw(cat --), + $tfn->('.tmp'), $tfn->('.tmp.asc'); + } + } + + return ($tagobjfn); +} + +sub dopush () { + print DEBUG "actually entering push\n"; + prep_ud(); + + my $clogpfn = ".git/dgit/changelog.822.tmp"; + runcmd shell_cmd "exec >$clogpfn", qw(dpkg-parsechangelog); + + responder_send_file('parsed-changelog', $clogpfn); + + my ($clogp, $cversion, $tag, $dscfn) = + push_parse_changelog("$clogpfn"); + + stat "../$dscfn" or + fail "looked for .dsc $dscfn, but $!;". + " maybe you forgot to build"; + + responder_send_file('dsc', "../$dscfn"); + + push_parse_dsc("../$dscfn", $dscfn, $cversion); + + my $format = getfield $dsc, 'Format'; print DEBUG "format $format\n"; if (madformat($format)) { commit_quilty_patch(); } check_not_dirty(); - prep_ud(); chdir $ud or die $!; - print "checking that $dscfn corresponds to HEAD\n"; + progress "checking that $dscfn corresponds to HEAD"; runcmd qw(dpkg-source -x --), "../../../../$dscfn"; my ($tree,$dir) = mktree_in_ud_from_only_subdir(); chdir '../../../..' or die $!; @@ -945,8 +1176,6 @@ sub dopush () { # map { lref($_).":".rref($_) } # (uploadbranch()); my $head = rev_parse('HEAD'); - $dsc->{$ourdscfield[0]} = $head; - $dsc->save("../$dscfn.tmp") or die $!; if (!$changesfile) { my $multi = "../${package}_".(stripepoch $cversion)."_multi.changes"; if (stat "$multi") { @@ -962,47 +1191,19 @@ sub dopush () { ($changesfile) = @cs; } } - my $changes = parsecontrol($changesfile,$changesfile); - foreach my $field (qw(Source Distribution Version)) { - $changes->{$field} eq $clogp->{$field} or - fail "changes field $field \`$changes->{$field}'". - " does not match changelog \`$clogp->{$field}'"; - } - my $tag = debiantag($dversion); - runcmd @git, qw(check-ref-format), $tag; - - # We make the git tag by hand because (a) that makes it easier - # to control the "tagger" (b) we can do remote signing - my $authline = clogp_authline $clogp; - my $tfn = sub { ".git/dgit/tag$_[0]"; }; - open TO, '>', $tfn->('.tmp') or die $!; - print TO <('.tmp'); - if ($sign) { - if (!defined $keyid) { - $keyid = access_cfg('keyid','RETURN-UNDEF'); - } - unlink $tfn->('.tmp.asc') or $!==&ENOENT or die $!; - my @sign_cmd = (@gpg, qw(--detach-sign --armor)); - push @sign_cmd, qw(-u),$keyid if defined $keyid; - push @sign_cmd, $tfn->('.tmp'); - runcmd_ordryrun @sign_cmd; - if (!$dryrun) { - $tagobjfn = $tfn->('.signed.tmp'); - runcmd shell_cmd "> $tagobjfn", qw(cat --), - $tfn->('.tmp'), $tfn->('.tmp.asc'); - } - } - my $tag_obj_hash = runcmd @git, qw(hash-object -w -t tag), $tagobjfn; + my $tfn = sub { ".git/dgit/tag$_[0]"; }; + my ($tagobjfn) = + $we_are_responder + ? responder_receive_files('signed-tag', $tfn->('.signed.tmp')) + : push_mktag($head,$clogp,$tag, + $dsc,"../$dscfn", + $changesfile,$changesfile, + $tfn); + + my $tag_obj_hash = cmdoutput @git, qw(hash-object -w -t tag), $tagobjfn; runcmd_ordryrun @git, qw(verify-tag), $tag_obj_hash; runcmd_ordryrun @git, qw(update-ref), "refs/tags/$tag", $tag_obj_hash; runcmd_ordryrun @git, qw(tag -v --), $tag; @@ -1012,23 +1213,35 @@ END } runcmd_ordryrun @git, qw(push),access_giturl(),"HEAD:".rrref(); runcmd_ordryrun @git, qw(update-ref -m), 'dgit push', lrref(), 'HEAD'; - if (!