From 20cd125946146141fcc2af4042588b0831440645 Mon Sep 17 00:00:00 2001 From: Jacob Bachmeyer Date: Thu, 23 Mar 2023 22:02:20 -0500 Subject: [PATCH] Refactor configuration as constants in the gatekeeper This commit also allows some parameters to be optional. --- gatekeeper.pl | 319 +++++++++++++++++++++++++------------------------- 1 file changed, 162 insertions(+), 157 deletions(-) diff --git a/gatekeeper.pl b/gatekeeper.pl index 75d11cb..c80a14f 100755 --- a/gatekeeper.pl +++ b/gatekeeper.pl @@ -169,7 +169,7 @@ Package configuration files are: =over -=item 1. $package_config_base/$package_name/pubring.gpg +=item 1. CONF_DIR_ConfigBase/$package_name/pubring.gpg GNUPG public keyring. For a given package, the directive file and file to be uploaded, must be signed with a key from the package's keyring. If a @@ -177,7 +177,7 @@ file is to be uploaded into a subdirectory of the package directory, the subdirectory in the package config directory will be checked for a pubring.gpg first, going up to the parent directory until a match is found. -=item 2. $package_config_base/$package_name/email +=item 2. CONF_DIR_ConfigBase/$package_name/email Email addresses that are sent mail when uploads succeed or fail for a given package. One email address per line. @@ -305,6 +305,22 @@ BEGIN { constant->import(LSOF_BIN => $LSOF_Bin); } + # declare variables used to initialize constants + my $c_Log_Tag = ''; # CONF_Log_Tag + my $c_Zone_Tag = ''; # CONF_Zone_Tag + my $c_Email_Blacklist; # CONF_Email_Blacklist + my $c_Email_MaintainerMap; # CONF_Email_Maintainers + my $c_Email_ArchiveBox; # CONF_Email_PublicArchive + my $c_Email_InternalBox; # CONF_Email_InternalArchive + my $c_Package_Config; # CONF_DIR_ConfigBase + my $c_Package_State; # CONF_DIR_State + my $c_dir_Inbox; # CONF_DIR_Inbox + my $c_dir_Scratch; # CONF_DIR_Scratch + my $c_dir_Stage; # CONF_DIR_Staging + my $c_dir_Public; # CONF_DIR_Public + my $c_dir_Archive; # CONF_DIR_Archive + my $c_Serials_FileName; # CONF_FILE_Serials + # Read the configuration file. unless ($want_help || $want_version) { # --help and --version should work even without a configuration file @@ -315,24 +331,24 @@ BEGIN { or die "gatekeeper: test mode: TEST_BASE_DIR not valid"; my $base = $1; # untainted - our $email_blacklist = File::Spec->catfile($base, 'email.blacklist'); - our $maintainers_bypkg = File::Spec->catfile($base, 'm.bypkg'); + $c_Email_Blacklist = File::Spec->catfile($base, 'email.blacklist'); + $c_Email_MaintainerMap = File::Spec->catfile($base, 'm.bypkg'); - our $Public_Upload_Archive_Inbox = 'ftp-upload-report@gnu.org'; - our $Internal_Report_Inbox = 'ftp-upload-script@gnu.org'; + $c_Email_ArchiveBox = 'ftp-upload-report@gnu.org'; + $c_Email_InternalBox = 'ftp-upload-script@gnu.org'; - our $zone_tag = 'ftp'; - our $Log_Tag = 'Test'; + $c_Zone_Tag = 'ftp'; + $c_Log_Tag = 'Test'; - our $package_config_base =File::Spec->catdir($base, 'packages'); - our $package_state_base = $base; - our $serials_name = 'serial.txt'; + $c_Package_Config =File::Spec->catdir($base, 'packages'); + $c_Package_State = $base; + $c_Serials_FileName = 'serial.txt'; - our $Inbox_dir = File::Spec->catdir($base, 'inbox'); - our $Scratch_dir = File::Spec->catdir($base, 'scratch'); - our $Stage_dir = File::Spec->catdir($base, 'stage'); - our $Public_dir = File::Spec->catdir($base, 'pub'); - our $Archive_dir = File::Spec->catdir($base, 'archive'); + $c_dir_Inbox = File::Spec->catdir($base, 'inbox'); + $c_dir_Scratch = File::Spec->catdir($base, 'scratch'); + $c_dir_Stage = File::Spec->catdir($base, 'stage'); + $c_dir_Public = File::Spec->catdir($base, 'pub'); + $c_dir_Archive = File::Spec->catdir($base, 'archive'); } else { # load configuration from file my @zonelist = (); my %ZoneConfig = (); @@ -373,80 +389,72 @@ BEGIN { .join(' ', 'gatekeeper: known zones:', @zonelist)."