X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=blobdiff_plain;f=dgit;h=0c024c942c57c0fe5fb3a48e0fcd919447041831;hp=bee98b9231d60c93ead3e6b8e4b2d12a2f06c2ca;hb=25a8dc18619262f46043974ad4de5eeaab10bf75;hpb=2d8535ab6b3445dc678191019b71850c4fa8f04f diff --git a/dgit b/dgit index bee98b92..0c024c94 100755 --- a/dgit +++ b/dgit @@ -27,12 +27,14 @@ use File::Path; use File::Basename; use Dpkg::Version; use POSIX; +use IPC::Open2; our $our_version = 'UNRELEASED'; ###substituted### our $isuite = 'unstable'; our $idistro; our $package; +our @ropts; our $sign = 1; our $dryrun = 0; @@ -42,6 +44,7 @@ our $ignoredirty = 0; our $noquilt = 0; our $existing_package = 'dpkg'; our $cleanmode = 'dpkg-source'; +our $we_are_responder; our %format_ok = map { $_=>1 } ("1.0","3.0 (native)","3.0 (quilt)"); @@ -51,6 +54,8 @@ our (@dput) = qw(dput); our (@debsign) = qw(debsign); our (@gpg) = qw(gpg); our (@sbuild) = qw(sbuild -A); +our (@ssh) = 'ssh'; +our (@dgit) = qw(dgit); our (@dpkgbuildpackage) = qw(dpkg-buildpackage -i\.git/ -I.git); our (@dpkgsource) = qw(dpkg-source -i\.git/ -I.git); our (@dpkggenchanges) = qw(dpkg-genchanges); @@ -62,12 +67,16 @@ our %opts_opt_map = ('dget' => \@dget, 'debsign' => \@debsign, 'gpg' => \@gpg, 'sbuild' => \@sbuild, + 'ssh' => \@ssh, + 'dgit' => \@dgit, 'dpkg-source' => \@dpkgsource, 'dpkg-buildpackage' => \@dpkgbuildpackage, 'dpkg-genchanges' => \@dpkggenchanges, 'ch' => \@changesopts, 'mergechanges' => \@mergechanges); +our %opts_opt_cmdonly = ('gpg' => 1); + our $keyid; our $debug = 0; @@ -118,12 +127,142 @@ sub fetchspec () { return "+".rrref().":".lrref(); } -our $ua; +#---------- remote protocol support, common ---------- + +# remote push initiator/responder protocol: +# < dgit-remote-push-ready [optional extra info ignored by old initiators] +# +# > file begin parsed-changelog +# [indicates that output of dpkg-parsechangelog follows] +# > data-block NBYTES +# > [NBYTES bytes of data (no newline)] +# [maybe some more blocks] +# > data-end +# +# > file begin dsc +# [etc] +# +# > file begin changes +# [etc] +# +# > param head HEAD +# +# > want signed-tag +# [indicates that signed tag is wanted] +# < data-block NBYTES +# < [NBYTES bytes of data (no newline)] +# [maybe some more blocks] +# < data-end +# < files-end +# +# > want signed-dsc-changes +# < data-block NBYTES [transfer of signed dsc] +# [etc] +# < data-block NBYTES [transfer of signed changes] +# [etc] +# < files-end +# +# > complete + +sub badproto ($$) { + my ($fh, $m) = @_; + fail "connection lost: $!" if $fh->error; + fail "connection terminated" if $fh->eof; + fail "protocol violation; $m not expected"; +} + +sub protocol_expect (&$) { + my ($match, $fh) = @_; + local $_; + $_ = <$fh>; + defined && chomp or badproto $fh, "eof"; + return if &$match; + badproto $fh, "\`$_'"; +} + +sub protocol_send_file ($$) { + my ($fh, $ourfn) = @_; + open PF, "<", $ourfn or die "$ourfn: $!"; + for (;;) { + my $d; + my $got = read PF, $d, 65536; + die "$ourfn: $!" unless defined $got; + last if $got; + print $fh "data-block ".length($d)."