our $help = '';
our $version = '';
# Set this to 1 or higher to get debug output in the log file.
- our $DEBUG = 1;
+ my $DEBUG = 1;
- our $NOMAIL = 0;
+ my $NOMAIL = 0;
# Set this to 0 to disable the timestamp check on uploaded files in sub scan_incoming
- our $TSTAMPCHECK = 1;
+ my $TSTAMPCHECK = 1;
my $TestingMode = 0;
'testing-this-script' => \$TestingMode,
);
+ constant->import(DEBUG => $DEBUG);
+ constant->import(NOMAIL => $NOMAIL);
+ constant->import(TSTAMPCHECK => $TSTAMPCHECK);
+
constant->import(IN_TEST_MODE => $TestingMode);
if ($TestingMode) {
our $style;
our $help;
our $version;
-our $DEBUG;
-our $NOMAIL;
-our $TSTAMPCHECK;
&version_information () if ($version);
&usage_information() if ($help);
# Don't look at files with really long names, either.
next if length ($ent) > 100;
- ftp_syslog('debug', "($log_style) DEBUG: " . "uploaded file to check: $ent") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: " . "uploaded file to check: $ent") if DEBUG;
$possible{$ent} = 1;
}
closedir (INCOMING) || ftp_die("FATAL: closedir($incoming_dir) failed: $!");
# On modern (Debian) systems, condition a) is not met.
my @lsof_args = (LSOF_BIN, "-Fn",
map { "$incoming_dir/$_" } keys %possible);
- ftp_syslog('debug', "($log_style) DEBUG: " . "lsof command line: " . join(' ',@lsof_args)) if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: " . "lsof command line: " . join(' ',@lsof_args)) if DEBUG;
my $pid = open (LSOF, "-|");
if ($pid) { # parent
while (defined (my $line = <LSOF>)) {
- ftp_syslog('debug', "($log_style) DEBUG: " . "lsof output: $line") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: " . "lsof output: $line") if DEBUG;
next unless $line =~ /^n${incoming_dir}\/(.+)$/; # only look at the name lines.
- ftp_syslog('debug', "($log_style) DEBUG: " . "upload in progress for $1, ignoring during this run") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: " . "upload in progress for $1, ignoring during this run") if DEBUG;
delete ($possible{$1}) || ftp_warn("WARNING: lsof found unrequested but open $1?!");
}
close (LSOF);
# Do not consider files that have been modified in the last 2 minutes
# This is an extra safety check to avoid trying to process files that are still
# being uploaded.
- if ($TSTAMPCHECK) {
+ if (TSTAMPCHECK) {
for my $ent (keys %possible) {
my @stat = stat($ent);
if ($stat[9] >= time - 120) {
- ftp_syslog('debug', "($log_style) DEBUG: " . "$ent has been modified in the last 2 minutes, skipping") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: " . "$ent has been modified in the last 2 minutes, skipping") if DEBUG;
delete ($possible{$ent});
next;
}
my $directive = "$base.directive.asc";
my $bare_base = $base;
$bare_base =~ s/\.directive\.asc$//g;
- ftp_syslog('debug', "($log_style) DEBUG: " . "considering $ent for processing") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: " . "considering $ent for processing") if DEBUG;
# work on this triple, if all three files exist, and the signature
# and directive files aren't huge. We want to exclude huge files
my $tmp = $directory;
while (1) {
if (-e "$package_config_base/$tmp/pubring.gpg") {
- ftp_syslog('debug', "($log_style) DEBUG: " . "found keyring $package_config_base/$tmp/pubring.gpg") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: " . "found keyring $package_config_base/$tmp/pubring.gpg") if DEBUG;
push(@pubrings,"$package_config_base/$tmp/pubring.gpg");
}
my $tmp2 = $tmp;
# for debugging purposes. After this point, we don't need to pass the
# $directive_file_contents to any subsequent &fatal calls.
if (defined $info{'package'}) {
- debug($directive_file_contents, $info{'package'}) if $DEBUG;
+ debug($directive_file_contents, $info{'package'}) if DEBUG;
} else {
- debug($directive_file_contents, '') if $DEBUG;
+ debug($directive_file_contents, '') if DEBUG;