\n"; } - our $email_blacklist = $EmailConfig{blacklist}; - our $maintainers_bypkg = $EmailConfig{maintainermap}; + $c_Email_Blacklist = $EmailConfig{blacklist}; + $c_Email_MaintainerMap = $EmailConfig{maintainermap}; - our $Public_Upload_Archive_Inbox = $EmailConfig{archivebox}; - our $Internal_Report_Inbox = $EmailConfig{internalbox}; + $c_Email_ArchiveBox = $EmailConfig{archivebox}; + $c_Email_InternalBox = $EmailConfig{internalbox}; - our $zone_tag = $ZoneConfig{tag} || $Zone || 'upload'; - our $Log_Tag = $ZoneConfig{logtag} || ucfirst $Zone || 'Upload'; + $c_Zone_Tag = $ZoneConfig{tag} || $Zone || 'upload'; + $c_Log_Tag = $ZoneConfig{logtag} || ucfirst $Zone || 'Upload'; - our $package_config_base = $ZoneConfig{pkgconfdir}; - our $package_state_base = $ZoneConfig{pkgstatedir}; - our $serials_name = $ZoneConfig{serials}; + $c_Package_Config = $ZoneConfig{pkgconfdir}; + $c_Package_State = $ZoneConfig{pkgstatedir}; + $c_Serials_FileName = $ZoneConfig{serials}; - our $Inbox_dir = $ZoneConfig{inboxdir}; - our $Scratch_dir = $ZoneConfig{scratchdir}; - our $Stage_dir = $ZoneConfig{stagedir}; - our $Public_dir = $ZoneConfig{publicdir}; - our $Archive_dir = $ZoneConfig{archivedir}; + $c_dir_Inbox = $ZoneConfig{inboxdir}; + $c_dir_Scratch = $ZoneConfig{scratchdir}; + $c_dir_Stage = $ZoneConfig{stagedir}; + $c_dir_Public = $ZoneConfig{publicdir}; + $c_dir_Archive = $ZoneConfig{archivedir}; } if ($CheckConfigurationParse) { - our $email_blacklist; our $maintainers_bypkg; - our $Public_Upload_Archive_Inbox; our $Internal_Report_Inbox; - our $zone_tag; our $Log_Tag; our $serials_name; - our $package_config_base; our $package_state_base; - our $Inbox_dir; our $Scratch_dir; - our $Stage_dir; our $Public_dir; our $Archive_dir; - if ($Zone) { print "# gatekeeper configuration as parsed for zone $Zone:\n\n"; } else { print "# gatekeeper configuration as parsed:\n\n"; } print "[zone.$Zone]\n" if $Zone; - foreach my $item ([tag => $zone_tag], [logtag => $Log_Tag], - [pkgconfdir => $package_config_base], - [pkgstatedir => $package_state_base], - [serials => $serials_name], - [inboxdir => $Inbox_dir], [scratchdir => $Scratch_dir], - [stagedir => $Stage_dir], [publicdir => $Public_dir], - [archivedir => $Archive_dir]) + foreach my $item ([tag => $c_Zone_Tag], [logtag => $c_Log_Tag], + [pkgconfdir => $c_Package_Config], + [pkgstatedir => $c_Package_State], + [serials => $c_Serials_FileName], + [inboxdir => $c_dir_Inbox], + [scratchdir => $c_dir_Scratch], + [stagedir => $c_dir_Stage], + [publicdir => $c_dir_Public], + [archivedir => $c_dir_Archive]) { print $item->[0],' = ',$item->[1],"\n" if $item->[1] } - if ($email_blacklist || $maintainers_bypkg - || $Public_Upload_Archive_Inbox || $Internal_Report_Inbox) { + if ($c_Email_Blacklist || $c_Email_MaintainerMap + || $c_Email_ArchiveBox || $c_Email_InternalBox) { print "\n[email]\n"; - print "blacklist = $email_blacklist\n" if $email_blacklist; - print "maintainermap = $maintainers_bypkg\n" if $maintainers_bypkg; + print "blacklist = $c_Email_Blacklist\n" + if $c_Email_Blacklist; + print "maintainermap = $c_Email_MaintainerMap\n" + if $c_Email_MaintainerMap; print "\n" - if ($email_blacklist || $maintainers_bypkg) - && ($Public_Upload_Archive_Inbox || $Internal_Report_Inbox); - print "archivebox = $Public_Upload_Archive_Inbox\n" - if $Public_Upload_Archive_Inbox; - print "internalbox = $Internal_Report_Inbox\n" - if $Internal_Report_Inbox; + if ($c_Email_Blacklist || $c_Email_MaintainerMap) + && ($c_Email_ArchiveBox || $c_Email_InternalBox); + print "archivebox = $c_Email_ArchiveBox\n" + if $c_Email_ArchiveBox; + print "internalbox = $c_Email_InternalBox\n" + if $c_Email_InternalBox; } print "\n# END\n"; } # Verify that all required configuration parameters are set { - our $email_blacklist; our $maintainers_bypkg; - our $Public_Upload_Archive_Inbox; our $Internal_Report_Inbox; - our $zone_tag; our $Log_Tag; our $serials_path; - our $package_config_base; our $package_state_base; - our $Inbox_dir; our $Scratch_dir; - our $Stage_dir; our $Public_dir; our $Archive_dir; - my $ok = 1; - foreach my $item ([pkgconfdir => $package_config_base], - [pkgstatedir => $package_state_base], - [inboxdir => $Inbox_dir], [scratchdir => $Scratch_dir], - [stagedir => $Stage_dir], [publicdir => $Public_dir], - [archivedir => $Archive_dir]) { + foreach my $item ([pkgconfdir => $c_Package_Config], + [pkgstatedir => $c_Package_State], + [inboxdir => $c_dir_Inbox], + [scratchdir => $c_dir_Scratch], + [stagedir => $c_dir_Stage], + [publicdir => $c_dir_Public], + [archivedir => $c_dir_Archive]) { unless ($item->[1]) { $ok = 0; print "gatekeeper: configuration parameter not set: $item->[0]\n"; @@ -460,6 +468,24 @@ BEGIN { exit 0 if $CheckConfigurationParse; } # end of configuration handling skipped for --help and --version + + constant->import(CONF_Log_Tag => $c_Log_Tag); + constant->import(CONF_Zone_Tag => $c_Zone_Tag); + + constant->import(CONF_Email_Blacklist => $c_Email_Blacklist); + constant->import(CONF_Email_Maintainers => $c_Email_MaintainerMap || ''); + constant->import(CONF_Email_PublicArchive => $c_Email_ArchiveBox); + constant->import(CONF_Email_InternalArchive => $c_Email_InternalBox); + + constant->import(CONF_DIR_ConfigBase => $c_Package_Config); + constant->import(CONF_DIR_State => $c_Package_State); + constant->import(CONF_DIR_Inbox => $c_dir_Inbox); + constant->import(CONF_DIR_Scratch => $c_dir_Scratch); + constant->import(CONF_DIR_Staging => $c_dir_Stage); + constant->import(CONF_DIR_Public => $c_dir_Public); + constant->import(CONF_DIR_Archive => $c_dir_Archive); + + constant->import(CONF_FILE_Serials => $c_Serials_FileName); } if (WANT_VERSION) { @@ -473,12 +499,6 @@ if (WANT_VERSION) { pod2usage(-verbose => 1, -exitval => 0) if WANT_HELP; -# temporary scaffolding -our $zone_tag; -our $package_config_base; -our $email_blacklist; -our $maintainers_bypkg; - # syslog destination use constant SYSLOG_APP_IDENT => 'gatekeeper'; use constant SYSLOG_FACILITY => 'LOCAL5'; @@ -545,7 +565,7 @@ sub ftp_syslog($$) { my $severity = shift; my $message = shift; - our $Log_Tag; our $Phase; + our $Phase; # Remove a trailing newline $message =~ s/[\r\n]+$//; @@ -556,7 +576,7 @@ sub ftp_syslog($$) { $message = '['.$Phase.'] '.$message if defined $Phase; # Prepend the zone indicator log tag - $message = '('.$Log_Tag.') '.$message; + $message = '('.CONF_Log_Tag.') '.$message; # The syslog function is pretty picky, and (sometimes) dies silently # when using non-valid syslog priorities. @@ -763,21 +783,18 @@ BEGIN { # # Use abort here - these errors should "never" happen. { - our $Inbox_dir; our $Scratch_dir; - our $Stage_dir; our $Public_dir; our $Archive_dir; - # The actual archive directory will be created if necessary, but we # require its immediate parent to exist and will test moving a file there # instead if the archive directory does not already exist. my $archive_test_dir; - if (-d $Archive_dir) { $archive_test_dir = $Archive_dir } - else { # effectively `dirname $Archive_dir` - my @archive_dir = File::Spec->splitdir($Archive_dir); pop @archive_dir; + if (-d CONF_DIR_Archive) { $archive_test_dir = CONF_DIR_Archive } + else { # effectively `dirname CONF_DIR_Archive` + my @archive_dir = File::Spec->splitdir(CONF_DIR_Archive); pop @archive_dir; $archive_test_dir = File::Spec->catdir(@archive_dir); } - for my $dir ($package_config_base, $Inbox_dir, $Scratch_dir, - $Public_dir, $Stage_dir, $archive_test_dir) { + for my $dir (CONF_DIR_ConfigBase, CONF_DIR_Inbox, CONF_DIR_Scratch, + CONF_DIR_Public, CONF_DIR_Staging, $archive_test_dir) { abort "FATAL: configuration problem, $dir is not a directory" unless -d $dir; } @@ -787,10 +804,10 @@ BEGIN { my $testfilename = '.+gatekeeper.test.'.$$.strftime '.{%Y-%m-%d.%H-%M-%S}', localtime; - my $infile = File::Spec->catfile($Inbox_dir, $testfilename); - my $scratchfile = File::Spec->catfile($Scratch_dir, $testfilename); - my $stagefile = File::Spec->catfile($Stage_dir, $testfilename); - my $pubfile = File::Spec->catfile($Public_dir, $testfilename); + my $infile = File::Spec->catfile(CONF_DIR_Inbox, $testfilename); + my $scratchfile = File::Spec->catfile(CONF_DIR_Scratch, $testfilename); + my $stagefile = File::Spec->catfile(CONF_DIR_Staging, $testfilename); + my $pubfile = File::Spec->catfile(CONF_DIR_Public, $testfilename); my $arcfile = File::Spec->catfile($archive_test_dir, $testfilename); # none of them should exist at the start of the test @@ -1026,7 +1043,7 @@ sub keyidx_attach { return if tied %KeyIndex; # already attached? - my $dbstem = File::Spec->catfile($package_config_base, KEYIDX_NAME); + my $dbstem = File::Spec->catfile(CONF_DIR_ConfigBase, KEYIDX_NAME); open KEYIDXLOCK, '+>', $dbstem.'.flag' or die "open key index lock file: $!"; @@ -1136,7 +1153,7 @@ sub keyidx_locate { my @directories = map _keyidx_get('Df'.uc), grep defined, @_; return map File::Spec->catfile - ($package_config_base, File::Spec::Unix->splitdir($_), 'pubring.gpg'), + (CONF_DIR_ConfigBase, File::Spec::Unix->splitdir($_), 'pubring.gpg'), @directories; } @@ -1187,8 +1204,8 @@ sub directory_configuration_files { @directory; pop @directory) { push @candidates, File::Spec->catfile - ($package_config_base, @directory, $file) } - push @candidates, File::Spec->catfile($package_config_base, $file); + (CONF_DIR_ConfigBase, @directory, $file) } + push @candidates, File::Spec->catfile(CONF_DIR_ConfigBase, $file); return grep -f $_ && -r _ && -s _, @candidates; } @@ -1242,11 +1259,13 @@ sub directory_email_addresses { close EMAIL_FILE or warn "close($file) failed: $!"; } + return @addresses unless CONF_Email_Maintainers; + # Now also look for all maintainer addresses in the maintainers.bypkg file my $needle = $package_name.' - '; my $nlen = length $needle; - open EMAIL_FILE, '<', $maintainers_bypkg - or abort "open($maintainers_bypkg) failed: $!"; + open EMAIL_FILE, '<', CONF_Email_Maintainers + or abort "open(".CONF_Email_Maintainers.") failed: $!"; while () { chomp; next unless $needle eq substr $_,0,$nlen; # find the line for this package @@ -1254,7 +1273,7 @@ sub directory_email_addresses { pos = $nlen; push @addresses, $1 while m/\G[^<]*<([^@]+[@][^>]+)>/g; } - close EMAIL_FILE or warn "close($maintainers_bypkg) failed: $!"; + close EMAIL_FILE or warn "close(".CONF_Email_Maintainers.") failed: $!"; return @addresses; } @@ -1931,14 +1950,14 @@ sub validate_directive { # Configuration must exist for the package throw unknown_package => package_name => $op_header->{package} - unless -d File::Spec->catdir($package_config_base, $op_header->{package}); + unless -d File::Spec->catdir(CONF_DIR_ConfigBase, $op_header->{package}); # While per-directory email lists are now supported, the per-package list # is still required to be present. throw package_configuration => package_name => $op_header->{package}, summary => 'no email list for package '.