\n" or die $!; + print $d or die $!; + } + print $fh "data-end\n" or die $!; + close PF; +} + +sub protocol_read_bytes ($$) { + my ($fh, $nbytes) = @_; + $nbytes =~ m/^\d{1,6}$/ or badproto \*RO, "bad byte count"; + my $d; + my $got = read $fh, $d, $nbytes; + $got==$nbytes or badproto $fh, "eof during data block"; + return $d; +} + +sub protocol_receive_file ($$) { + my ($fh, $ourfn) = @_; + open PF, ">", $ourfn or die "$ourfn: $!"; + for (;;) { + protocol_expect { m/^data-block (.*})$|data-end$/ } \*STDIN; + length $1 or last; + my $d = protocol_read_bytes \*STDIN, $1; + print PF $d or die $!; + } +} + +#---------- remote protocol support, responder ---------- + +sub responder_send_command ($) { + my ($command) = @_; + return unless $we_are_responder; + # called even without $we_are_responder + print DEBUG "<< $command\n"; + print $command, "\n" or die $!; +} + +sub responder_send_file ($$) { + my ($keyword, $ourfn) = @_; + return unless $we_are_responder; + responder_send_command "file-begin $keyword"; + protocol_send_file \*STDOUT, $ourfn; +} + +sub responder_receive_files ($@) { + my ($keyword, @ourfns) = @_; + die unless $we_are_responder; + responder_send_command "want $keyword"; + foreach my $fn (@ourfns) { + protocol_receive_file \*STDIN, $fn; + } + protocol_expect { m/^files-end$/ } \*STDIN; +} + +#---------- remote protocol support, initiator ---------- + +sub initiator_expect (&) { + my ($match) = @_; + protocol_expect { &$match } \*RO; +} + +#---------- end remote code ---------- sub progress { - print @_, "\n"; + if ($we_are_responder) { + my $m = join '', @_; + responder_send_command "progress ".length($m) or die $!; + print $m or die $!; + } else { + print @_, "\n"; + } } +our $ua; + sub url_get { if (!$ua) { $ua = LWP::UserAgent->new(); @@ -139,19 +278,25 @@ sub url_get { our ($dscdata,$dscurl,$dsc,$skew_warning_vsn); -sub printcmd { - my $fh = shift @_; - my $intro = shift @_; - print $fh $intro or die $!; +sub shellquote { + my @out; local $_; foreach my $a (@_) { $_ = $a; if (s{['\\]}{\\$&}g || m{\s} || m{[^-_./0-9a-z]}i) { - print $fh " '$_'" or die $!; + push @out, "'$_'"; } else { - print $fh " $_" or die $!; + push @out, $_; } } + return join '', @out; +} + +sub printcmd { + my $fh = shift @_; + my $intro = shift @_; + print $fh $intro or die $!; + print $fh shellquote @_ or die $!; print $fh "\n" or die $!; } @@ -243,6 +388,11 @@ sub badusage { exit 8; } +sub nextarg { + @ARGV or badusage "too few arguments"; + return scalar shift @ARGV; +} + sub cmd_help () { print $helpmsg or die $!; exit 0; @@ -296,6 +446,24 @@ sub access_cfg (@) { return $value; } +sub string_to_ssh ($) { + my ($spec) = @_; + if ($spec =~ m/\s/) { + return qw(sh -ec), 'exec '.$spec.' "$@"', 'x'; + } else { + return ($spec); + } +} + +sub access_cfg_ssh () { + my $gitssh = access_cfg('ssh', 'RETURN-UNDEF'); + if (!defined $gitssh) { + return @ssh; + } else { + return string_to_ssh $gitssh; + } +} + sub access_someuserhost ($) { my ($some) = @_; my $user = access_cfg("$some-user",'username'); @@ -387,7 +555,7 @@ sub archive_query_sshdakls ($$) { my ($proto,$data) = @_; $data =~ s/:.