|
1389
by Kees Cook
SiS changes URL scraper |
1 |
#!/usr/bin/env python
|
|
12679
by Marc Deslauriers
sis-changes: handle .asc files |
2 |
# Copyright 2007-2017, Canonical, Ltd.
|
|
1389
by Kees Cook
SiS changes URL scraper |
3 |
# Author: Kees Cook <kees@ubuntu.com>
|
|
1433
by Jamie Strandboge
sis-changes: strip out epoch when constructing file names |
4 |
# Jamie Strandboge <jamie@canonical.com>
|
|
2871
by Kees Cook
start to normalize 3.0 src format packaging output handling, still needs to be converted into lists |
5 |
# Marc Deslauriers <marc.deslauriers@canonical.com>
|
|
1389
by Kees Cook
SiS changes URL scraper |
6 |
# License: GPLv3
|
7 |
#
|
|
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
8 |
# Extract/download list of changes file links from a given LP name, pkg, version
|
|
2871
by Kees Cook
start to normalize 3.0 src format packaging output handling, still needs to be converted into lists |
9 |
#
|
10 |
# TODO: need to handle multiple orig tarballs for 3.0 format
|
|
11 |
# http://wiki.debian.org/Projects/DebSrc3.0
|
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
12 |
from __future__ import print_function |
13 |
||
14 |
import copy |
|
|
1389
by Kees Cook
SiS changes URL scraper |
15 |
import optparse |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
16 |
import os.path |
17 |
import progressbar |
|
18 |
import re |
|
19 |
import shutil |
|
20 |
import sys |
|
|
2895
by Steve Beattie
Duh, remove the duplicate shutils import I added |
21 |
import tempfile |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
22 |
import urllib |
|
1448
by Kees Cook
handle the "all" build case |
23 |
import cve_lib |
|
8673
by Jamie Strandboge
scripts/sis-changes: use source_map.version_compare() instead of |
24 |
from source_map import version_compare |
25 |
||
|
2356
by Kees Cook
finish the APIification of sis-changes |
26 |
try: |
27 |
import lpl_common |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
28 |
except ImportError as e: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
29 |
print("lpl_common.py seems to be missing. Please create a symlink from $UQT/common/lpl_common.py to $UCT/scripts/", file=sys.stderr) |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
30 |
print(e, file=sys.stderr) |
|
2356
by Kees Cook
finish the APIification of sis-changes |
31 |
sys.exit(1) |
|
1389
by Kees Cook
SiS changes URL scraper |
32 |
|
|
7227
by Jamie Strandboge
update for python-apt |
33 |
# import warnings
|
34 |
# warnings.filterwarnings('ignore', 'apt API not stable yet', FutureWarning)
|
|
|
3253
by Kees Cook
retire closed CVEs |
35 |
import apt |
36 |
||
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
37 |
|
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
38 |
def download(url): |
39 |
# Download file to tmpdir
|
|
40 |
if not os.path.exists(tmpdir): |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
41 |
print("Failed: '%s' does not exist" % (tmpdir), file=sys.stderr) |
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
42 |
sys.exit(1) |
43 |
||
|
3185
by Kees Cook
add progressbar to sis-change downloader |
44 |
# Initialize progressbar so it has a real view of the time taken to fetch
|
45 |
widgets = [progressbar.Percentage(), |
|
46 |
' ', progressbar.Bar(marker='=', left='[', right=']'), |
|
47 |
' ', progressbar.FileTransferSpeed(), |
|
48 |
' ', progressbar.ETA()] |
|
49 |
bar = progressbar.ProgressBar(widgets=widgets).start() |
|
50 |
||
51 |
# Open the URL
|
|
52 |
urlfile = lpl_common.open_url(opener, url) |
|
53 |
received = 0 |
|
54 |
||
55 |
# Extract expected file size, updating progress bar and widgets
|
|
56 |
size = int(urlfile.info().getheader('Content-Length').strip()) |
|
57 |
bar.maxval = size |
|
58 |
widgets.insert(1, ' of %d' % (size)) |
|
59 |
bar.widgets = widgets |
|
60 |
bar.update(received) |
|
|
1860