$op_header->{package} unless -f File::Spec->catfile - ($package_config_base, $op_header->{package}, 'email'); + (CONF_DIR_ConfigBase, $op_header->{package}, 'email'); # Check that we actually have at least one command in the directive unless ($#$ops > 0) { @@ -2380,10 +2399,8 @@ sub advance_timestamp_ratchet { my $full_filename = shift; my $new_epoch = shift; - # scaffolding - our $package_state_base; our $serials_name; - return unless defined $serials_name; - my $serials_path = File::Spec->catfile($package_state_base, $serials_name); + return unless defined CONF_FILE_Serials; + my $serials_path = File::Spec->catfile(CONF_DIR_State, CONF_FILE_Serials); # Now we need to flock the our 'serials' file; # verify the epoch value there/update it, etc. @@ -2571,31 +2588,29 @@ sub archive_filepair { my $directory_list = shift; my $filename = shift; - our $Public_dir; our $Archive_dir; - my $pubfilename = File::Spec::Unix->catfile(@$directory_list, $filename); my $abspubfilename = - File::Spec->catfile($Public_dir, @$directory_list, $filename); + File::Spec->catfile(CONF_DIR_Public, @$directory_list, $filename); my $abspubsigname = - File::Spec->catfile($Public_dir, @$directory_list, $filename.'.sig'); + File::Spec->catfile(CONF_DIR_Public, @$directory_list, $filename.'.sig'); throw processing_error => command => [archive => $filename], summary => $pubfilename.' does not exist - can not archive' unless -e $abspubfilename; - mkdir_p $Archive_dir, @$directory_list; + mkdir_p CONF_DIR_Archive, @$directory_list; my $timestamp = strftime '%Y-%m-%d_%H-%M-%S', localtime; my $unique = -1; my $absarcfilename; my $absarcsigname; my $arcfilename; do { $arcfilename = $timestamp.(++$unique ? "_$unique" : '').'_'.$filename; - $absarcfilename = - File::Spec->catfile($Archive_dir, @$directory_list, $arcfilename); - $absarcsigname = - File::Spec->catfile($Archive_dir, @$directory_list, $arcfilename.'.sig'); + $absarcfilename = File::Spec->catfile + (CONF_DIR_Archive, @$directory_list, $arcfilename); + $absarcsigname = File::Spec->catfile + (CONF_DIR_Archive, @$directory_list, $arcfilename.'.sig'); } while (!sysopen(ARCSTAMP, - File::Spec->catfile($Archive_dir, @$directory_list, + File::Spec->catfile(CONF_DIR_Archive, @$directory_list, $arcfilename.'.arcstamp'), O_WRONLY|O_CREAT|O_EXCL)); @@ -2649,23 +2664,21 @@ sub execute_install { my $step = shift; # [ install => $filename ] my $staged_filename = shift; - our $Stage_dir; our $Public_dir; - my $install_as = $step->[1]; my $upload_file = $staged_filename; my $sig_file = $staged_filename.'.sig'; - my $stage_upload = File::Spec->catfile($Stage_dir, $upload_file); - my $stage_signature = File::Spec->catfile($Stage_dir, $sig_file); + my $stage_upload = File::Spec->catfile(CONF_DIR_Staging, $upload_file); + my $stage_signature = File::Spec->catfile(CONF_DIR_Staging, $sig_file); my $pubfinal = File::Spec::Unix->catfile(pub => @$directory, $install_as); my $final_upload = File::Spec->catfile - ($Public_dir, @$directory, $install_as); + (CONF_DIR_Public, @$directory, $install_as); my $final_signature = File::Spec->catfile - ($Public_dir, @$directory, $install_as.'.sig'); + (CONF_DIR_Public, @$directory, $install_as.'