*// or badcfg "invalid sshdakls method string \`$data'"; my $dakls = cmdoutput - access_cfg('ssh'), $data, qw(dak ls -asource),"-s$isuite",$package; + access_cfg_ssh, $data, qw(dak ls -asource),"-s$isuite",$package; return madison_parse($dakls); } @@ -395,7 +563,7 @@ sub canonicalise_suite_sshdakls ($$) { my ($proto,$data) = @_; $data =~ m/:/ or badcfg "invalid sshdakls method string \`$data'"; my @cmd = - (access_cfg('ssh'), $`, + (access_cfg_ssh, $`, "set -e; cd $';". " if test -h $isuite; then readlink $isuite; exit 0; fi;". " if test -d $isuite; then echo $isuite; exit 0; fi;". @@ -476,7 +644,7 @@ sub check_for_git () { my $how = access_cfg('git-check'); if ($how eq 'ssh-cmd') { my @cmd = - (access_cfg('ssh'),access_gituserhost(), + (access_cfg_ssh, access_gituserhost(), " set -e; cd ".access_cfg('git-path').";". " if test -d $package.git; then echo 1; else echo 0; fi"); my $r= cmdoutput @cmd; @@ -491,7 +659,7 @@ sub create_remote_git_repo () { my $how = access_cfg('git-create'); if ($how eq 'ssh-cmd') { runcmd_ordryrun - (access_cfg('ssh'),access_gituserhost(), + (access_cfg_ssh, access_gituserhost(), "set -e; cd ".access_cfg('git-path').";". " cp -a _template $package.git"); } else { @@ -910,8 +1078,6 @@ sub push_parse_changelog ($) { my $clogp = Dpkg::Control::Hash->new(); $clogp->load($clogpfn); - responder_send_file('parsed-changelog', $clogpfn); - $package = getfield $clogp, 'Source'; my $cversion = getfield $clogp, 'Version'; my $tag = debiantag($cversion); @@ -922,7 +1088,7 @@ sub push_parse_changelog ($) { return ($clogp, $cversion, $tag, $dscfn); } -sub push_parse_dsc ($$) { +sub push_parse_dsc ($$$) { my ($dscfn,$dscfnwhat, $cversion) = @_; $dsc = parsecontrol($dscfn,$dscfnwhat); my $dversion = getfield $dsc, 'Version'; @@ -948,6 +1114,8 @@ sub push_mktag ($$$$$$$$) { " does not match changelog \`$clogp->{$field}'"; } + my $cversion = getfield $clogp, 'Version'; + # We make the git tag by hand because (a) that makes it easier # to control the "tagger" (b) we can do remote signing my $authline = clogp_authline $clogp; @@ -982,20 +1150,35 @@ END return ($tagobjfn); } +sub sign_changes ($) { + my ($changesfile) = @_; + if ($sign) { + my @debsign_cmd = @debsign; + push @debsign_cmd, "-k$keyid" if defined $keyid; + push @debsign_cmd, "-p$gpg[0]" if $gpg[0] ne 'gpg'; + push @debsign_cmd, $changesfile; + runcmd_ordryrun @debsign_cmd; + } +} + sub dopush () { print DEBUG "actually entering push\n"; prep_ud(); - runcmd shell_cmd "exec >.git/dgit/changelog.822.tmp", - qw(dpkg-parsechangelog); + my $clogpfn = ".git/dgit/changelog.822.tmp"; + runcmd shell_cmd "exec >$clogpfn", qw(dpkg-parsechangelog); + + responder_send_file('parsed-changelog', $clogpfn); my ($clogp, $cversion, $tag, $dscfn) = - push_parse_changelog(".git/dgit/changelog.822.tmp"); + push_parse_changelog("$clogpfn"); stat "../$dscfn" or fail "looked for .dsc $dscfn, but $!;". " maybe you forgot to build"; + responder_send_file('dsc', "../$dscfn"); + push_parse_dsc("../$dscfn", $dscfn, $cversion); my $format = getfield $dsc, 'Format'; @@ -1043,11 +1226,16 @@ sub dopush () { } } + responder_send_file('changes',$changesfile); + + my $tfn = sub { ".git/dgit/tag$_[0]"; }; my ($tagobjfn) = - push_mktag($head,$clogp,$tag, - $dsc,"../$dscfn", - $changesfile,$changesfile, - sub { ".git/dgit/tag$_[0]"; }); + $we_are_responder + ? responder_receive_files('signed-tag', $tfn->('.signed.tmp')) + : push_mktag($head,$clogp,$tag, + $dsc,"../$dscfn", + $changesfile,$changesfile, + $tfn); my $tag_obj_hash = cmdoutput @git, qw(hash-object -w -t tag), $tagobjfn; runcmd_ordryrun @git, qw(verify-tag), $tag_obj_hash; @@ -1059,23 +1247,31 @@ sub dopush () { } runcmd_ordryrun @git, qw(push),access_giturl(),"HEAD:".rrref(); runcmd_ordryrun @git, qw(update-ref -m), 'dgit push', lrref(), 'HEAD'; - if (!