by Jamie Strandboge
sis-changes: try a given xmlurl() or download() multiple times in case |
61 |
|
|
2973
by Jamie Strandboge
sis-changes: update download() for lastest LP changes too |
62 |
# See 'if opt.action == changes' section when adding replace() characters
|
|
2991
by Kees Cook
use urllib for unquoting, update link to CVE-2010-2954 fix |
63 |
name = urllib.unquote(os.path.join(tmpdir, os.path.basename(url))) |
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
64 |
try: |
65 |
tmp, tmpname = tempfile.mkstemp() |
|
66 |
except Exception: |
|
67 |
raise
|
|
|
3185
by Kees Cook
add progressbar to sis-change downloader |
68 |
|
69 |
# Fetch data, updating progressbar in minimum 100K chunks
|
|
70 |
while True: |
|
71 |
data = urlfile.read(1024 * 100) |
|
72 |
if not data: |
|
73 |
break
|
|
74 |
received += len(data) |
|
75 |
||
76 |
os.write(tmp, data) |
|
77 |
bar.update(received) |
|
78 |
if received == size: |
|
79 |
bar.finish() |
|
80 |
||
81 |
# Close and rename
|
|
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
82 |
os.close(tmp) |
|
2896
by Kees Cook
always use shutil.move, since it DTRT |
83 |
shutil.move(tmpname, name) |
|
2356
by Kees Cook
finish the APIification of sis-changes |
84 |
return name |
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
85 |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
86 |
|
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
87 |
def download_url(url): |
88 |
'''Display URL, and optionally download it, if requested and matches the re'''
|
|
|
10913
by Steve Beattie
sis-changes: add a couple more sanity checks for downloading things |
89 |
if url is None: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
90 |
print("download_url(): passed an empty url, skipping...", file=sys.stderr) |
|
10913
by Steve Beattie
sis-changes: add a couple more sanity checks for downloading things |
91 |
return None |
92 |
||
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
93 |
filename = os.path.basename(url) |
94 |
if not opt.re or re.search(opt.re, filename): |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
95 |
print(url) |
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
96 |
if opt.download: |
|
2356
by Kees Cook
finish the APIification of sis-changes |
97 |
return download(url) |
98 |
return None |
|
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
99 |
|
|
2534
by Jamie Strandboge
sis-changes: resurrect --lpnet |
100 |
|
101 |
#
|
|
102 |
# START SCRIPT
|
|
103 |
#
|
|
104 |
||
|
1389
by Kees Cook
SiS changes URL scraper |
105 |
parser = optparse.OptionParser() |
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
106 |
parser.add_option("--action", help="What action to take: 'changes'(default), 'check-build', 'binaries', 'source', 'buildlogs', 'list'", metavar="NAME", action='store', default='changes') |
|
2083
by Kees Cook
move back to --ppa and use dput-style slash separator for what was subppa |
107 |
parser.add_option("--ppa", help="Which PPA to use (default is 'ubuntu-security/ppa')", metavar="PERSON[/PPA]", action='store', default='ubuntu-security/ppa') |
|
4660
by Marc Deslauriers
- Add pocket parameter to sis-changes, and make prepare-kernel-usn |
108 |
parser.add_option("--pocket", help="Which pocket to use (valid values are: 'Release', 'Security', 'Updates', 'Proposed', 'Backports')", metavar="POCKET", action='store', default=None) |
|
2316
by Jamie Strandboge
sis-changes: support resurrecting superseded packages |
109 |
parser.add_option("--superseded-name", help="Name of superseded source package", metavar="SRCPKG", action='store') |
110 |
parser.add_option("--superseded-version", help="Version of superseded files", metavar="NAME", action='store') |
|
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
111 |
parser.add_option("--debug", help="Show debug output", action='store_true') |