$dryrun) { - rename "../$dscfn.tmp","../$dscfn" or die "$dscfn $!"; - } else { - print "[new .dsc left in $dscfn.tmp]\n"; + + if (!$we_are_responder) { + if (!$dryrun) { + rename "../$dscfn.tmp","../$dscfn" or die "$dscfn $!"; + } else { + progress "[new .dsc left in $dscfn.tmp]"; + } } if ($sign) { - my @debsign_cmd = @debsign; - push @debsign_cmd, "-k$keyid" if defined $keyid; - push @debsign_cmd, $changesfile; - runcmd_ordryrun @debsign_cmd; + if ($we_are_responder) { + my $dryrunsuffix = $dryrun ? ".tmp" : ""; + responder_receive_files('signed-changes-dsc', + "$changesfile$dryrunsuffix", + "../$dscfn$dryrunsuffix"); + } else { + my @debsign_cmd = @debsign; + push @debsign_cmd, "-k$keyid" if defined $keyid; + push @debsign_cmd, $changesfile; + runcmd_ordryrun @debsign_cmd; + } } runcmd_ordryrun @git, qw(push),access_giturl(),"refs/tags/$tag"; my $host = access_cfg('upload-host','RETURN-UNDEF'); my @hostarg = defined($host) ? ($host,) : (); runcmd_ordryrun @dput, @hostarg, $changesfile; - printdone "pushed and uploaded $dversion"; + printdone "pushed and uploaded $cversion"; + + responder_send_command("complete"); } sub cmd_clone { @@ -1072,7 +1285,7 @@ sub fetchpullargs () { $isuite = getfield $clogp, 'Distribution'; } canonicalise_suite(); - print "fetching from suite $csuite\n"; + progress "fetching from suite $csuite"; } elsif (@ARGV==1) { ($isuite) = @ARGV; canonicalise_suite(); @@ -1099,15 +1312,24 @@ sub cmd_push { check_not_dirty(); my $clogp = parsechangelog(); $package = getfield $clogp, 'Source'; + my $specsuite; if (@ARGV==0) { - $isuite = getfield $clogp, 'Distribution'; - if ($new_package) { - local ($package) = $existing_package; # this is a hack - canonicalise_suite(); - } + } elsif (@ARGV==1) { + ($specsuite) = (@ARGV); } else { badusage "incorrect arguments to dgit push"; } + $isuite = getfield $clogp, 'Distribution'; + if ($new_package) { + local ($package) = $existing_package; # this is a hack + canonicalise_suite(); + } + if (defined $specsuite && $specsuite ne $isuite) { + canonicalise_suite(); + $csuite eq $specsuite or + fail "dgit push: changelog specifies $isuite ($csuite)". + " but command line specifies $specsuite"; + } if (check_for_git()) { git_fetch_us(); } @@ -1124,6 +1346,71 @@ sub cmd_push { dopush(); } +#---------- remote commands' implementation ---------- + +sub cmd_remote_push_responder { + my ($nrargs) = shift @ARGV; + my (@rargs) = @ARGV[0..$nrargs-1]; + @ARGV = @ARGV[$nrargs..