X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=blobdiff_plain;f=dgit;h=0c024c942c57c0fe5fb3a48e0fcd919447041831;hp=381b7311946f2e7cf6dac556f3bbed1e026c6684;hb=25a8dc18619262f46043974ad4de5eeaab10bf75;hpb=e8b6fa044b8df746e84aa034a44d7c96156cc546 diff --git a/dgit b/dgit index 381b7311..0c024c94 100755 --- a/dgit +++ b/dgit @@ -54,7 +54,7 @@ our (@dput) = qw(dput); our (@debsign) = qw(debsign); our (@gpg) = qw(gpg); our (@sbuild) = qw(sbuild -A); -our (@ssh) = qw(ssh); +our (@ssh) = 'ssh'; our (@dgit) = qw(dgit); our (@dpkgbuildpackage) = qw(dpkg-buildpackage -i\.git/ -I.git); our (@dpkgsource) = qw(dpkg-source -i\.git/ -I.git); @@ -75,6 +75,8 @@ our %opts_opt_map = ('dget' => \@dget, 'ch' => \@changesopts, 'mergechanges' => \@mergechanges); +our %opts_opt_cmdonly = ('gpg' => 1); + our $keyid; our $debug = 0; @@ -143,6 +145,8 @@ sub fetchspec () { # > file begin changes # [etc] # +# > param head HEAD +# # > want signed-tag # [indicates that signed tag is wanted] # < data-block NBYTES @@ -151,11 +155,11 @@ sub fetchspec () { # < data-end # < files-end # -# > want signed-changes-dsc -# < data-block NBYTES [transfer of signed changes] -# [etc] +# > want signed-dsc-changes # < data-block NBYTES [transfer of signed dsc] # [etc] +# < data-block NBYTES [transfer of signed changes] +# [etc] # < files-end # # > complete @@ -167,8 +171,8 @@ sub badproto ($$) { fail "protocol violation; $m not expected"; } -sub protocol_expect ($&) { - my ($fh, $match) = @_; +sub protocol_expect (&$) { + my ($match, $fh) = @_; local $_; $_ = <$fh>; defined && chomp or badproto $fh, "eof"; @@ -191,15 +195,22 @@ sub protocol_send_file ($$) { close PF; } +sub protocol_read_bytes ($$) { + my ($fh, $nbytes) = @_; + $nbytes =~ m/^\d{1,6}$/ or badproto \*RO, "bad byte count"; + my $d; + my $got = read $fh, $d, $nbytes; + $got==$nbytes or badproto $fh, "eof during data block"; + return $d; +} + sub protocol_receive_file ($$) { my ($fh, $ourfn) = @_; open PF, ">", $ourfn or die "$ourfn: $!"; for (;;) { - protocol_expect \*STDIN, { m/^data-block (\d{1,6})$|data-end$/ }; + protocol_expect { m/^data-block (.*})$|data-end$/ } \*STDIN; length $1 or last; - my $d; - my $got = read $fh, $d, $1; - $got==$1 or badproto $fh, "eof during data block"; + my $d = protocol_read_bytes \*STDIN, $1; print PF $d or die $!; } } @@ -217,7 +228,7 @@ sub responder_send_command ($) { sub responder_send_file ($$) { my ($keyword, $ourfn) = @_; return unless $we_are_responder; - responder_send_command "file begin $cmdprefix"; + responder_send_command "file-begin $keyword"; protocol_send_file \*STDOUT, $ourfn; } @@ -228,14 +239,14 @@ sub responder_receive_files ($@) { foreach my $fn (@ourfns) { protocol_receive_file \*STDIN, $fn; } - protocol_expect \*STDIN, { m/^files-end$/ }; + protocol_expect { m/^files-end$/ } \*STDIN; } #---------- remote protocol support, initiator ---------- sub initiator_expect (&) { my ($match) = @_; - protocol_expect \*RO, &$match; + protocol_expect { &$match } \*RO; } #---------- end remote code ---------- @@ -435,6 +446,24 @@ sub access_cfg (@) { return $value; } +sub string_to_ssh ($) { + my ($spec) = @_; + if ($spec =~ m/\s/) { + return qw(sh -ec), 'exec '.$spec.' "$@"', 'x'; + } else { + return ($spec); + } +} + +sub access_cfg_ssh () { + my $gitssh = access_cfg('ssh', 'RETURN-UNDEF'); + if (!defined $gitssh) { + return @ssh; + } else { + return string_to_ssh $gitssh; + } +} + sub access_someuserhost ($) { my ($some) = @_; my $user = access_cfg("$some-user",'username'); @@ -526,7 +555,7 @@ sub archive_query_sshdakls ($$) { my ($proto,$data) = @_; $data =~ s/:.