112 |
parser.add_option("--verbose", help="Verbose output", action='store_true') |
|
|
3135
by Kees Cook
allow uri override for LP API testing |
113 |
parser.add_option("--uri", help="Use specific URI for API", action='store', default=None, metavar="URI") |
|
2647
by Kees Cook
add --beta option to flip back to beta API if needed |
114 |
parser.add_option("--beta", help="Use beta API instead of 1.0 LP API", action='store_true', default=False) |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
115 |
parser.add_option("-r", "--release", help="Limit to a specific set of comma-separate releases", metavar="SERIES", action='store', default=None) |
|
6045
by Marc Deslauriers
active/CVE-2012-4447: added tiff research |
116 |
parser.add_option("--skip-build-check", help="Skip binary package build check", action='store_true', default=False) |
|
2078
by Kees Cook
use edge by default, with --lpnet as fall-back |
117 |
|
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
118 |
# Action-specific options
|
119 |
# 'changes'
|
|
120 |
parser.add_option("--dsc", help="Toggle fetching source .dsc files (default is True)", action='store_false', default=True) |
|
121 |
# 'binaries'
|
|
|
1785
by Jamie Strandboge
update openssl CVEs |
122 |
parser.add_option("--arch", help="Limit 'binaries' and 'changes' action to comma-separated list of archs", metavar="ARCH[,ARCH...]", action='store') |
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
123 |
parser.add_option("--re", help="When handling binaries, only include those matching this regular expression", metavar="RE", action='store') |
|
7697
by jdstrand
scripts/sis-changes: don't download udebs unless specifying --include-debug. |
124 |
parser.add_option("--include-debug", help="When handling binaries, skip .udeb, -dbg, -dbgsym and non-English -locale packages", action='store_true', default=False) |
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
125 |
# 'changes', 'binaries', 'source'
|
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
126 |
parser.add_option("--download", help="Download to DIR", metavar="DIR", action='store', default='') |
|
1517
by Jamie Strandboge
cve_lib.py: add recursive_rm (stolen from ubuntu-cve-tracker) |
127 |
parser.add_option("--force-download", help="Force download to DIR if it exists (removes old DIR)", action='store_true', default=False) |
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
128 |
# 'source'
|
129 |
parser.add_option("--fetch-orig", help="Download the orig.tar.gz when fetching source", action='store_true', default=False) |
|
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
130 |
# 'include-devel'
|
131 |
parser.add_option("--include-devel", help="Include development release", action='store_true', default=False) |
|
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
132 |
parser.add_option("--include-eol", help="Include end of life releases", action='store_true', default=False) |
|
8460
by Jamie Strandboge
scripts/sis-changes |
133 |
parser.add_option("--distribution", help="Distribution to use (eg, 'ubuntu-rtm')", metavar="DIST", action='store', default=None) |
|
1539
by Jamie Strandboge
sis-changes: workaround bug #302116 by adding --batch and --start-index |
134 |
|
|
1389
by Kees Cook
SiS changes URL scraper |
135 |
(opt, args) = parser.parse_args() |
136 |
||
|
2534
by Jamie Strandboge
sis-changes: resurrect --lpnet |
137 |
# Load configuration
|
138 |
cve_lib.read_config() |
|
139 |
||
140 |
# API interface
|
|
|
3367
by Marc Deslauriers
- remove edge site use |
141 |
lp = lpl_common.connect(beta=opt.beta, uri=opt.uri) |
|
2534
by Jamie Strandboge
sis-changes: resurrect --lpnet |
142 |
|
143 |
# Get authenticated URL fetcher
|
|
144 |
opener = lpl_common.opener_with_cookie(cve_lib.config["plb_authentication"]) |
|
145 |
if not opener: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