$#ARGV]; + die unless @rargs; + my ($dir) = @rargs; + chdir $dir or die "$dir: $!"; + $we_are_remote = 1; + $|=1; + responder_send_command("dgit-remote-push-ready"); + &cmd_push; +} + +our $i_tmp; + +sub i_cleanup { + local ($@); + return unless defined $i_tmp; + chdir "/" or die $!; + eval { rmtree $i_tmp; }; +} + +sub i_method { + my ($base,$selector,@args) = @_; + $selector =~ s/\-/_/g; + { no strict qw(refs); &{"${base}_${selector}"}(@args); } +} + +sub cmd_rpush { + my $host = nextarg; + my $dir; + if ($host =~ m/^((?:[^][]|\[[^][]*\])*)\:/) { + $host = $1; + $dir = $'; #'; + } else { + $dir = nextarg; + } + $dir =~ s{^-}{./-}; + my @rargs = ($dir); + my @rdgit; + push @rdgit, @dgit + push @rdgit, @ropts; + push @rdgit, (scalar @rargs), @rargs; + push @rdgit, @ARGV; + my @cmd = (@ssh, $host, shellquote @rdgit); + my $pid = open2(\*RO, \*RI, @cmd); + eval { + $i_tmp = tempdir(); + chdir $i_tmp or die "$i_tmp $!"; + initiator_expect { m/^dgit-remote-push-ready/ }; + for (;;) { + initiator_expect { m/^(\S+)(?: (.*))?$/ }; + my ($icmd,$iargs) = ($1, $2); + i_method "i_resp_", $icmd, $iargs; + } + }; + i_cleanup(); + die $@; + } +} + +#---------- building etc. ---------- + our $version; our $sourcechanges; our $dscfn; @@ -1292,6 +1579,8 @@ sub cmd_quilt_fixup { build_maybe_quilt_fixup(); } +#---------- argument parsing and main program ---------- + sub cmd_version { print "dgit version $our_version\n" or die $!; exit 0; @@ -1305,33 +1594,43 @@ sub parseopts () { last if m/^--?$/; if (m/^--/) { if (m/^--dry-run$/) { + push @ropts, $_; $dryrun=1; } elsif (m/^--no-sign$/) { + push @ropts, $_; $sign=0; } elsif (m/^--help$/) { cmd_help(); } elsif (m/^--version$/) { cmd_version(); } elsif (m/^--new$/) { + push @ropts, $_; $new_package=1; } elsif (m/^--(\w+)=(.*)/s && ($om = $opts_opt_map{$1}) && length $om->[0]) { + push @ropts, $_; $om->[0] = $2; } elsif (m/^--(\w+):(.*)/s && ($om = $opts_opt_map{$1})) { + push @ropts, $_; push @$om, $2; } elsif (m/^--existing-package=(.*)/s) { + push @ropts, $_; $existing_package = $1; } elsif (m/^--distro=(.*)/s) { + push @ropts, $_; $idistro = $1; } elsif (m/^--clean=(dpkg-source|git|none)$/s) { + push @ropts, $_; $cleanmode = $1; } elsif (m/^--clean=(.*)$/s) { badusage "unknown cleaning mode \`$1'"; } elsif (m/^--ignore-dirty$/s) { + push @ropts, $_; $ignoredirty = 1; } elsif (m/^--no-quilt-fixup$/s) { + push @ropts, $_; $noquilt = 1; } else { badusage "unknown long option \`$_'"; @@ -1339,30 +1638,40 @@ sub parseopts () { } else { while (m/^-./s) { if (s/^-n/-/) { + push @ropts, $_; $dryrun=1; } elsif (s/^-h/-/) { cmd_help(); } elsif (s/^-D/-/) { + push @ropts, $_; open DEBUG, ">&STDERR" or die $!; $debug++; } elsif (s/^-N/-/) { + push @ropts, $_; $new_package=1; } elsif (m/^-[vm]/) { + push @ropts, $_; push @changesopts, $_; $_ = ''; } elsif (s/^-c(.*=.*)//s) { + push @ropts, $_; push @git, '-c', $1; } elsif (s/^-d(.*)//s) { + push @ropts, $_; $idistro = $1; } elsif (s/^-C(.*)//s) { + push @ropts, $_; $changesfile = $1; } elsif (s/^-k(.*)//s) { $keyid=$1; } elsif (s/^-wn//s) { + push @ropts, $_; $cleanmode = 'none'; } elsif (s/^-wg//s) { + push @ropts, $_; $cleanmode = 'git'; } elsif (s/^-wd//s) { + push @ropts, $_; $cleanmode = 'dpkg-source'; } else { badusage "unknown short option \`$_'";