}
# They have to specify a directory directive.
my ($directive_file, $directive_file_contents, @keyrings) = @_;
my $directive_file_size = -s $directive_file;
- ftp_syslog('debug', "($log_style) DEBUG: $directive_file size is $directive_file_size") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: $directive_file size is $directive_file_size") if DEBUG;
foreach (@keyrings) {
# We need what gpgv writes to STDERR to determine the timestamp
($verify_str) = $verify_str =~ /^(.*)$/;
ftp_syslog('debug',"($log_style) DEBUG: gpgv command line: $verify_str\n")
- if ($DEBUG > 0);
+ if (DEBUG > 0);
my $retval = '';
open (GPGV, "$verify_str|")
or &fatal("failed to run command: $verify_str",1);
my $sig_file_size = -s $sig_file;
my $upload_file_size = -s $upload_file;
- ftp_syslog('debug', "($log_style) DEBUG: $sig_file size is $sig_file_size") if $DEBUG;
- ftp_syslog('debug', "($log_style) DEBUG: $upload_file size is $upload_file_size") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: $sig_file size is $sig_file_size") if DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: $upload_file size is $upload_file_size") if DEBUG;
my @keyrings = &keyring_file ($info{package},$info{directory});
&fatal("no keyring for package $info{package}",0) if ($#keyrings < 0);
$valid
or &fatal("gpg verify of upload file ($upload_file) failed",1);
- my ($error_string, $error_log_ref) = check_vulnerabilities($upload_file,$log_style,$DEBUG);
+ my ($error_string, $error_log_ref) = check_vulnerabilities($upload_file,$log_style,DEBUG);
my @error_log = @$error_log_ref;
- if ($DEBUG and $#error_log > -1) {
+ if (DEBUG and $#error_log > -1) {
foreach (@error_log) {
ftp_syslog('debug', $_);
}
&fatal($error_string,1,'',3) if ($error_string ne '');
- ftp_syslog('debug', "($log_style) DEBUG: tested negative for CVE-2009-4029 and CVE-2012-3386") if $DEBUG;
+ ftp_syslog('debug', "($log_style) DEBUG: tested negative for CVE-2009-4029 and CVE-2012-3386") if DEBUG;
}
$file =~ /^(.*)$/; $file = $1;
my $mtime = $tmp[9];
$mtime =~ /^(.*)$/; $mtime = $1;
- ftp_syslog('debug',"($log_style) DEBUG: Removing $file, older than 24 hours (mtime: $tmp[9])\n") if ((time() > ($tmp[9]+24*3600)) && ($DEBUG > 0));
+ ftp_syslog('debug',"($log_style) DEBUG: Removing $file, older than 24 hours (mtime: $tmp[9])\n") if ((time() > ($tmp[9]+24*3600)) && (DEBUG > 0));
unlink ("$dir/.$file"); # don't worry if it doesn't exist
rename ("$dir/$file", "$dir/.$file") if (time() > ($mtime+24*3600));
}
sub cleanup {
for my $dir ($incoming_dir, $incoming_tmp, $desttmp) {
for my $f (@_) {
- ftp_syslog('debug',"($log_style) DEBUG: cleaning up $dir/$f\n") if ($DEBUG > 1);
+ ftp_syslog('debug',"($log_style) DEBUG: cleaning up $dir/$f\n") if (DEBUG > 1);
# if we quit early enough, they might not be there.
next unless defined $f && -e "$dir/$f";
my $exit_code = shift;
$directive_file_contents ||= '';
- if (($directive_file_contents ne '') && $DEBUG) {
+ if (($directive_file_contents ne '') && DEBUG) {
&mail ($directive_file_contents,0,"debug: directive file contents");
}
ftp_syslog('info', "($log_style) No uploader e-mail address(es) to report this error to!");
@email_list = ($email_always);
}
- if ($NOMAIL) {
+ if (NOMAIL) {
ftp_syslog('info', "($log_style) NOMAIL is set - not sending email to @email_list");
} else {
ftp_syslog('info', "($log_style) Sending email to @email_list");
#print STDERR "final emails: @email_list\n";
# return @_;
- if ($NOMAIL) {
+ if (NOMAIL) {
if ($subject ne '') {
ftp_syslog('info', "($log_style) Subject: '$subject'");
} elsif (defined $info{package}) {
my $msg = shift;
my $package_name = shift;
- if ($NOMAIL) {
+ if (NOMAIL) {
ftp_syslog('info', "($log_style) Subject: [$m_style gnu-ftp-debug] new upload processed: $package_name\nBody: $msg");
} else {
my $smtp;
projects / gatekeeper.git / commitdiff