146 |
raise ValueError("Could not open cookies") |
|
2534
by Jamie Strandboge
sis-changes: resurrect --lpnet |
147 |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
148 |
if len(args) < 1 and not opt.superseded_name: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
149 |
print("Usage: %s [--download <dir>] SRCPKG" % (sys.argv[0]), file=sys.stderr) |
|
1389
by Kees Cook
SiS changes URL scraper |
150 |
sys.exit(1) |
151 |
||
|
2785.1.1
by Jamie Strandboge
sis-changes: update to add --release |
152 |
serieses = [] |
153 |
if opt.release: |
|
154 |
for r in opt.release.split(','): |
|
155 |
serieses.append(r.lower()) |
|
156 |
||
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
157 |
download_dir = "" |
158 |
if opt.download: |
|
159 |
if opt.download == '': |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
160 |
print("Must specify a directory with '--download'", file=sys.stderr) |
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
161 |
sys.exit(1) |
162 |
else: |
|
163 |
download_dir = opt.download |
|
164 |
if os.path.exists(download_dir): |
|
|
1517
by Jamie Strandboge
cve_lib.py: add recursive_rm (stolen from ubuntu-cve-tracker) |
165 |
if opt.force_download: |
166 |
cve_lib.recursive_rm(download_dir) |
|
167 |
else: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
168 |
print("Specified download directory exists:\n %s" % (download_dir), file=sys.stderr) |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
169 |
print("\nPlease remove (or use --force-download) and try again.", file=sys.stderr) |
|
1517
by Jamie Strandboge
cve_lib.py: add recursive_rm (stolen from ubuntu-cve-tracker) |
170 |
sys.exit(1) |
|
4579
by Steve Beattie
* scripts/cve_lib.py: add icedtea-web description |
171 |
tmpdir = tempfile.mkdtemp(prefix='sis-changes-download-') |
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
172 |
|
|
4593
by Steve Beattie
make sis_changes --action=changes not abort when it hits an arch: all package |
173 |
|
174 |
# split_package -> pkg_name, arch
|
|
175 |
def split_package(pkg): |
|
176 |
tmp = pkg.split('_') |
|
177 |
arch = tmp[-1].split('.')[0] |
|
178 |
pkg_name = tmp[-3].split('/')[-1] |
|
179 |
return (pkg_name, arch) |
|
180 |
||
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
181 |
|
|
4593
by Steve Beattie
make sis_changes --action=changes not abort when it hits an arch: all package |
182 |
def get_arch_from_dsc(dsc): |
183 |
f = open(dsc, 'r') |
|
184 |
for line in f: |
|
185 |
vals = line.split(':') |
|
186 |
if len(vals) == 2 and vals[0] == 'Architecture': |
|
|
4594
by Steve Beattie
I suppose I ought to close a file descriptor once in a while. Sigh. |
187 |
f.close() |
|
4593
by Steve Beattie
make sis_changes --action=changes not abort when it hits an arch: all package |
188 |
return vals[1].strip() |
|
4594
by Steve Beattie
I suppose I ought to close a file descriptor once in a while. Sigh. |
189 |
f.close() |
190 |
return None |
|
|
4593
by Steve Beattie
make sis_changes --action=changes not abort when it hits an arch: all package |
191 |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
192 |
|
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
193 |
# pkg -> { release, release -> { version } }
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
194 |
def load_pkg_details_from_lp(pkgs, pkg, item): |
195 |
||
196 |
rel = item.distro_series.name |
|
|
5036.1.4
by Kees Cook
improve pocket control and error reporting |
197 |
if opt.debug: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
198 |
print("Processing %s" % (rel), file=sys.stderr) |
|
8460
by Jamie Strandboge
scripts/sis-changes |
199 |
if opt.distribution is None and rel not in cve_lib.releases: |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
200 |
raise ValueError("Unknown release '%s':\n" % (rel)) |
|
2316
by Jamie Strandboge