$dryrun) { - rename "../$dscfn.tmp","../$dscfn" or die "$dscfn $!"; - } else { - progress "[new .dsc left in $dscfn.tmp]"; + + if (!$we_are_responder) { + if (!$dryrun) { + rename "../$dscfn.tmp","../$dscfn" or die "$dscfn $!"; + } else { + progress "[new .dsc left in $dscfn.tmp]"; + } } - if ($sign) { - my @debsign_cmd = @debsign; - push @debsign_cmd, "-k$keyid" if defined $keyid; - push @debsign_cmd, $changesfile; - runcmd_ordryrun @debsign_cmd; + if ($we_are_responder) { + my $dryrunsuffix = $dryrun ? ".tmp" : ""; + responder_receive_files('signed-dsc-changes', + "../$dscfn$dryrunsuffix", + "$changesfile$dryrunsuffix"); + } else { + sign_changes $changesfile; } + runcmd_ordryrun @git, qw(push),access_giturl(),"refs/tags/$tag"; my $host = access_cfg('upload-host','RETURN-UNDEF'); my @hostarg = defined($host) ? ($host,) : (); runcmd_ordryrun @dput, @hostarg, $changesfile; printdone "pushed and uploaded $cversion"; + + responder_send_command("complete"); } sub cmd_clone { @@ -1180,6 +1376,141 @@ sub cmd_push { dopush(); } +#---------- remote commands' implementation ---------- + +sub cmd_remote_push_responder { + my ($nrargs) = shift @ARGV; + my (@rargs) = @ARGV[0..$nrargs-1]; + @ARGV = @ARGV[$nrargs..$#ARGV]; + die unless @rargs; + my ($dir) = @rargs; + chdir $dir or die "$dir: $!"; + $we_are_responder = 1; + $|=1; + responder_send_command("dgit-remote-push-ready"); + &cmd_push; +} + +our $i_tmp; + +sub i_cleanup { + local ($@); + return unless defined $i_tmp; + chdir "/" or die $!; + eval { rmtree $i_tmp; }; +} + +sub i_method { + my ($base,$selector,@args) = @_; + $selector =~ s/\-/_/g; + { no strict qw(refs); &{"${base}_${selector}"}(@args); } +} + +sub cmd_rpush { + my $host = nextarg; + my $dir; + if ($host =~ m/^((?:[^][]|\[[^][]*\])*)\:/) { + $host = $1; + $dir = $'; #'; + } else { + $dir = nextarg; + } + $dir =~ s{^-}{./-}; + my @rargs = ($dir); + my @rdgit; + push @rdgit, @dgit; + push @rdgit, @ropts; + push @rdgit, (scalar @rargs), @rargs; + push @rdgit, @ARGV; + my @cmd = (@ssh, $host, shellquote @rdgit); + my $pid = open2(\*RO, \*RI, @cmd); + eval { + $i_tmp = tempdir(); + chdir $i_tmp or die "$i_tmp $!"; + initiator_expect { m/^dgit-remote-push-ready/ }; + for (;;) { + initiator_expect { m/^(\S+)(?: (.*))?$/ }; + my ($icmd,$iargs) = ($1, $2); + i_method "i_resp_", $icmd, $iargs; + } + }; + i_cleanup(); + die $@; +} + +sub i_resp_progress ($) { + my ($rhs) = @_; + my $msg = protocol_read_bytes \*RO, $rhs; + progress $msg; +} + +sub i_resp_complete { + i_cleanup(); + exit 0; +} + +sub i_resp_file ($) { + my ($keyword) = @_; + my $localname = i_method "i_localname_", $keyword; + my $localpath = "$i_tmp/$localname"; + stat $localpath and badproto \*RO, "file $keyword ($localpath) twice"; + protocol_receive_file \*RO, $localpath; +} + +our %i_param; + +sub i_param ($) { + $_[0] =~ m/^(\S+) (.