diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-01-02 13:15:46 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-01-02 13:15:46 +0200 |
commit | c8b326ef70fbfc06483ae249219a1d4ab09c8bfe (patch) | |
tree | a2d9e70949e357426e7c3088e1aa258b3a5dc45a /doc | |
parent | e9ac07640150f7aac1805d1447e6b712464d1b48 (diff) | |
download | wydawca-c8b326ef70fbfc06483ae249219a1d4ab09c8bfe.tar.gz wydawca-c8b326ef70fbfc06483ae249219a1d4ab09c8bfe.tar.bz2 |
Implement distribution tarball checking.
* src/config.c (event_args): New event "check-failure"
(event_types): New event type ev_check_fail.
(spool_kw,wydawca_kw): New keyword check-script.
* src/directive.c (save_script)
(stderr_redirector,run_check_script): New functions.
(external_check): New function.
(process_directives): Call external_check before actually
moving the files.
* src/gpg.c (homedir): Rename to temp_homedir, now global.
* src/net.c (trim_crlf): Remove static qualifier.
* src/triplet.c (hash_triplet_free): Free check_diag.
(expand_triplet_full,expand_triplet_upload)
(expand_triplet_sig,expand_triplet_directive): Rename to
expand_triplet_ls_full,expand_triplet_ls_upload,
expand_triplet_ls_sig,expand_triplet_ls_directive, correspondigly.
(expand_check_diagn,expand_check_result)
(expand_triplet_dist,expand_triplet_sig)
(expand_triplet_dir): New functions.
(triplet_meta): Renames:
triplet:full => triplet:ls:full
triplet:upload => triplet:ls:upload
triplet:dist => triplet:ls:dist
triplet:sig => triplet:ls:sig
triplet:dir => triplet:ls:dir
New keywords: triplet:dist, triplet:sig, triplet:dir,
check:result, check:diagn.
* src/wydawca.c (default_check_script): New global.
(stat_name): New statistics counter "check failures".
* src/wydawca.h (struct file_triplet): New members
check_result, check_diag.
(struct spool): New member check_script.
(wydawca_stat): New value STAT_CHECK_FAIL.
(notification_event): New value ev_check_fail.
(default_check_script, temp_homedir): New externs.
(concat_dir, copy_file, trim_crlf): New protos.
* doc/wydawca.texi: Update.
* configure.ac, NEWS: Version 2.0.90
Diffstat (limited to 'doc')
-rw-r--r-- | doc/wydawca.texi | 151 |
1 files changed, 138 insertions, 13 deletions
diff --git a/doc/wydawca.texi b/doc/wydawca.texi index 41307fb..88c2e6c 100644 --- a/doc/wydawca.texi +++ b/doc/wydawca.texi @@ -490,6 +490,7 @@ directives any time by running @command{wydawca --config-help}. * dictionaries:: * archivation:: * spool:: +* verification:: * statistics:: * notification:: @end menu @@ -1831,6 +1832,113 @@ spool ftp @{ @end group @end smallexample +@node verification +@section Distribution Verification +@cindex verification +@cindex distribution verification + +After the submission has been verified, @command{wydawca} may also run +an additional check to verify whether the main file (normally, +a tarball) is OK to be distributed. To set up such @dfn{distribution +verification}, add the following statement either in the global scope, +or within a @samp{spool} declaration: + +@deffn {Config} check-script @var{text} +@deffnx {Config:spool} check-script @var{text} +Define the distribution verification script. The @var{text} must +be a valid @file{sh} program. It is executed without arguments, +in a temporary directory which contains a copy of the main +distribution file. The script can refer to the following environment +variables: + +@defvr {Check Environment} WYDAWCA_SPOOL +Spool tag. +@end defvr + +@defvr {Check Environment} WYDAWCA_SOURCE +Spool source directory, as set by the @code{source} statement +(@pxref{spool,,tag}). +@end defvr + +@defvr {Check Environment} WYDAWCA_DEST +Spool destination directory (@pxref{spool,,destination}). +@end defvr + +@defvr {Check Environment} WYDAWCA_URL +Spool @acronym{URL} (@pxref{spool,,url}). +@end defvr + +@defvr {Check Environment} WYDAWCA_TRIPLET_BASE +Base name of the triplet. +@end defvr + +@defvr {Check Environment} WYDAWCA_DIST_FILE +File name of the main distribution file. +@end defvr + +Apart from these, the script inherits @command{wydawca} environment. + +The submission is accepted only if the script returns 0. Otherwise, +it is rejected and the @samp{check-failure} event (@pxref{event +notification}) is generated. + +In case of non-zero return, the script may return additional +diagnostics on the standard output. This diagnostics will be +available for use in notification messages via the @samp{check:diagn} +meta-variable. + +Additionally, the actual return code of the script, in decimal, is +available in the @samp{check:result} meta-variable. If the script +terminates on a signal, the value of this variable is +@samp{SIG+@var{n}}, where @var{n} is the signal number. +@end deffn + + If both global and spool @samp{check-script}s are defined, +@command{wydawca} executes both scripts as if they were connected +by a logical @samp{&&}, i.e. per-spool script is executed only if +the global one returned success (@samp{0}). The submission is accepted +only if both scripts returned @samp{0}. + + Since the script usually contains several lines, the +@samp{config-script} value is usually supplied using a here-document +construct (@pxref{here-document}). + + The following example illustrates the use of @samp{config-script} to +catch possible security holes in the distributed @file{Makefile.in} +files@footnote{See +@uref{http://article.gmane.org/gmane.comp.sysutils.autotools.announce/131}.} + +@smallexample + check-script <<EOT +case $@{WYDAWCA_DIST_FILE@} in +*.tar|*.tar.*) + if tar -xOf $@{WYDAWCA_DIST_FILE@} --occurrence=1 \ + --wildcards --no-wildcards-match-slash '*/Makefile.in' | \ + grep -q 'perm -777'; then + fmt <<_EOF_ +The top-level Makefile.in in $@{WYDAWCA_DIST_FILE@} changes mode of +all the directories below the build tree to 777 before creating +the tarball. This constitutes a security hole (see CVE-2009-4029[1], +for more details). + +Please, rebuild the package using a newer Automake (v. 1.11.2 or newer) +and resubmit. +_EOF_ + cat <<_EOF_ +-- +[1] http://article.gmane.org/gmane.comp.sysutils.autotools.announce/131 +_EOF_ + exit 1 + fi + ;; +*) + ;; +esac + +exit 0 +EOT; +@end smallexample + @node statistics @section Statistics @cindex statistics @@ -2363,6 +2471,11 @@ uploader. @item bad-detached-signature The detached signature does not match the public key of the uploader. + +@kwindex check-failure +@item check-failure + Distribution verification failed. @xref{verification}, for a +detailed description. @end table @end deffn @@ -2444,25 +2557,31 @@ root) where the files where uploaded. @item dest-dir @tab Value of the @code{destination} keyword. @kwindex source-dir @item source-dir @tab Value of the @code{source} keyword. -@kwindex triplet:full -@item triplet:full @tab A full listing of the uploaded +@kwindex triplet:dist +@item triplet:dist @tab File name of the main distribution file. +@kwindex triplet:sig +@item triplet:sig @tab File name of the detached signature file. +@kwindex triplet:dir +@item triplet:dir @tab File name of the directive file. +@kwindex triplet:ls:full +@item triplet:ls:full @tab A full listing of the uploaded triplet@footnote{It is equivalent to: @smallexample @group -$@{triplet:dist@} -$@{triplet:sig@} -$@{triplet:dir@} +$@{triplet:ls:dist@} +$@{triplet:ls:sig@} +$@{triplet:ls:dir@} @end group @end smallexample }. -@kwindex triplet:upload +@kwindex triplet:ls:upload @item triplet:upload @tab Listing of the uploaded files (see below). @kwindex triplet:dist -@item triplet:dist @tab Listing of the main distribution file (see below). -@kwindex triplet:sig -@item triplet:sig @tab Listing of the detached signature file (see below). -@kwindex triplet:dir -@item triplet:dir @tab Listing of the directive file (see below). +@item triplet:ls:dist @tab Listing of the main distribution file (see below). +@kwindex triplet:ls:sig +@item triplet:ls:sig @tab Listing of the detached signature file (see below). +@kwindex triplet:ls:dir +@item triplet:ls:dir @tab Listing of the directive file (see below). @kwindex user @item user @tab System name of the user who uploaded the triplet. @kwindex user:name @@ -2471,6 +2590,12 @@ $@{triplet:dir@} @item user:real-name @tab Real name of the user who uploaded the triplet. @kwindex user:email @item user:email @tab Email of the user who uploaded the triplet. +@kwindex check:result +@item check:result @tab Code returned by external checker, in +decimal. @xref{verification,,check:result}, for a detailed description. +@kwindex check:diagn +@item check:diagn @tab Diagnostics text returned by external +checker. @xref{verification}, for a detailed description. @end multitable @cindex timers @@ -2509,7 +2634,7 @@ processing this spool. @dfn{Listings} referred to in the table above, are similar to those produced by @code{ls} command, and include information on file permissions, ownership, size and modification date. For -example, here is a possible @code{$@{triplet:full@}} listing: +example, here is a possible @code{$@{triplet:ls:full@}} listing: @smallexample -rw-r--r-- gray users 2707278 2007-09-06 22:14:35 tar-1.18.tar.gz @@ -2531,7 +2656,7 @@ Subject: Upload of $@{project@} successful Upload of $@{project@} to $@{url@}/$@{dir@} finished successfully. Files uploaded: -$@{triplet:upload@} +$@{triplet:ls:upload@} Resource usage: $@{timer:triplet:real@}/$@{timer:wydawca:real@}r \ $@{timer:triplet:user@}/$@{timer:wydawca:user@}u \ |