From: Jacob Bachmeyer Date: Thu, 17 Nov 2022 03:41:21 +0000 (-0600) Subject: Rename ftp_abort to abort X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=2018cbdc082bd3e494f6a1735250c721e11bd366;p=gatekeeper.git Rename ftp_abort to abort --- diff --git a/gatekeeper.pl b/gatekeeper.pl index e1509e9..fe83b22 100755 --- a/gatekeeper.pl +++ b/gatekeeper.pl @@ -433,7 +433,7 @@ sub ftp_syslog { cluck($@) if $@; } -=item ftp_abort $message +=item abort $message Abandon processing after emitting MESSAGE to the log. Causes the program to exit with the current value of the C<$AbortExitCode> global variable. @@ -449,7 +449,7 @@ sub should B be called as a direct result of invalid remote input. =cut -sub ftp_abort($) { +sub abort($) { my $msg = shift; our $AbortExitCode; our $AbortPipe; @@ -534,7 +534,7 @@ BEGIN { # same filesystem. More precisely, ensure that rename works in the # circumstances where we assume it to be available. # -# Use ftp_abort here - these errors should "never" happen. +# Use abort here - these errors should "never" happen. { our $Inbox_dir; our $Scratch_dir; our $Stage_dir; our $Public_dir; our $Archive_dir; @@ -551,7 +551,7 @@ BEGIN { for my $dir ($package_config_base, $Inbox_dir, $Scratch_dir, $Public_dir, $Stage_dir, $archive_test_dir) { - ftp_abort "FATAL: configuration problem, $dir is not a directory" + abort "FATAL: configuration problem, $dir is not a directory" unless -d $dir; } @@ -572,11 +572,11 @@ BEGIN { # test moving a file from inbox to scratch { sysopen my $test, $infile, O_WRONLY|O_CREAT|O_EXCL - or ftp_abort "FATAL: create test file in inbox: $!"; + or abort "FATAL: create test file in inbox: $!"; close $test; unless (rename $infile, $scratchfile and -f $scratchfile) { unlink $infile; - ftp_abort "FATAL: could not rename file from inbox to scratchpad: $!"; + abort "FATAL: could not rename file from inbox to scratchpad: $!"; } unlink $scratchfile; # test complete } @@ -586,15 +586,15 @@ BEGIN { # test moving a file from stage to public to archive { sysopen my $test, $stagefile, O_WRONLY|O_CREAT|O_EXCL - or ftp_abort "FATAL: create test file in staging directory: $!"; + or abort "FATAL: create test file in staging directory: $!"; close $test; unless (rename $stagefile, $pubfile and -f $pubfile) { unlink $stagefile; - ftp_abort "FATAL: could not rename file from staging to public: $!"; + abort "FATAL: could not rename file from staging to public: $!"; } unless (rename $pubfile, $arcfile and -f $arcfile) { unlink $pubfile; - ftp_abort "FATAL: could not rename file from public to archive: $!"; + abort "FATAL: could not rename file from public to archive: $!"; } unlink $arcfile; # test complete } @@ -898,15 +898,15 @@ sub _spawn_gpgv { # (CVE-2022-34903) whereby GPG could be tricked to emit arbitrary output # on the status pipe. pipe my $gpgv_stdin, my $gpgv_stdin_source - or ftp_abort "failed to create pipe for gpgv stdin: $!"; + or abort "failed to create pipe for gpgv stdin: $!"; pipe my $gpgv_output, my $gpgv_output_sink - or ftp_abort "failed to create pipe for gpgv output: $!"; + or abort "failed to create pipe for gpgv output: $!"; pipe my $gpgv_log, my $gpgv_log_sink - or ftp_abort "failed to create pipe for gpgv log: $!"; + or abort "failed to create pipe for gpgv log: $!"; pipe my $gpgv_status, my $gpgv_status_sink - or ftp_abort "failed to create pipe for gpgv status: $!"; + or abort "failed to create pipe for gpgv status: $!"; pipe my $gpgv_flag, my $gpgv_flag_sink - or ftp_abort "failed to create pipe for gpgv flag: $!"; + or abort "failed to create pipe for gpgv flag: $!"; # ensure autoflush on writes to gpgv { my $outhandle = select $gpgv_stdin_source; $| = 1; select $outhandle } @@ -921,7 +921,7 @@ sub _spawn_gpgv { if DEBUG; my $pid = fork; - ftp_abort "failed to fork child for gpgv: $!" + abort "failed to fork child for gpgv: $!" unless defined $pid; unless ($pid) { @@ -938,26 +938,26 @@ sub _spawn_gpgv { my $flags; # - clear on status and log sinks $flags = fcntl $gpgv_status_sink, F_GETFD, 0 - or ftp_abort "ERR: fcntl F_GETFD on status: $!"; + or abort "ERR: fcntl F_GETFD on status: $!"; fcntl $gpgv_status_sink, F_SETFD, $flags & ~FD_CLOEXEC - or ftp_abort "ERR: fcntl F_SETFD on status: $!"; + or abort "ERR: fcntl F_SETFD on status: $!"; $flags = fcntl $gpgv_log_sink, F_GETFD, 0 - or ftp_abort "ERR: fcntl F_GETFD on log: $!"; + or abort "ERR: fcntl F_GETFD on log: $!"; fcntl $gpgv_log_sink, F_SETFD, $flags & ~FD_CLOEXEC - or ftp_abort "ERR: fcntl F_SETFD on log: $!"; + or abort "ERR: fcntl F_SETFD on log: $!"; # - set on flag pipe sink $flags = fcntl $gpgv_flag_sink, F_GETFD, 0 - or ftp_abort "ERR: fcntl F_GETFD on flag: $!"; + or abort "ERR: fcntl F_GETFD on flag: $!"; fcntl $gpgv_flag_sink, F_SETFD, $flags | FD_CLOEXEC - or ftp_abort "ERR: fcntl F_SETFD on flag: $!"; + or abort "ERR: fcntl F_SETFD on flag: $!"; # Prepare STDIN/STDOUT/STDERR - open STDIN, '<&', $gpgv_stdin or ftp_abort "ERR: set stdin: $!"; - open STDOUT, '>&', $gpgv_output_sink or ftp_abort "ERR: set stdout: $!"; - open STDERR, '>&', $gpgv_output_sink or ftp_abort "ERR: set stderr: $!"; + open STDIN, '<&', $gpgv_stdin or abort "ERR: set stdin: $!"; + open STDOUT, '>&', $gpgv_output_sink or abort "ERR: set stdout: $!"; + open STDERR, '>&', $gpgv_output_sink or abort "ERR: set stderr: $!"; # Exec gpgv - exec { GPGV_BIN } @gpgv_args or ftp_abort "ERR: exec: $!"; + exec { GPGV_BIN } @gpgv_args or abort "ERR: exec: $!"; } # The parent continues here... @@ -973,7 +973,7 @@ sub _spawn_gpgv { if ($err =~ m/^ERR: (.*)$/) { # This is bad - we couldn't even execute the gpgv command properly waitpid $pid, 0; # reap failed child - ftp_abort + abort ("gpg verify of directive file failed (error executing gpgv): $1"); } } @@ -982,9 +982,9 @@ sub _spawn_gpgv { foreach my $cell ([$gpgv_stdin_source, 'message'], [$gpgv_output, 'output'], [$gpgv_log, 'log'], [$gpgv_status, 'status']) { my $flags = fcntl $cell->[0], F_GETFL, 0 - or ftp_abort "gpgv: fcntl F_GETFL $cell->[1]: $!"; + or abort "gpgv: fcntl F_GETFL $cell->[1]: $!"; fcntl $cell->[0], F_SETFL, $flags | O_NONBLOCK - or ftp_abort "gpgv: fcntl F_SETFL $cell->[1]: $!"; + or abort "gpgv: fcntl F_SETFL $cell->[1]: $!"; } return $pid, $gpgv_stdin_source, $gpgv_output, $gpgv_log, $gpgv_status; @@ -1009,7 +1009,7 @@ sub _analyze_gpgv_output { my $intro_status = 0; my $check_status = 0; my $verdict_status = 0; open my $status, '<', \($ret->{raw_status}) - or ftp_abort "open in-memory file for gpgv status: $!"; + or abort "open in-memory file for gpgv status: $!"; while (<$status>) { chomp; unless (m/^\[GNUPG:\] /g) { @@ -1040,7 +1040,7 @@ sub _analyze_gpgv_output { /gcx) { # $1 -- pubkey algorithm $2 -- digest algorithm # $3 -- timestamp $4 -- result code - ftp_abort 'gpgv returned an ISO8601 timestamp; implementation needed' + abort 'gpgv returned an ISO8601 timestamp; implementation needed' if $3 =~ m/T/; $ret->{sig_creation} = $3; } else @@ -1064,14 +1064,14 @@ sub _analyze_gpgv_output { # $11 -- primary key fingerprint $ret->{key_fingerprint} = $2; $ret->{key_longid} = substr $2,-16; - ftp_abort 'gpgv returned an ISO8601 timestamp; implementation needed' + abort 'gpgv returned an ISO8601 timestamp; implementation needed' if $4 =~ m/T/ || $5 =~ m/T/; $ret->{sig_creation} = $4; # GPG reports 0 if the signature does not expire $ret->{sig_expiration} = $5 if $5 > 0; } } - close $status or ftp_abort "close in-memory file for gpgv status: $!"; + close $status or abort "close in-memory file for gpgv status: $!"; push @{$ret->{TILT}}, 'gpgv reported more than one signature' if $intro_status > 1; @@ -1097,7 +1097,7 @@ sub verify_clearsigned_message { ($pid, $gpgv_stdin_source, $gpgv_output, $gpgv_log, $gpgv_status) = _spawn_gpgv(\@keyrings, '-'); - local $SIG{PIPE} = sub { ftp_abort 'gpgv exited unexpectedly' }; + local $SIG{PIPE} = sub { abort 'gpgv exited unexpectedly' }; my $Rchk = ''; my $Wchk = ''; vec($Wchk, (fileno $gpgv_stdin_source), 1) = 1; vec($Rchk, (fileno $_), 1) = 1 for ($gpgv_output, $gpgv_log, $gpgv_status); @@ -1276,7 +1276,7 @@ sub directory_email_addresses { my @addresses; foreach my $file (@email_files) { - open EMAIL_FILE, '<', $file or ftp_abort("open($file) failed: $!"); + open EMAIL_FILE, '<', $file or abort("open($file) failed: $!"); while () { chomp; push @addresses, $1 @@ -1289,7 +1289,7 @@ sub directory_email_addresses { my $needle = $package_name.' - '; my $nlen = length $needle; open EMAIL_FILE, '<', $maintainers_bypkg - or ftp_abort("open($maintainers_bypkg) failed: $!"); + or abort("open($maintainers_bypkg) failed: $!"); while () { chomp; next unless $needle eq substr $_,0,$nlen; # find the line for this package @@ -1340,9 +1340,9 @@ sub exclude_mail_blacklist { my @filtered = @emaillist; if (-f $blacklist_file) { open BLACKLIST, '<', $blacklist_file - or ftp_abort("open($blacklist_file) failed: $!"); + or abort("open($blacklist_file) failed: $!"); while () { chomp; $blacklist{$_}++ } - close BLACKLIST or ftp_abort("close($blacklist_file) failed: $!"); + close BLACKLIST or abort("close($blacklist_file) failed: $!"); @filtered = grep !$blacklist{$_}, @emaillist; } @@ -1392,7 +1392,7 @@ sub sendmail { } else { $smtp = Net::SMTP->new(Host => 'localhost'); } - ftp_abort "FATAL: SMTP connection failed" unless $smtp; + abort "FATAL: SMTP connection failed" unless $smtp; $smtp->mail($sender); $smtp->recipient(unique(@$recipients), { SkipBad => 1}); @@ -1696,7 +1696,7 @@ sub scan_incoming { # Get list of all possible files from incoming dir. # opendir INCOMING, $directory - or ftp_abort("FATAL opendir($directory) failed: $!"); + or abort("FATAL opendir($directory) failed: $!"); ENT: while (defined($_ = readdir INCOMING)) { next ENT if m/^[.]{1,2}$/; # skip . and .. entries # require acceptable filenames @@ -1744,7 +1744,7 @@ sub scan_incoming { $possible{$ent} = 1; } closedir INCOMING - or ftp_abort("FATAL: closedir($directory) failed: $!"); + or abort("FATAL: closedir($directory) failed: $!"); # dispose of any garbage files ftp_syslog('info', "$badname_count files with bogus names were trashcanned") @@ -1779,7 +1779,7 @@ sub scan_incoming { if DEBUG; open LSOF, '-|', @lsof_args - or ftp_abort "FATAL: cannot spawn lsof: $!";; + or abort "FATAL: cannot spawn lsof: $!";; while () { ftp_syslog('debug', "DEBUG: lsof output: $_") if DEBUG; # only look at the name lines @@ -2138,7 +2138,7 @@ sub advance_timestamp_ratchet { while () { s/\s+//g; m/^(.*?):(.*?)$/ - or ftp_abort "bad line in serials file: [$_]"; + or abort "bad line in serials file: [$_]"; $serials{$1} = $2; } } @@ -2532,7 +2532,7 @@ sub execute_commands { our $Scratch_dir; our $Public_dir; - ftp_abort "invalid internal operation list" + abort "invalid internal operation list" unless $oplist->[0][0] eq 'header'; my $header = $oplist->[0][1]; my @directory = File::Spec::Unix->splitdir($header->{directory}); @@ -2577,7 +2577,7 @@ sub execute_commands { } elsif (IN_TEST_MODE && $step->[0] eq 'no-op') { # do nothing } else { - ftp_abort "unknown internal operation: $step->[0]"; + abort "unknown internal operation: $step->[0]"; } } } @@ -2600,7 +2600,7 @@ scan_incoming will remove those files on the next run. sub cleanup_dir { my $dir = shift; opendir(DIR, $dir) - or ftp_abort "Can’t opendir $dir in cleanup_dir: $!"; + or abort "Can’t opendir $dir in cleanup_dir: $!"; my @files = grep { !/^\./ && -f File::Spec->catfile($dir, $_) } readdir(DIR); closedir DIR;