sis-changes: support resurrecting superseded packages |
201 |
|
|
2785.1.2
by Jamie Strandboge
optimize last commit |
202 |
if serieses and rel not in serieses: |
|
2788
by Jamie Strandboge
sis-changes: move Skipping message to debug output |
203 |
if opt.debug: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
204 |
print("Skipping %s: not in %s" % (rel, serieses), file=sys.stderr) |
|
2785.1.2
by Jamie Strandboge
optimize last commit |
205 |
return
|
206 |
||
|
2356
by Kees Cook
finish the APIification of sis-changes |
207 |
version = item.source_package_version |
|
2316
by Jamie Strandboge
sis-changes: support resurrecting superseded packages |
208 |
if opt.superseded_version and version != opt.superseded_version: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
209 |
print("Skipping %s: %s %s (we need %s)" % (rel, pkg, version, opt.superseded_version), file=sys.stderr) |
|
2316
by Jamie Strandboge
sis-changes: support resurrecting superseded packages |
210 |
return
|
211 |
||
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
212 |
if pkg in pkgs and rel in pkgs[pkg]: |
|
8673
by Jamie Strandboge
scripts/sis-changes: use source_map.version_compare() instead of |
213 |
state = version_compare(version, pkgs[pkg][rel]['source']['version']) |
|
3449
by Kees Cook
scripts/sis-changes:do not report same-version skips, noisy; add arch exceptions for lts backport kernel |
214 |
if state < 0: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
215 |
print("Skipping %s: %s %s (already have %s)" % (rel, pkg, version, pkgs[pkg][rel]['source']['version']), file=sys.stderr) |
|
3253
by Kees Cook
retire closed CVEs |
216 |
return
|
|
3449
by Kees Cook
scripts/sis-changes:do not report same-version skips, noisy; add arch exceptions for lts backport kernel |
217 |
elif state == 0: |
218 |
if opt.verbose: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
219 |
print("Skipping %s: %s %s (same as %s)" % (rel, pkg, version, pkgs[pkg][rel]['source']['version']), file=sys.stderr) |
|
3449
by Kees Cook
scripts/sis-changes:do not report same-version skips, noisy; add arch exceptions for lts backport kernel |
220 |
return
|
|
3253
by Kees Cook
retire closed CVEs |
221 |
else: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
222 |
print("Forgetting %s: %s %s (now have %s)" % (rel, pkg, pkgs[pkg][rel]['source']['version'], version), file=sys.stderr) |
|
3253
by Kees Cook
retire closed CVEs |
223 |
pkgs[pkg][rel] = dict() |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
224 |
pkgs.setdefault(pkg, dict()) |
225 |
pkgs[pkg].setdefault(rel, dict()) |
|
226 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
227 |
print("Source(%s): %s %s" % (rel, pkg, version), file=sys.stderr) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
228 |
|
229 |
# Source details
|
|
230 |
pkgs[pkg][rel].setdefault('source', dict()) |
|
231 |
pkgs[pkg][rel]['source'].setdefault('version', version) |
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
232 |
|
|
2360
by Kees Cook
handle transition to method |
233 |
# Handle transition to method (LP: #474876)
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
234 |
if hasattr(item, 'changes_file_url'): |
|
2360
by Kees Cook
handle transition to method |
235 |
src_changes = item.changes_file_url |
|
2366
by Kees Cook
oops, detect API change for changes_file_url better |
236 |
else: |
237 |
src_changes = item.changesFileUrl() |
|
|
2360
by Kees Cook
handle transition to method |
238 |
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
239 |
pkgs[pkg][rel]['source'].setdefault('changes', src_changes) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
240 |
if opt.debug: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
241 |
print("Source(%s) changes: %s" % (rel, src_changes), file=sys.stderr) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