.sig'); - mkdir_p $Public_dir, @$directory; + mkdir_p CONF_DIR_Public, @$directory; # We now allow overwriting of files - without warning!! if (-e $final_signature || -e $final_upload) { @@ -2695,12 +2708,10 @@ sub execute_symlink { my $directory = shift; my $step = shift; # [ symlink => $target, $linkname ] - our $Public_dir; - my $target = $step->[1]; my $linkname = $step->[2]; my $abslinkname = - File::Spec->catfile($Public_dir, @$directory, $linkname); + File::Spec->catfile(CONF_DIR_Public, @$directory, $linkname); my $pubdirectory = File::Spec::Unix->catdir(@$directory); # if the symlink already exists, remove it @@ -2730,10 +2741,8 @@ sub execute_rmsymlink { my $directory = shift; my $step = shift; # [ rmsymlink => $linkname ] - our $Public_dir; - my $abslinkname = - File::Spec->catfile($Public_dir, @$directory, $step->[1]); + File::Spec->catfile(CONF_DIR_Public, @$directory, $step->[1]); throw processing_error => command => $step, summary => "symlink $step->[1] was not found" @@ -2796,9 +2805,7 @@ sub mail { $args{subject} = 'generic failure' unless $args{subject}; - our $Internal_Report_Inbox; - - my @email_list = ($Internal_Report_Inbox); + my @email_list = (CONF_Email_InternalArchive); # Some messages should be sent to the user, some should not @email_list = @{$args{to}} if defined $args{to}; @@ -2811,22 +2818,28 @@ sub mail { # the script maintainer anyway. ftp_syslog info => "No uploader e-mail address(es) to report this error to!"; - @email_list = ($Internal_Report_Inbox); + @email_list = (CONF_Email_InternalArchive); } + # If an internal archive is not configured, there will be an undefined + # value in the address list. Remove it. + @email_list = grep defined, @email_list; + my $sender = 'ftp-upload-script@gnu.org'; $sender = 'ftp-upload@gnu.org' if defined $args{to}; # We really want replies to go to the ftp-upload queue - @email_list = exclude_mail_blacklist($email_blacklist, @email_list); + @email_list = exclude_mail_blacklist(CONF_Email_Blacklist, @email_list) + if CONF_Email_Blacklist; - $args{subject} = "[$zone_tag gnu-ftp-upload] $args{subject}"; + $args{subject} = "[".CONF_Zone_Tag." gnu-ftp-upload] $args{subject}"; # Wrap message at 78 characters, this is e-mail... local $Text::Wrap::columns = 78; sendmail($sender, - [$Internal_Report_Inbox, @email_list], + [CONF_Email_InternalArchive ? CONF_Email_InternalArchive : (), + @email_list], [[To => join ', ', @email_list], [From => $sender], [Date => strftime("%a, %e %b %Y %H:%M:%S %z", localtime)], @@ -2849,14 +2862,14 @@ sub report_upload_to_archive { my $msg = shift; my $package_name = shift; - our $Public_Upload_Archive_Inbox; + return unless CONF_Email_PublicArchive; sendmail('ftp-upload-script@gnu.org', - [$Public_Upload_Archive_Inbox], - [[To => $Public_Upload_Archive_Inbox], + [CONF_Email_PublicArchive], + [[To => CONF_Email_PublicArchive], [From => 'ftp-upload-script@gnu.org'], [Date => strftime("%a, %e %b %Y %H:%M:%S %z", localtime)], - [Subject => ("[$zone_tag gnu-ftp-debug] " + [Subject => ("[".CONF_Zone_Tag." gnu-ftp-debug] " ."new upload processed: $package_name")], ['Reply-To' => 'ftp-upload@gnu.org'], ['Message-ID'=> Email::MessageID->new->in_brackets], @@ -2917,8 +2930,7 @@ renamed to have a leading dot. =cut sub cleanup { - our $Inbox_dir; our $Scratch_dir; our $Stage_dir; - for my $dir ($Inbox_dir, $Scratch_dir, $Stage_dir) { + for my $dir (CONF_DIR_Inbox, CONF_DIR_Scratch, CONF_DIR_Staging) { for my $file (@_) { my $absfile = File::Spec->catfile($dir, $file); my $absbackup = File::Spec->catfile($dir, '.'.