# List of all package maintainers
my $maintainers_bypkg = "/home/gatekpr/etc/maintainers.bypkg";
-my $log_style = 'GNU';
-$log_style = 'Alpha' if ($style eq 'alpha');
-$log_style = 'Distros' if ($style eq 'distros');
+my $Log_Style = 'GNU';
+$Log_Style = 'Alpha' if ($style eq 'alpha');
+$Log_Style = 'Distros' if ($style eq 'distros');
# maintainer e-mail address
my $maintainer_email = "ftp-upload-report\@gnu.org";
die "gatekeeper: test mode: TEST_SYSLOG_SOCKET not valid"
unless $ENV{TEST_SYSLOG_SOCKET} && -S $ENV{TEST_SYSLOG_SOCKET} && -w _;
# override log message tag
- $log_style = 'Test';
+ $Log_Style = 'Test';
} else { # in production mode
# ensure we are using the real gpgv
open my $gpgv,'-|',GPGV_BIN, '--version'
# Collapse the message to a single line for syslog
$message =~ s/[\r\n]+/ \/ /g;
+ # Prepend the log style tag
+ $message = "($Log_Style) ".$message;
+
# The syslog function is pretty picky, and (sometimes) dies silently
# when using non-valid syslog priorities.
# That's why we run it inside an eval, with errors printed to STDERR,
}
sub ftp_warn($) {
- ftp_syslog('warning', "($log_style) " . $_[0]);
+ ftp_syslog('warning', $_[0]);
warn $_[0];
}
my $msg = shift;
my $exitcode = shift;
$exitcode ||= 1;
- ftp_syslog('err', "($log_style) " . $msg);
+ ftp_syslog('err', $msg);
exit $exitcode;
}
setlogsock(unix => $1);
}
openlog(SYSLOG_APP_IDENT, 'pid', SYSLOG_FACILITY);
-ftp_syslog('info', "($log_style) Beginning upload processing run.");
+ftp_syslog('info', "Beginning upload processing run.");
#
# -- Configuration sanity check
my $tmp = $directory;
while (1) {
if (-e "$package_config_base/$tmp/pubring.gpg") {
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
. "found keyring $package_config_base/$tmp/pubring.gpg")
if DEBUG;
push(@pubrings,"$package_config_base/$tmp/pubring.gpg");
# Something went wrong, but we can't figure out which package this
# upload belongs to. Mention that in the logs, and then mail this to
# the script maintainer anyway.
- ftp_syslog('info', "($log_style) "
- ."No uploader e-mail address(es) to report this error to!");
+ ftp_syslog('info',
+ "No uploader e-mail address(es) to report this error to!");
@email_list = ($email_always);
}
if (NOMAIL) {
- ftp_syslog('info', "($log_style) "
- ."NOMAIL is set - not sending email to @email_list");
+ ftp_syslog('info',
+ "NOMAIL is set - not sending email to @email_list");
} else {
- ftp_syslog('info', "($log_style) Sending email to @email_list");
+ ftp_syslog('info', "Sending email to @email_list");
}
my $sender = 'ftp-upload-script@gnu.org';
if (NOMAIL) {
if ($subject ne '') {
- ftp_syslog('info', "($log_style) Subject: '$subject'");
+ ftp_syslog('info', "Subject: '$subject'");
} elsif (defined $info{package}) {
- ftp_syslog('info', "($log_style) Subject: $info{package}");
+ ftp_syslog('info', "Subject: $info{package}");
} else {
- ftp_syslog('warning', "($log_style) Error uploading package: $msg");
- ftp_syslog('info', "($log_style) Subject: generic failure");
+ ftp_syslog('warning', "Error uploading package: $msg");
+ ftp_syslog('info', "Subject: generic failure");
}
- ftp_syslog('info', "($log_style) Body: $msg");
+ ftp_syslog('info', "Body: $msg");
} else {
my $smtp;
if (IN_TEST_MODE) {
. "\r\n");
if ($subject ne '') {
$smtp->datasend ("Subject: [$m_style gnu-ftp-upload] $subject");
- ftp_syslog('info', "($log_style) Subject: '$subject'");
+ ftp_syslog('info', "Subject: '$subject'");
} elsif (defined $info{package}) {
$smtp->datasend("Subject: [$m_style gnu-ftp-upload] $info{package}");
- ftp_syslog('info', "($log_style) Subject: $info{package}");
+ ftp_syslog('info', "Subject: $info{package}");
} else {
$smtp->datasend("Subject: [$m_style gnu-ftp-upload] generic failure");
- ftp_syslog('warning', "($log_style) Error uploading package: $msg");
- ftp_syslog('info', "($log_style) Subject: generic failure");
+ ftp_syslog('warning', "Error uploading package: $msg");
+ ftp_syslog('info', "Subject: generic failure");
}
$smtp->datasend ("\n\n");
- ftp_syslog('info', "($log_style) Body: $msg");
+ ftp_syslog('info', "Body: $msg");