242 |
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
243 |
# Get per-build items
|
|
6876
by Marc Deslauriers
sis-changes: print error when we can't get builds out of launchpad |
244 |
build = None |
|
2356
by Kees Cook
finish the APIification of sis-changes |
245 |
for build in item.getBuilds(): |
246 |
arch = build.arch_tag |
|
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
247 |
pkgs[pkg][rel].setdefault(arch, dict()) |
|
2356
by Kees Cook
finish the APIification of sis-changes |
248 |
state = build.buildstate |
249 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
250 |
print("Build(%s,%s) %s" % (rel, arch, state), file=sys.stderr) |
|
2646
by Kees Cook
work around LP: #559591 buildstate string change |
251 |
# Work around LP: #559591
|
252 |
if state == 'Successful build': |
|
253 |
state = 'Successfully built' |
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
254 |
pkgs[pkg][rel][arch].setdefault('build_state', state) |
|
3093
by Kees Cook
eliminate last of screenscraping now that API has binary changes files |
255 |
bin_changes = build.changesfile_url |
256 |
pkgs[pkg][rel][arch].setdefault('changes', bin_changes) |
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
257 |
if opt.debug: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
258 |
print("Build(%s,%s) changes: %s" % (rel, arch, bin_changes), file=sys.stderr) |
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
259 |
build_log = build.build_log_url |
260 |
pkgs[pkg][rel][arch].setdefault('build_log', build_log) |
|
|
1439
by Kees Cook
update check-build logic |
261 |
|
|
6876
by Marc Deslauriers
sis-changes: print error when we can't get builds out of launchpad |
262 |
# If we didn't find a build, we're in trouble.
|
263 |
# This can happen if something was pocket-copied from a different release
|
|
264 |
# See LP: #783613
|
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
265 |
if build is None: |
266 |
raise ValueError("Could not find any builds for %s." % (pkg)) |
|
|
6876
by Marc Deslauriers
sis-changes: print error when we can't get builds out of launchpad |
267 |
|
|
3093
by Kees Cook
eliminate last of screenscraping now that API has binary changes files |
268 |
# Diff (we don't use this yet...)
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
269 |
# diff_url = item.packageDiffUrl()
|
270 |
# pkgs[pkg][rel]['source'].setdefault('ancestor-diff', diff_url)
|
|
271 |
# if opt.debug:
|
|
272 |
# print("Diff(%s) URL: %s" % (rel, diff_url), file=sys.stderr)
|
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
273 |
|
274 |
# Binary outputs
|
|
|
2391
by Kees Cook
handle API transition harder |
275 |
# Handle transition to method (LP: #474876)
|
|
13730
by Steve Beattie
scripts/sis-changes: fix up packages built for one arch != arch all arch |
276 |
if hasattr(item, 'binary_file_url'): |
|
2391
by Kees Cook
handle API transition harder |
277 |
bin_files = item.binary_file_urls |
278 |
else: |
|
279 |
bin_files = item.binaryFileUrls() |
|
280 |
for file_url in bin_files: |
|
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
281 |
if file_url.endswith('deb'): |
|
4593
by Steve Beattie
make sis_changes --action=changes not abort when it hits an arch: all package |
282 |
name, arch = split_package(file_url) |
|
10911
by Tyler Hicks
scripts/cve_lib.py: Add helper for checking if an arch is valid for a release |
283 |
if opt.debug: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
284 |
print("Binary(%s,%s) URL: %s" % (rel, arch, file_url), file=sys.stderr) |
|
9108
by Steve Beattie
Initial attempt at fixing sis-changes to cope with vivid using amd64 to |
285 |
# hack for "all": attach to all_arch
|
|
1442
by Kees Cook
handle "all" arch debs |
286 |
if arch == 'all': |
|
13730
by Steve Beattie
scripts/sis-changes: fix up packages built for one arch != arch all arch |
287 |
all_arch = cve_lib.get_all_arch(rel) |
288 |
# if only building for one arch that's not the default
|
|
289 |
# all arch, the all packages will be built under that arch
|
|
290 |
# so check the all_arch has binary pkgs
|
|
291 |
archs = [x for x in pkgs[pkg][rel].keys() if x != 'source'] |
|
292 |
if all_arch in archs: |
|
293 |
arch = all_arch |
|
294 |
elif len(archs) == 1: |
|
295 |
arch = archs[0] |
|
296 |
elif opt.debug: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
297 |
print("Couldn't find 'all' arch for %s in %s/%s" % (name, arch, rel), file=sys.stderr) |
