X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=blobdiff_plain;f=infra%2Fdgit-repos-server;h=6131774e7c43c7e2816cad08bfbcc3b54329947e;hp=5bf4416267c72c4cec207e20908faf64ade5af26;hb=6dbc82e06ae1e6840dfa2ef2cc6b496561e6f333;hpb=ff53225eafcc9e53998f9f49085a366f3f98fc9c

diff --git a/infra/dgit-repos-server b/infra/dgit-repos-server
index 5bf44162..6131774e 100755
--- a/infra/dgit-repos-server
+++ b/infra/dgit-repos-server
@@ -1,6 +1,23 @@
 #!/usr/bin/perl -w
 # dgit-repos-server
 #
+# git protocol proxy to check dgit pushes etc.
+#
+# Copyright (C) 2014-2016  Ian Jackson
+#
+#    This program is free software; you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation; either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
 # usages:
 #   dgit-repos-server DISTRO DISTRO-DIR AUTH-SPEC [<settings>] --ssh
 #   dgit-repos-server DISTRO DISTRO-DIR AUTH-SPEC [<settings>] --cron
@@ -34,6 +51,7 @@
 
 use strict;
 
+use Debian::Dgit::Infra; # must precede Debian::Dgit; - can change @INC!
 use Debian::Dgit qw(:DEFAULT :policyflags);
 setup_sigwarn();
 
@@ -142,6 +160,10 @@ setup_sigwarn();
 #    FRESHREPO   (4)
 #         blow away repo right away (ie, as if before push or fetch)
 #         ("check-package" and "push" only)
+#    NOCOMMITCHECK   (8)
+#         suppress dgit-repos-server's check that commits do
+#         not lack "committer" info (eg as produced by #849041)
+#         ("push" only)
 # any unexpected bits mean failure, and then known set bits are ignored
 # if no unexpected bits set, operation continues (subject to meaning
 # of any expected bits set).  So, eg, exit 0 means "continue normally"
@@ -852,7 +874,7 @@ sub checks () {
 
     @policy_args = ($package,$version,$suite,$tagname,
 		    join(",",@deliberatelies));
-    $policy = policyhook(NOFFCHECK|FRESHREPO, 'push', @policy_args);
+    $policy = policyhook(NOFFCHECK|FRESHREPO|NOCOMMITCHECK, 'push', @policy_args);
 
     if (defined $tagexists_error) {
 	if ($policy & FRESHREPO) {
@@ -872,6 +894,27 @@ sub checks () {
 	chomp $mb;
 	$mb eq $oldcommit or reject "not fast forward on dgit branch";
     }
+
+    # defend against commits generated by #849041
+    if (!($policy & NOCOMMITCHECK)) {
+	my @checks = qw(%ae %at
+			%ce %ct);
+	my @chk = qw(git log -z);
+	push @chk, '--pretty=tformat:%H%n'.
+	    (join "", map { $_, '%n' } @checks);
+	push @chk, "^$oldcommit" if $oldcommit =~ m/[^0]/;
+	push @chk, $commit;;
+	printdebug " ~NOCOMMITCHECK @chk\n";
+	open CHK, "-|", @chk or die $!;
+	local $/ = "\0";
+	while (<CHK>) {
+	    next unless m/^$/m;
+	    m/^\w+(?=\n)/ or die;
+	    reject "corrupted object $& (missing metadata)";
+	}
+	$!=0; $?=0; close CHK or $?==256 or die "$? $!";
+    }
+
     if ($policy & FRESHREPO) {
 	# It's a bit late to be discovering this here, isn't it ?
 	#