# Wrap message at 78 characters, this is e-mail...
$Text::Wrap::columns=78;
my $package_name = shift;
if (NOMAIL) {
- ftp_syslog('info', "($log_style) "
- ."Subject: [$m_style gnu-ftp-debug] "
- ."new upload processed: $package_name\nBody: $msg");
+ ftp_syslog('info', "Subject: [$m_style gnu-ftp-debug] "
+ ."new upload processed: $package_name\nBody: $msg");
} else {
my $smtp;
if (IN_TEST_MODE) {
mail ($directive_file_contents,0,"debug: directive file contents");
}
- ftp_syslog('err', "($log_style) $tainted_msg");
+ ftp_syslog('err', "$tainted_msg");
# Don't let them do perl or shell quoting tricks, but show everything
# that's definitely harmless.
# Don't look at files with really long names, either.
next if length ($ent) > 100;
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."uploaded file to check: $ent") if DEBUG;
$possible{$ent} = 1;
}
# On modern (Debian) systems, condition a) is not met.
my @lsof_args = (LSOF_BIN, "-Fn",
map { "$incoming_dir/$_" } keys %possible);
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."lsof command line: " . join(' ',@lsof_args))
if DEBUG;
my $pid = open (LSOF, "-|");
if ($pid) { # parent
while (defined (my $line = <LSOF>)) {
- ftp_syslog('debug', "($log_style) DEBUG: " . "lsof output: $line")
+ ftp_syslog('debug', "DEBUG: " . "lsof output: $line")
if DEBUG;
# only look at the name lines.
next unless $line =~ /^n${incoming_dir}\/(.+)$/;
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."upload in progress for $1, ignoring during this run")
if DEBUG;
delete ($possible{$1})
for my $ent (keys %possible) {
my @stat = stat($ent);
if ($stat[9] >= time - 120) {
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."$ent has been modified in the last 2 minutes, skipping")
if DEBUG;
delete ($possible{$ent});
my $directive = "$base.directive.asc";
my $bare_base = $base;
$bare_base =~ s/\.directive\.asc$//g;
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."considering $ent for processing") if DEBUG;
# work on this triple, if all three files exist, and the signature
&& (-s "$incoming_dir/$sig" < 50*1024)) {
push (@ret, { "directive" => $directive, "sig" => $sig,
"upload" => $base, "directive_only" => 0 });
- ftp_syslog('info', "($log_style) processing [$directive:$sig:$base]");
+ ftp_syslog('info', "processing [$directive:$sig:$base]");
