1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
|
#!/usr/bin/python3
from copy import copy, deepcopy
import configparser
import mysql.connector
import os
import pygit2
import re
import sys
import aurinfo
config = configparser.RawConfigParser()
config.read(os.path.dirname(os.path.realpath(__file__)) + "/../conf/config")
aur_db_host = config.get('database', 'host')
aur_db_name = config.get('database', 'name')
aur_db_user = config.get('database', 'user')
aur_db_pass = config.get('database', 'password')
aur_db_socket = config.get('database', 'socket')
repo_path = config.get('serve', 'repo-path')
repo_regex = config.get('serve', 'repo-regex')
def extract_arch_fields(pkginfo, field):
values = []
if field in pkginfo:
for val in pkginfo[field]:
values.append({"value": val, "arch": None})
for arch in ['i686', 'x86_64']:
if field + '_' + arch in pkginfo:
for val in pkginfo[field + '_' + arch]:
values.append({"value": val, "arch": arch})
return values
def save_srcinfo(srcinfo, db, cur, user):
# Obtain package base ID and previous maintainer.
pkgbase = srcinfo._pkgbase['pkgname']
cur.execute("SELECT ID, MaintainerUID FROM PackageBases "
"WHERE Name = %s", [pkgbase])
(pkgbase_id, maintainer_uid) = cur.fetchone()
was_orphan = not maintainer_uid
# Obtain the user ID of the new maintainer.
cur.execute("SELECT ID FROM Users WHERE Username = %s", [user])
user_id = int(cur.fetchone()[0])
# Update package base details and delete current packages.
cur.execute("UPDATE PackageBases SET ModifiedTS = UNIX_TIMESTAMP(), " +
"PackagerUID = %s, OutOfDateTS = NULL WHERE ID = %s",
[user_id, pkgbase_id])
cur.execute("UPDATE PackageBases SET MaintainerUID = %s " +
"WHERE ID = %s AND MaintainerUID IS NULL",
[user_id, pkgbase_id])
cur.execute("DELETE FROM Packages WHERE PackageBaseID = %s",
[pkgbase_id])
for pkgname in srcinfo.GetPackageNames():
pkginfo = srcinfo.GetMergedPackage(pkgname)
if 'epoch' in pkginfo and int(pkginfo['epoch']) > 0:
ver = '%d:%s-%s' % (int(pkginfo['epoch']), pkginfo['pkgver'],
pkginfo['pkgrel'])
else:
ver = '%s-%s' % (pkginfo['pkgver'], pkginfo['pkgrel'])
# Create a new package.
cur.execute("INSERT INTO Packages (PackageBaseID, Name, " +
"Version, Description, URL) " +
"VALUES (%s, %s, %s, %s, %s)",
[pkgbase_id, pkginfo['pkgname'], ver,
pkginfo['pkgdesc'], pkginfo['url']])
db.commit()
pkgid = cur.lastrowid
# Add package sources.
for source_info in extract_arch_fields(pkginfo, 'source'):
cur.execute("INSERT INTO PackageSources (PackageID, Source, " +
"SourceArch) VALUES (%s, %s, %s)",
[pkgid, source_info['value'], source_info['arch']])
# Add package dependencies.
for deptype in ('depends', 'makedepends',
'checkdepends', 'optdepends'):
cur.execute("SELECT ID FROM DependencyTypes WHERE Name = %s",
[deptype])
deptypeid = cur.fetchone()[0]
for dep_info in extract_arch_fields(pkginfo, deptype):
depname = re.sub(r'(<|=|>).*', '', dep_info['value'])
depcond = dep_info['value'][len(depname):]
deparch = dep_info['arch']
cur.execute("INSERT INTO PackageDepends (PackageID, " +
"DepTypeID, DepName, DepCondition, DepArch) " +
"VALUES (%s, %s, %s, %s, %s)",
[pkgid, deptypeid, depname, depcond, deparch])
# Add package relations (conflicts, provides, replaces).
for reltype in ('conflicts', 'provides', 'replaces'):
cur.execute("SELECT ID FROM RelationTypes WHERE Name = %s",
[reltype])
reltypeid = cur.fetchone()[0]
for rel_info in extract_arch_fields(pkginfo, reltype):
relname = re.sub(r'(<|=|>).*', '', rel_info['value'])
relcond = rel_info['value'][len(relname):]
relarch = rel_info['arch']
cur.execute("INSERT INTO PackageRelations (PackageID, " +
"RelTypeID, RelName, RelCondition, RelArch) " +
"VALUES (%s, %s, %s, %s, %s)",
[pkgid, reltypeid, relname, relcond, relarch])
# Add package licenses.
if 'license' in pkginfo:
for license in pkginfo['license']:
cur.execute("SELECT ID FROM Licenses WHERE Name = %s",
[license])
if cur.rowcount == 1:
licenseid = cur.fetchone()[0]
else:
cur.execute("INSERT INTO Licenses (Name) VALUES (%s)",
[license])
db.commit()
licenseid = cur.lastrowid
cur.execute("INSERT INTO PackageLicenses (PackageID, " +
"LicenseID) VALUES (%s, %s)",
[pkgid, licenseid])
# Add package groups.
if 'groups' in pkginfo:
for group in pkginfo['groups']:
cur.execute("SELECT ID FROM Groups WHERE Name = %s",
[group])
if cur.rowcount == 1:
groupid = cur.fetchone()[0]
else:
cur.execute("INSERT INTO Groups (Name) VALUES (%s)",
[group])
db.commit()
groupid = cur.lastrowid
cur.execute("INSERT INTO PackageGroups (PackageID, "
"GroupID) VALUES (%s, %s)", [pkgid, groupid])