*// or badcfg "invalid sshdakls method string \`$data'"; my $dakls = cmdoutput - access_cfg('ssh'), $data, qw(dak ls -asource),"-s$isuite",$package; + access_cfg_ssh, $data, qw(dak ls -asource),"-s$isuite",$package; return madison_parse($dakls); } @@ -534,7 +563,7 @@ sub canonicalise_suite_sshdakls ($$) { my ($proto,$data) = @_; $data =~ m/:/ or badcfg "invalid sshdakls method string \`$data'"; my @cmd = - (access_cfg('ssh'), $`, + (access_cfg_ssh, $`, "set -e; cd $';". " if test -h $isuite; then readlink $isuite; exit 0; fi;". " if test -d $isuite; then echo $isuite; exit 0; fi;". @@ -615,7 +644,7 @@ sub check_for_git () { my $how = access_cfg('git-check'); if ($how eq 'ssh-cmd') { my @cmd = - (access_cfg('ssh'),access_gituserhost(), + (access_cfg_ssh, access_gituserhost(), " set -e; cd ".access_cfg('git-path').";". " if test -d $package.git; then echo 1; else echo 0; fi"); my $r= cmdoutput @cmd; @@ -630,7 +659,7 @@ sub create_remote_git_repo () { my $how = access_cfg('git-create'); if ($how eq 'ssh-cmd') { runcmd_ordryrun - (access_cfg('ssh'),access_gituserhost(), + (access_cfg_ssh, access_gituserhost(), "set -e; cd ".access_cfg('git-path').";". " cp -a _template $package.git"); } else { @@ -1059,7 +1088,7 @@ sub push_parse_changelog ($) { return ($clogp, $cversion, $tag, $dscfn); } -sub push_parse_dsc ($$) { +sub push_parse_dsc ($$$) { my ($dscfn,$dscfnwhat, $cversion) = @_; $dsc = parsecontrol($dscfn,$dscfnwhat); my $dversion = getfield $dsc, 'Version'; @@ -1085,6 +1114,8 @@ sub push_mktag ($$$$$$$$) { " does not match changelog \`$clogp->{$field}'"; } + my $cversion = getfield $clogp, 'Version'; + # We make the git tag by hand because (a) that makes it easier # to control the "tagger" (b) we can do remote signing my $authline = clogp_authline $clogp; @@ -1119,6 +1150,17 @@ END return ($tagobjfn); } +sub sign_changes ($) { + my ($changesfile) = @_; + if ($sign) { + my @debsign_cmd = @debsign; + push @debsign_cmd, "-k$keyid" if defined $keyid; + push @debsign_cmd, "-p$gpg[0]" if $gpg[0] ne 'gpg'; + push @debsign_cmd, $changesfile; + runcmd_ordryrun @debsign_cmd; + } +} + sub dopush () { print DEBUG "actually entering push\n"; prep_ud(); @@ -1184,7 +1226,7 @@ sub dopush () { } } - responder_send_file('changes',$changesfn); + responder_send_file('changes',$changesfile); my $tfn = sub { ".git/dgit/tag$_[0]"; }; my ($tagobjfn) = @@ -1214,19 +1256,15 @@ sub dopush () { } } - if ($sign) { - if ($we_are_responder) { - my $dryrunsuffix = $dryrun ? ".tmp" : ""; - responder_receive_files('signed-changes-dsc', - "$changesfile$dryrunsuffix", - "../$dscfn$dryrunsuffix"); - } else { - my @debsign_cmd = @debsign; - push @debsign_cmd, "-k$keyid" if defined $keyid; - push @debsign_cmd, $changesfile; - runcmd_ordryrun @debsign_cmd; - } + if ($we_are_responder) { + my $dryrunsuffix = $dryrun ? ".tmp" : ""; + responder_receive_files('signed-dsc-changes', + "../$dscfn$dryrunsuffix", + "$changesfile$dryrunsuffix"); + } else { + sign_changes $changesfile; } + runcmd_ordryrun @git, qw(push),access_giturl(),"refs/tags/$tag"; my $host = access_cfg('upload-host','RETURN-UNDEF'); my @hostarg = defined($host) ? ($host,) : (); @@ -1347,12 +1385,27 @@ sub cmd_remote_push_responder { die unless @rargs; my ($dir) = @rargs; chdir $dir or die "$dir: $!"; - $we_are_remote = 1; + $we_are_responder = 1; $|=1; responder_send_command("dgit-remote-push-ready"); &cmd_push; } +our $i_tmp; + +sub i_cleanup { + local ($@); + return unless defined $i_tmp; + chdir "/" or die $!; + eval { rmtree $i_tmp; }; +} + +sub i_method { + my ($base,$selector,@args) = @_; + $selector =~ s/\-/_/g; + { no strict qw(refs); &{"${base}_${selector}"}(@args); } +} + sub cmd_rpush { my $host = nextarg; my $dir; @@ -1365,19 +1418,95 @@ sub cmd_rpush { $dir =~ s{^-}{./-}; my @rargs = ($dir); my @rdgit; - push @rdgit, @dgit + push @rdgit, @dgit; push @rdgit, @ropts; push @rdgit, (scalar @rargs), @rargs; push @rdgit, @ARGV; my @cmd = (@ssh, $host, shellquote @rdgit); my $pid = open2(\*RO, \*RI, @cmd); - initiator_expect { m/^dgit-remote-push-ready/ }; - for (;;) { - initiator_expect { m/^(\S+)\s+(.*)$/ }; - my ($icmd,$iargs) = ($1, $2); - $icmd =~ s/\-/_/g; - { no strict qw(refs); &{"i_resp_$icmd"}($iargs); } + eval { + $i_tmp = tempdir(); + chdir $i_tmp or die "$i_tmp $!"; + initiator_expect { m/^dgit-remote-push-ready/ }; + for (;;) { + initiator_expect { m/^(\S+)(?: (.*))?$/ }; + my ($icmd,$iargs) = ($1, $2); + i_method "i_resp_", $icmd, $iargs; + } + }; + i_cleanup(); + die $@; +} + +sub i_resp_progress ($) { + my ($rhs) = @_; + my $msg = protocol_read_bytes \*RO, $rhs; + progress $msg; +} + +sub i_resp_complete { + i_cleanup(); + exit 0; +} + +sub i_resp_file ($) { + my ($keyword) = @_; + my $localname = i_method "i_localname_", $keyword; + my $localpath = "$i_tmp/$localname"; + stat $localpath and badproto \*RO, "file $keyword ($localpath) twice"; + protocol_receive_file \*RO, $localpath; +} + +our %i_param; + +sub i_param ($) { + $_[0] =~ m/^(\S+) (.*)$/; + $i_param{$1} = $2; +} + +our %i_wanted; + +sub i_resp_want ($) { + my ($keyword) = @_; + die "$keyword ?" if $i_wanted{$keyword}++; + my @localpaths = i_method "i_want_", $keyword; + foreach my $localpath (@localpaths) { + protocol_send_file \*RI, $localpath; } + print RI "end-files\n" or die $!; +} + +our ($i_clogp, $i_version, $i_tag, $i_dscfn); + +sub i_localname_parsed_changelog { return "remote-changelog.822"; } +sub i_localname_changes { return "remote.changes"; } +sub i_localname_dsc { + ($i_clogp, $i_version, $i_tag, $i_dscfn) = + push_parse_changelog 'remote-changelog.822'; + die if $i_dscfn =~ m#/|^\W#; + return $i_dscfn; +} + +sub i_want_signed_tag { + defined $i_param{'head'} && defined $i_dscfn + or badproto \*RO, "sequencing error"; + my $head = $i_param{'head'}; + die if $head =~ m/[^0-9a-f]/ || $head !~ m/^../; + + push_parse_dsc $i_dscfn, 'remote dsc', + + push_mktag $head, $i_clogp, $i_tag, + $dsc, $i_dscfn, + 'remote.changes', 'remote changes', + 'tag.tag'; + + return 'tag.tag'; +} + +sub i_want_signed_dsc_changes { + rename "$i_dscfn.tmp","$i_dscfn" or die "$i_dscfn $!"; + sign_changes 'remote.changes'; + return ($i_dscfn, 'remote.changes'); } #---------- building etc. ---------- @@ -1559,6 +1688,13 @@ sub cmd_version { sub parseopts () { my $om; + + if (defined $ENV{'DGIT_SSH'}) { + @ssh = string_to_ssh $ENV{'DGIT_SSH'}; + } elsif (defined $ENV{'GIT_SSH'}) { + @ssh = ($ENV{'GIT_SSH'}); + } + while (@ARGV) { last unless $ARGV[0] =~ m/^-/; $_ = shift @ARGV; @@ -1583,6 +1719,7 @@ sub parseopts () { push @ropts, $_; $om->[0] = $2; } elsif (m/^--(\w+):(.*)/s && + !$opts_opt_cmdonly{$1} && ($om = $opts_opt_map{$1})) { push @ropts, $_; push @$om, $2;