From: Jacob Bachmeyer Date: Tue, 8 Aug 2023 01:21:22 +0000 (-0500) Subject: Eliminate undocumented --debug option X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=fc34f3835c30ed0b7a995c2fd8e41c422adcbdb6;p=gatekeeper.git Eliminate undocumented --debug option The debugging flag was default-on anyway. The debugging messages can be filtered using syslog features if desired, since they are sent to the log with the appropriate "debug" level. --- diff --git a/gatekeeper.pl b/gatekeeper.pl index a2072a0..fb8c6da 100755 --- a/gatekeeper.pl +++ b/gatekeeper.pl @@ -276,9 +276,6 @@ BEGIN { my $ConfigFile = File::Spec->catfile($FindBin::Bin, 'gatekeeper.conf'); my $GPGV_Bin; my $LSOF_Bin; - # Set this to 1 or higher to get debug output in the log file. - my $DEBUG = 1; - my $NOMAIL = 0; # Set this to 0 to disable the timestamp check on uploaded files in sub @@ -296,12 +293,10 @@ BEGIN { 'with-lsof=s' => \$LSOF_Bin, 'tstampcheck=i' => \$TSTAMPCHECK, 'nomail=i' => \$NOMAIL, - 'debug|d=i' => \$DEBUG, 'testing-this-script' => \$TestingMode, 'check-config-parse' => \$CheckConfigurationParse, ) or pod2usage(-verbose => 0, -exitval => 2); - constant->import(DEBUG => $DEBUG); constant->import(NOMAIL => $NOMAIL); constant->import(TSTAMPCHECK => $TSTAMPCHECK); @@ -1421,9 +1416,7 @@ sub directory_keyrings { my @keyrings = directory_configuration_files('pubring.gpg', $directory); - if (DEBUG) { - ftp_syslog debug => "DEBUG: found keyring $_" for @keyrings; - } + ftp_syslog debug => "DEBUG: found keyring $_" for @keyrings; return @keyrings; } @@ -2255,8 +2248,7 @@ sub scan_incoming { if (TSTAMPCHECK) { if ((stat(_))[9] >= $time_bar) { ftp_syslog debug => "DEBUG: " - ."$ent has been modified in the last 2 minutes, skipping" - if DEBUG; + ."$ent has been modified in the last 2 minutes, skipping"; next ENT } } @@ -2272,7 +2264,7 @@ sub scan_incoming { next ENT } - ftp_syslog debug => "DEBUG: uploaded file to check: $ent" if DEBUG; + ftp_syslog debug => "DEBUG: uploaded file to check: $ent"; $possible{$ent} = 1; } closedir INCOMING @@ -2307,18 +2299,16 @@ sub scan_incoming { # be seen because they are owned by another user. my @lsof_args = (LSOF_BIN, "-Fn", map { File::Spec->catfile($directory, $_) } keys %possible); - ftp_syslog debug => "DEBUG: lsof command line: " . join(' ',@lsof_args) - if DEBUG; + ftp_syslog debug => "DEBUG: lsof command line: " . join(' ',@lsof_args); open LSOF, '-|', @lsof_args or abort "FATAL: cannot spawn lsof: $!";; while () { - ftp_syslog debug => "DEBUG: lsof output: $_" if DEBUG; + ftp_syslog debug => "DEBUG: lsof output: $_"; # only look at the name lines next unless /^n${directory}\/(.+)$/; ftp_syslog debug => "DEBUG: " - ."upload in progress for $1, ignoring during this run" - if DEBUG; + ."upload in progress for $1, ignoring during this run"; delete ($possible{$1}) or warn "WARNING: lsof found unrequested but open $1?!"; } @@ -2361,7 +2351,7 @@ sub gather_packets { # this function to be updated if new packet types are added. ftp_syslog debug => "DEBUG: " - ."considering stem [$stem] for processing" if DEBUG; + ."considering stem [$stem] for processing"; # Note that all values in %havefile are 1 and the undefined value is # falsish in Perl, so simple checks are adequate here. No tests for @@ -2816,8 +2806,7 @@ sub _spawn_gpgv { push @gpgv_args, '--keyring', $_ for @$keyrings; push @gpgv_args, @file_args; - ftp_syslog debug => 'DEBUG: gpgv command line: '.join(' ', @gpgv_args) - if DEBUG; + ftp_syslog debug => 'DEBUG: gpgv command line: '.join(' ', @gpgv_args); my $pid = fork; abort "failed to fork child for gpgv: $!" @@ -2988,7 +2977,7 @@ sub verify_clearsigned_message { my $text = shift; my @keyrings = @_; - ftp_syslog debug => 'DEBUG: message size is '.length($text) if DEBUG; + ftp_syslog debug => 'DEBUG: message size is '.length($text); # "my (LIST) = ..." causes problems with CPerl mode here -- jcb my $pid; my $gpgv_stdin_source; @@ -3053,10 +3042,8 @@ sub verify_detached_signature { my $file_size = -s $filename; my $sig_file_size = -s $sigfilename; - ftp_syslog debug => "DEBUG: $sigfilename size is $sig_file_size" - if DEBUG; - ftp_syslog debug => "DEBUG: $filename size is $file_size" - if DEBUG; + ftp_syslog debug => "DEBUG: $sigfilename size is $sig_file_size"; + ftp_syslog debug => "DEBUG: $filename size is $file_size"; } my $pid; my $gpgv_output; my $gpgv_log; my $gpgv_status; @@ -3176,7 +3163,7 @@ sub check_signature_timestamp { ftp_syslog debug => "DEBUG: $what signature made " .strftime('%a %b %d %H:%M:%S %Y %Z', - localtime $timestamp) if DEBUG; + localtime $timestamp); # Verify that this timestamp is not too far in the future. We allow a # discrepancy of 1 day so we don't have to worry about timezones @@ -3247,8 +3234,7 @@ sub Local::Packet::Directive::Upload::check_automake_vulnerabilities { # First check if the file contains any Makefile.in files ftp_syslog debug => "DEBUG: " - ."testing $upload_file for presence of Makefile.in" - if DEBUG; + ."testing $upload_file for presence of Makefile.in"; my @tar_cmd = (qw(/bin/tar -tf), $upload_file); open TAR, '-|', @tar_cmd or die 'failed to run command: '.join(' ',@tar_cmd).": $!"; @@ -3262,8 +3248,7 @@ sub Local::Packet::Directive::Upload::check_automake_vulnerabilities { # If it does, check inside them my %issues = (); ftp_syslog debug => "DEBUG: found Makefile.in, " - ."testing for CVE-2009-4029 and CVE-2012-3386" - if DEBUG; + ."testing for CVE-2009-4029 and CVE-2012-3386"; @tar_cmd = (qw(/bin/tar --to-stdout -x -f), $upload_file, qw(Makefile.in --wildcards */Makefile.in)); open TAR, '-|', @tar_cmd @@ -3283,8 +3268,7 @@ sub Local::Packet::Directive::Upload::check_automake_vulnerabilities { } ftp_syslog debug => "DEBUG: " - ."tested negative for CVE-2009-4029 and CVE-2012-3386" - if DEBUG; + ."tested negative for CVE-2009-4029 and CVE-2012-3386"; } @@ -3525,8 +3509,7 @@ sub cleanup_dir { my $mtime = $stat[9]; if ($mtime < $time_bar) { # file older than one day ftp_syslog debug => "DEBUG: " - ."Removing $file, older than 24 hours (mtime: $mtime)" - if DEBUG; + ."Removing $file, older than 24 hours (mtime: $mtime)"; unlink $absbackup; # don't worry if it doesn't exist rename $absfile, $absbackup; } @@ -3547,8 +3530,7 @@ sub cleanup { for my $file (@_) { my $absfile = File::Spec->catfile($dir, $file); my $absbackup = File::Spec->catfile($dir, '.'.$file); - ftp_syslog debug => "DEBUG: cleaning up $dir/$file\n" - if (DEBUG > 1); + ftp_syslog debug => "DEBUG: cleaning up $dir/$file\n"; # if we quit early enough, they might not be there. next unless defined $file && -e $absfile; @@ -3682,7 +3664,7 @@ foreach my $packet (@packets) { # send it only to the internal inbox. mail $packet->auth_clearsigned_message, subject => 'debug: directive file contents' - if $packet->auth_clearsigned_message && DEBUG; + if $packet->auth_clearsigned_message; } if (ref $E) { diff --git a/testsuite/lib/tool/gatekeeper.exp b/testsuite/lib/tool/gatekeeper.exp index be14b71..3d8c208 100644 --- a/testsuite/lib/tool/gatekeeper.exp +++ b/testsuite/lib/tool/gatekeeper.exp @@ -796,6 +796,12 @@ proc analyze_log { base_dir name assess } { # from mail, recording outgoing message body exp_continue } + + -re {^gatekeeper\[[0-9]+\]: \(Test\)\ + DEBUG: cleaning up [^\r\n]+} { + # from cleanup, when removing a file + exp_continue + } } # -re {^gatekeeper\[[0-9]+\]: \(Test\)\ # } {