# Add user to notification list on adoption.
if was_orphan:
cur.execute("INSERT INTO CommentNotify (PackageBaseID, UserID) " +
"VALUES (%s, %s)", [pkgbase_id, user_id])
db.commit()
def die(msg):
sys.stderr.write("error: %s\n" % (msg))
exit(1)
def die_commit(msg, commit):
sys.stderr.write("error: The following error " +
"occurred when parsing commit\n")
sys.stderr.write("error: %s:\n" % (commit))
sys.stderr.write("error: %s\n" % (msg))
exit(1)
if len(sys.argv) != 4:
die("invalid arguments")
refname = sys.argv[1]
sha1_old = sys.argv[2]
sha1_new = sys.argv[3]
user = os.environ.get("AUR_USER")
pkgbase = os.environ.get("AUR_PKGBASE")
if refname != "refs/heads/master":
die("pushing to a branch other than master is restricted")
repo = pygit2.Repository(repo_path)
walker = repo.walk(sha1_new, pygit2.GIT_SORT_TOPOLOGICAL)
if sha1_old != "0000000000000000000000000000000000000000":
walker.hide(sha1_old)
db = mysql.connector.connect(host=aur_db_host, user=aur_db_user,
passwd=aur_db_pass, db=aur_db_name,
unix_socket=aur_db_socket, buffered=True)
cur = db.cursor()
cur.execute("SELECT Name FROM PackageBlacklist")
blacklist = [row[0] for row in cur.fetchall()]
for commit in walker:
if not '.SRCINFO' in commit.tree:
die_commit("missing .SRCINFO", commit.id)
for treeobj in commit.tree:
blob = repo[treeobj.id]
if isinstance(blob, pygit2.Tree):
die_commit("the repository must not contain subdirectories",
commit.id)
if not isinstance(blob, pygit2.Blob):
die_commit("not a blob object: %s" % (treeobj), commit.id)
if blob.size > 250000:
die_commit("maximum blob size (250kB) exceeded", commit.id)
srcinfo_raw = repo[commit.tree['.SRCINFO'].id].data.decode()
srcinfo_raw = srcinfo_raw.split('\n')
ecatcher = aurinfo.CollectionECatcher()
srcinfo = aurinfo.ParseAurinfoFromIterable(srcinfo_raw, ecatcher)
errors = ecatcher.Errors()
if errors:
sys.stderr.write("error: The following errors occurred "
"when parsing .SRCINFO in commit\n")
sys.stderr.write("error: %s:\n" % (commit.id))
for error in errors:
sys.stderr.write("error: line %d: %s\n" % error)
exit(1)
srcinfo_pkgbase = srcinfo._pkgbase['pkgname']
if not re.match(repo_regex, srcinfo_pkgbase):
die_commit('invalid pkgbase: %s' % (srcinfo_pkgbase), commit.id)
for pkgname in srcinfo.GetPackageNames():
pkginfo = srcinfo.GetMergedPackage(pkgname)
for field in ('pkgver', 'pkgrel', 'pkgname', 'pkgdesc', 'url'):
if not field in pkginfo:
die_commit('missing mandatory field: %s' % (field), commit.id)
if 'epoch' in pkginfo and not pkginfo['epoch'].isdigit():
die_commit('invalid epoch: %s' % (pkginfo['epoch']), commit.id)
if not re.match(r'[a-z0-9][a-z0-9\.+_-]*$', pkginfo['pkgname']):
die_commit('invalid package name: %s' % (pkginfo['pkgname']),
commit.id)
if not re.match(r'(?:http|ftp)s?://.*', pkginfo['url']):
die_commit('invalid URL: %s' % (pkginfo['url']), commit.id)
for field in ('pkgname', 'pkgdesc', 'url'):
if len(pkginfo[field]) > 255:
die_commit('%s field too long: %s' % (field, pkginfo[field]),
commit.id)
for field in ('install', 'changelog'):
if field in pkginfo and not pkginfo[field] in commit.tree:
die_commit('missing %s file: %s' % (field, pkginfo[field]),
commit.id)
for field in extract_arch_fields(pkginfo, 'source'):
fname = field['value']
if "://" in fname or "lp:" in fname:
continue
if not fname in commit.tree:
die_commit('missing source file: %s' % (fname), commit.id)
srcinfo_raw = repo[repo[sha1_new].tree['.SRCINFO'].id].data.decode()
srcinfo_raw = srcinfo_raw.split('\n')
srcinfo = aurinfo.ParseAurinfoFromIterable(srcinfo_raw)
srcinfo_pkgbase = srcinfo._pkgbase['pkgname']
if srcinfo_pkgbase != pkgbase:
die('invalid pkgbase: %s' % (srcinfo_pkgbase))
pkgbase = srcinfo._pkgbase['pkgname']
cur.execute("SELECT ID FROM PackageBases WHERE Name = %s", [pkgbase])
pkgbase_id = cur.fetchone()[0]
for pkgname in srcinfo.GetPackageNames():
pkginfo = srcinfo.GetMergedPackage(pkgname)
pkgname = pkginfo['pkgname']
if pkgname in blacklist:
die('package is blacklisted: %s' % (pkginfo['pkgname']))
cur.execute("SELECT COUNT(*) FROM Packages WHERE Name = %s AND " +
"PackageBaseID <> %s", [pkgname, pkgbase_id])
if cur.fetchone()[0] > 0:
die('cannot overwrite package: %s' % (pkgname))
save_srcinfo(srcinfo, db, cur, user)
db.close()
|