# Do atomic rename to temp incoming directory before reading
# anything, for safety.
# Most likely a race condition. We've found a directive file but
# not the accompanying file(s). Just ignore this directive file
# for now.
- ftp_syslog('info',"($log_style) "
- ."Found directive file with filename directive ($base), "
+ ftp_syslog('info',
+ "Found directive file with filename directive ($base), "
."but no accompanying files. "
."Ignoring directive file in this run.");
} else {
delete $possible{$base};
} elsif ((-f $directive) && ((-s $directive) >= 50*1024)) {
rename ("$incoming_dir/$directive", "$incoming_dir/.$directive");
- ftp_syslog('info', "($log_style) "
- ."directive file ($directive) larger than 50KB");
+ ftp_syslog('info', "directive file ($directive) larger than 50KB");
fatal("The directive file $directive is larger than 50KB. "
."This can not be correct, ignoring upload.",0);
} elsif ((-f $sig) && ((-s $sig) >= 50*1024)) {
rename ("$incoming_dir/$sig", "$incoming_dir/.$sig");
- ftp_syslog('info', "($log_style) "
- ."signature file ($sig) larger than 50KB");
+ ftp_syslog('info', "signature file ($sig) larger than 50KB");
fatal("The signature file $sig is larger than 50KB. "
."This can not be correct, ignoring upload.",0);
}
my @keyrings = @_;
my $directive_file_size = -s $directive_file;
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."$directive_file size is $directive_file_size") if DEBUG;
foreach (@keyrings) {
($verify_str) = $verify_str =~ /^(.*)$/;
- ftp_syslog('debug',"($log_style) DEBUG: gpgv command line: $verify_str\n")
+ ftp_syslog('debug',"DEBUG: gpgv command line: $verify_str\n")
if (DEBUG > 0);
my $retval = '';
open (GPGV, "$verify_str|")
0,'',2);
} elsif ($retval =~ /\n0\n$/s) {
# We store the return value of gpgv on the last line of the output
- ftp_syslog('info', "($log_style) verified against $_\n");
+ ftp_syslog('info', "verified against $_\n");
return $retval; # We got return value 0 from gpgv -> key verified!
} else {
# gpgv returned an error - most likely just key not found. Ignore,
if ($directory_command_only == 0) {
fatal("no filename directive specified in $directive_file",1)
} else {
- ftp_syslog('info',"($log_style) "
- ."running in legacy v1 compatibility mode");
+ ftp_syslog('info',"running in legacy v1 compatibility mode");
}
} elsif (!$V1_COMPAT_ALLOWED) {
# This is not allowed - we require a filename directive. No backwards compatibility.
}
$filename_required = 0;
}
- ftp_syslog('info',"($log_style) not running in legacy v1 mode")
+ ftp_syslog('info',"not running in legacy v1 mode")
if (!$info{'v1_compat_mode'});
# Configuration must exist for the package
if (($retval =~ /Signature made (.*)/) && ($filename_required)) {
my $timestr = $1;
- ftp_syslog('debug', "($log_style) DEBUG: Signature made $1") if DEBUG;
+ ftp_syslog('debug', "DEBUG: Signature made $1") if DEBUG;
# Some versions of GPG also mention the key used to make the signature
# on this line, while others do not. The testing mock does.
# http://thread.gmane.org/gmane.comp.sysutils.autotools.announce/131
if ($upload_file =~ /\.(tar|)(\.|$)|\.t[bglx]z|\.tbz2$/) {
# First check if the file contains any Makefile.in files
- push(@debug_log,"($log_style) DEBUG: "
+ push(@debug_log,"DEBUG: "
."testing $upload_file for presence of Makefile.in")
if $debug;
my $tar_cmd = "/bin/tar -tf $upload_file";
return ($error_string, \@debug_log)
if (!$found_makefile);
# If it does, check inside them
- push(@debug_log,"($log_style) DEBUG: found Makefile.in, "
+ push(@debug_log,"DEBUG: found Makefile.in, "
."testing for CVE-2009-4029 and CVE-2012-3386")
if $debug;
$tar_cmd = "/bin/tar --to-stdout -x -f $upload_file 'Makefile.in' "
my $sig_file_size = -s $sig_file;
my $upload_file_size = -s $upload_file;
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."$sig_file size is $sig_file_size") if DEBUG;