$file); @@ -2945,8 +2957,7 @@ our $Phase; my @packets; { local $Phase = 'SC'; - our $Inbox_dir; our $Scratch_dir; - @packets = gather_packets($Inbox_dir, $Scratch_dir); + @packets = gather_packets(CONF_DIR_Inbox, CONF_DIR_Scratch); } foreach my $packet (@packets) { # each list element is an array reference @@ -2972,12 +2983,10 @@ foreach my $packet (@packets) { # each list element is an array reference } eval { # trap exceptions encountered while processing a packet - our $Scratch_dir; our $Stage_dir; our $Public_dir; - local $Phase = 'PS'; $directive_text = slurp_clearsigned_message - (File::Spec->catfile($Scratch_dir, $packet->[0])); + (File::Spec->catfile(CONF_DIR_Scratch, $packet->[0])); # This would imply that the directive file did not contain a signed # message. There is nothing further to do. @@ -3020,8 +3029,8 @@ foreach my $packet (@packets) { # each list element is an array reference # There is a file associated with this upload; verify its signature now. $fsig_info = verify_detached_signature - (File::Spec->catfile($Scratch_dir, $op_header->{filename}), - File::Spec->catfile($Scratch_dir, $op_header->{filename}.'.sig'), + (File::Spec->catfile(CONF_DIR_Scratch, $op_header->{filename}), + File::Spec->catfile(CONF_DIR_Scratch, $op_header->{filename}.'.sig'), @keyrings); throw signature_error => sig_info => $fsig_info, @@ -3039,7 +3048,7 @@ foreach my $packet (@packets) { # each list element is an array reference # If the upload carries a file, check it for known Automake CVE issues. check_automake_vulnerabilities - (File::Spec->catfile($Scratch_dir, $op_header->{filename})) + (File::Spec->catfile(CONF_DIR_Scratch, $op_header->{filename})) if find_directive_elements($directive, 'filename'); # If the upload installs a file, check if the final file exists; if so, @@ -3051,9 +3060,9 @@ foreach my $packet (@packets) { # each list element is an array reference my $pubfinal = File::Spec::Unix->catfile (pub => @directory, $install_as); my $final_upload = File::Spec->catfile - ($Public_dir, @directory, $install_as); + (CONF_DIR_Public, @directory, $install_as); my $final_signature = File::Spec->catfile - ($Public_dir, @directory, $install_as.'.sig'); + (CONF_DIR_Public, @directory, $install_as.'.sig'); if (-e $final_signature || -e $final_upload) { unless ($op_header->{options}{replace}) { @@ -3070,9 +3079,10 @@ foreach my $packet (@packets) { # each list element is an array reference # If the upload carries a file, transfer (with signature) to staging area. if (find_directive_elements($directive, 'filename')) { - # Do we need a subdirectory on $Stage_dir as well? Can't quite + # Do we need a subdirectory on CONF_DIR_Staging as well? Can't quite # picture when we'd have a collision, so skip that for now. - move_filepair($Scratch_dir, $op_header->{filename}, $Stage_dir); + move_filepair + (CONF_DIR_Scratch, $op_header->{filename}, CONF_DIR_Staging); } foreach my $step (@{$oplist}[1..$#$oplist]) { # skip the header @@ -3100,7 +3110,6 @@ foreach my $packet (@packets) { # each list element is an array reference if ($complete) { local $Phase = 'RP'; - our $Scratch_dir; # Phone home. E-mail the contents of the directive file to the public # archive list. @@ -3127,7 +3136,7 @@ foreach my $packet (@packets) { # each list element is an array reference } # unlink the directive file - unlink File::Spec->catfile($Scratch_dir, $directive_file) + unlink File::Spec->catfile(CONF_DIR_Scratch, $directive_file) or warn "unlink($directive_file) failed: $!"; } else { local $Phase = 'RP'; @@ -3233,14 +3242,10 @@ if ((scalar @packets) == 0) { ftp_syslog info => "Updated ftpindex"; } -{ - our $Inbox_dir; our $Scratch_dir; - - # Clean up the inbox directory and the scratch directory by removing - # files older than a day - cleanup_dir($Inbox_dir); - cleanup_dir($Scratch_dir); -} +# Clean up the inbox directory and the scratch directory by removing +# files older than a day +cleanup_dir(CONF_DIR_Inbox); +cleanup_dir(CONF_DIR_Scratch); exit 0; -- 2.25.1