*)$/; + $i_param{$1} = $2; +} + +our %i_wanted; + +sub i_resp_want ($) { + my ($keyword) = @_; + die "$keyword ?" if $i_wanted{$keyword}++; + my @localpaths = i_method "i_want_", $keyword; + foreach my $localpath (@localpaths) { + protocol_send_file \*RI, $localpath; + } + print RI "end-files\n" or die $!; +} + +our ($i_clogp, $i_version, $i_tag, $i_dscfn); + +sub i_localname_parsed_changelog { return "remote-changelog.822"; } +sub i_localname_changes { return "remote.changes"; } +sub i_localname_dsc { + ($i_clogp, $i_version, $i_tag, $i_dscfn) = + push_parse_changelog 'remote-changelog.822'; + die if $i_dscfn =~ m#/|^\W#; + return $i_dscfn; +} + +sub i_want_signed_tag { + defined $i_param{'head'} && defined $i_dscfn + or badproto \*RO, "sequencing error"; + my $head = $i_param{'head'}; + die if $head =~ m/[^0-9a-f]/ || $head !~ m/^../; + + push_parse_dsc $i_dscfn, 'remote dsc', + + push_mktag $head, $i_clogp, $i_tag, + $dsc, $i_dscfn, + 'remote.changes', 'remote changes', + 'tag.tag'; + + return 'tag.tag'; +} + +sub i_want_signed_dsc_changes { + rename "$i_dscfn.tmp","$i_dscfn" or die "$i_dscfn $!"; + sign_changes 'remote.changes'; + return ($i_dscfn, 'remote.changes'); +} + +#---------- building etc. ---------- + our $version; our $sourcechanges; our $dscfn; @@ -1348,6 +1679,8 @@ sub cmd_quilt_fixup { build_maybe_quilt_fixup(); } +#---------- argument parsing and main program ---------- + sub cmd_version { print "dgit version $our_version\n" or die $!; exit 0; @@ -1355,39 +1688,57 @@ sub cmd_version { sub parseopts () { my $om; + + if (defined $ENV{'DGIT_SSH'}) { + @ssh = string_to_ssh $ENV{'DGIT_SSH'}; + } elsif (defined $ENV{'GIT_SSH'}) { + @ssh = ($ENV{'GIT_SSH'}); + } + while (@ARGV) { last unless $ARGV[0] =~ m/^-/; $_ = shift @ARGV; last if m/^--?$/; if (m/^--/) { if (m/^--dry-run$/) { + push @ropts, $_; $dryrun=1; } elsif (m/^--no-sign$/) { + push @ropts, $_; $sign=0; } elsif (m/^--help$/) { cmd_help(); } elsif (m/^--version$/) { cmd_version(); } elsif (m/^--new$/) { + push @ropts, $_; $new_package=1; } elsif (m/^--(\w+)=(.*)/s && ($om = $opts_opt_map{$1}) && length $om->[0]) { + push @ropts, $_; $om->[0] = $2; } elsif (m/^--(\w+):(.*)/s && + !$opts_opt_cmdonly{$1} && ($om = $opts_opt_map{$1})) { + push @ropts, $_; push @$om, $2; } elsif (m/^--existing-package=(.*)/s) { + push @ropts, $_; $existing_package = $1; } elsif (m/^--distro=(.*)/s) { + push @ropts, $_; $idistro = $1; } elsif (m/^--clean=(dpkg-source|git|none)$/s) { + push @ropts, $_; $cleanmode = $1; } elsif (m/^--clean=(.*)$/s) { badusage "unknown cleaning mode \`$1'"; } elsif (m/^--ignore-dirty$/s) { + push @ropts, $_; $ignoredirty = 1; } elsif (m/^--no-quilt-fixup$/s) { + push @ropts, $_; $noquilt = 1; } else { badusage "unknown long option \`$_'"; @@ -1395,30 +1746,40 @@ sub parseopts () { } else { while (m/^-./s) { if (s/^-n/-/) { + push @ropts, $_; $dryrun=1; } elsif (s/^-h/-/) { cmd_help(); } elsif (s/^-D/-/) { + push @ropts, $_; open DEBUG, ">&STDERR" or die $!; $debug++; } elsif (s/^-N/-/) { + push @ropts, $_; $new_package=1; } elsif (m/^-[vm]/) { + push @ropts, $_; push @changesopts, $_; $_ = ''; } elsif (s/^-c(.*=.*)//s) { + push @ropts, $_; push @git, '-c', $1; } elsif (s/^-d(.*)//s) { + push @ropts, $_; $idistro = $1; } elsif (s/^-C(.*)//s) { + push @ropts, $_; $changesfile = $1; } elsif (s/^-k(.*)//s) { $keyid=$1; } elsif (s/^-wn//s) { + push @ropts, $_; $cleanmode = 'none'; } elsif (s/^-wg//s) { + push @ropts, $_; $cleanmode = 'git'; } elsif (s/^-wd//s) { + push @ropts, $_; $cleanmode = 'dpkg-source'; } else { badusage "unknown short option \`$_'";