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."$upload_file size is $upload_file_size") if DEBUG;
my @keyrings = keyring_file ($info{package},$info{directory});
or fatal("gpg verify of upload file ($upload_file) failed",1);
my ($error_string, $error_log_ref) =
- check_vulnerabilities($upload_file,$log_style,DEBUG);
+ check_vulnerabilities($upload_file,$Log_Style,DEBUG);
my @error_log = @$error_log_ref;
if (DEBUG and $#error_log > -1) {
fatal($error_string,1,'',3) if ($error_string ne '');
- ftp_syslog('debug', "($log_style) DEBUG: "
+ ftp_syslog('debug', "DEBUG: "
."tested negative for CVE-2009-4029 and CVE-2012-3386") if DEBUG;
}
my @mv_args = ("/bin/mv", "$dir/$file",
"$olddestfinal/$subdir/$timestamp"."_$file");
fatal("@mv_args failed",0) if system (@mv_args) != 0;
- ftp_syslog('info', "($log_style) "
- ."archived $dir/$file to $olddestfinal/$subdir/$timestamp"
+ ftp_syslog('info',
+ "archived $dir/$file to $olddestfinal/$subdir/$timestamp"
."_$file");
}
."replace the pair please use the 'replace' directive",1);
} else {
archive($destdir, $info{directory}, $sig_file);
- ftp_syslog('info', "($log_style) archived and overwrote "
+ ftp_syslog('info', "archived and overwrote "
."$destdir/$sig_file with uploaded version");
$t1 = 1;
}
."replace the pair please use the 'replace' directive",1);
} else {
archive($destdir, $info{directory}, $upload_file);
- ftp_syslog('info', "($log_style) overwrote "
+ ftp_syslog('info', "overwrote "
."$destdir/$upload_file with uploaded version");
$t2 = 1;
}
or fatal("creation of symlink $info{$key}{link} "
."to $target in $destdir failed: $!",1);
# go back to current working dir
- ftp_syslog('info', "($log_style) added symlink $destdir/"
+ ftp_syslog('info', "added symlink $destdir/"
.$info{$key}{link} . " pointing to $destdir/$target");
chdir($cwd)
or fatal("chdir to $cwd failed: $!",1);
unless -l "$destdir/$1";
unlink("$destdir/$1")
or fatal("removal of symlink $1 failed: $!",1);
- ftp_syslog('info', "($log_style) removed symlink $destdir/$1");
+ ftp_syslog('info', "removed symlink $destdir/$1");
} elsif ($key =~ /^archive-(.*)/) {
# We now also allow archiving entire directories
archive($destdir, $originfo{directory}, "$1.sig")
$file =~ /^(.*)$/; $file = $1;
my $mtime = $tmp[9];
$mtime =~ /^(.*)$/; $mtime = $1;
- ftp_syslog('debug',"($log_style) DEBUG: "
+ ftp_syslog('debug',"DEBUG: "
."Removing $file, older than 24 hours (mtime: $tmp[9])\n")
if ((time() > ($tmp[9]+24*3600)) && (DEBUG > 0));
unlink ("$dir/.$file"); # don't worry if it doesn't exist
sub cleanup {
for my $dir ($incoming_dir, $incoming_tmp, $desttmp) {
for my $f (@_) {
- ftp_syslog('debug',"($log_style) DEBUG: cleaning up $dir/$f\n")
+ ftp_syslog('debug',"DEBUG: cleaning up $dir/$f\n")
if (DEBUG > 1);
# if we quit early enough, they might not be there.
next unless defined $f && -e "$dir/$f";
or ftp_die("FATAL: chdir($incoming_tmp) failed: $!");
for my $files (@incoming) { # each list element is a hash reference.
- ftp_syslog('info',"($log_style) found directive: $files->{directive}\n");
+ ftp_syslog('info',"found directive: $files->{directive}\n");
# if we die processing a triplet, the eval allows us to move
# onto the next triplet.
eval {
undef %info;
}
if ((scalar @incoming) == 0) {
- ftp_syslog('info', "($log_style) No files found for processing.");
+ ftp_syslog('info', "No files found for processing.");
} else {
- ftp_syslog('info', "($log_style) Processing complete: "
+ ftp_syslog('info', "Processing complete: "
.(scalar @incoming)." uploads processed.");
system("/usr/local/bin/generate-ftpindex")
unless IN_TEST_MODE;
- ftp_syslog('info', "($log_style) Updated ftpindex");
+ ftp_syslog('info', "Updated ftpindex");
}
# Clean up the incoming directory and the incoming tmp directory - remove files older than a day
projects / gatekeeper.git / commitdiff