|
10911
by Tyler Hicks
scripts/cve_lib.py: Add helper for checking if an arch is valid for a release |
298 |
if not cve_lib.arch_is_valid_for_release(arch, rel): |
299 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
300 |
print("Skipping %s binary because %s is not a valid arch in %s" % (name, arch, rel), file=sys.stderr) |
|
10911
by Tyler Hicks
scripts/cve_lib.py: Add helper for checking if an arch is valid for a release |
301 |
continue
|
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
302 |
pkgs[pkg][rel][arch].setdefault('binaries', dict()) |
303 |
pkgs[pkg][rel][arch]['binaries'].setdefault(name, file_url) |
|
304 |
else: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
305 |
raise ValueError("Unknown downloadable binary file from %s %s '%s'" % (pkg, version, file_url)) |
|
2356
by Kees Cook
finish the APIification of sis-changes |
306 |
|
307 |
# Source inputs
|
|
|
2391
by Kees Cook
handle API transition harder |
308 |
# Handle transition to method (LP: #474876)
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
309 |
if hasattr(item, 'source_file_url'): |
|
2391
by Kees Cook
handle API transition harder |
310 |
src_files = item.source_file_urls |
311 |
else: |
|
312 |
src_files = item.sourceFileUrls() |
|
313 |
for file_url in src_files: |
|
|
2871
by Kees Cook
start to normalize 3.0 src format packaging output handling, still needs to be converted into lists |
314 |
if file_url.endswith('.dsc'): |
|
2356
by Kees Cook
finish the APIification of sis-changes |
315 |
pkgs[pkg][rel]['source'].setdefault('dsc', file_url) |
316 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
317 |
print("Source(%s) dsc URL: %s" % (rel, file_url), file=sys.stderr) |
|
9899
by Steve Beattie
scripts/sis-changes: add xz to suffix of debian diff possibilities. |
318 |
elif re.search('\.(diff\.gz|debian\.tar\.(gz|bz2|lzma|xz))$', file_url): |
|
2871
by Kees Cook
start to normalize 3.0 src format packaging output handling, still needs to be converted into lists |
319 |
pkgs[pkg][rel]['source'].setdefault('diff', file_url) |
320 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
321 |
print("Source(%s) debian differences URL: %s" % (rel, file_url), file=sys.stderr) |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
322 |
elif re.search('\.tar\.(gz|bz2|lzma|xz)$', file_url): |
|
2871
by Kees Cook
start to normalize 3.0 src format packaging output handling, still needs to be converted into lists |
323 |
pkgs[pkg][rel]['source'].setdefault('orig', file_url) |
324 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
325 |
print("Source(%s) orig URL: %s" % (rel, file_url), file=sys.stderr) |
|
12679
by Marc Deslauriers
sis-changes: handle .asc files |
326 |
elif file_url.endswith('.asc'): |
327 |
pkgs[pkg][rel]['source'].setdefault('asc', file_url) |
|
328 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
329 |
print("Source(%s) asc URL: %s" % (rel, file_url), file=sys.stderr) |
|
2356
by Kees Cook
finish the APIification of sis-changes |
330 |
else: |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
331 |
raise ValueError("Unknown downloadable source file from %s %s '%s'" % (pkg, version, file_url)) |
|
2356
by Kees Cook
finish the APIification of sis-changes |
332 |
|
|
2628
by Kees Cook
check all published binaries to make sure they are actually in the archive |
333 |
# Check that all built binaries have actually published into the PPA
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
334 |
if opt.skip_build_check is True: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
335 |
print("WARNING: skipping binary publication check. Please check manually.", file=sys.stderr) |
|
6046
by Marc Deslauriers
sis-changes: added warning |
336 |
else: |
|
6045
by Marc Deslauriers
active/CVE-2012-4447: added tiff research |
337 |
for binary in item.getPublishedBinaries(): |
338 |
if binary.status != 'Published': |
|
339 |
if opt.debug: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
340 |
print("BinaryPublication(%s,%s,%s) state: %s" % (rel, binary.distro_arch_series.architecture_tag, binary.binary_package_name, binary.status), file=sys.stderr) |
|
6045
by Marc Deslauriers
active/CVE-2012-4447: added tiff research |
341 |
arch = binary.distro_arch_series.architecture_tag |
342 |
# Override binary target in the case of "all"
|
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
343 |
if 'all' in pkgs[pkg][rel]: |
|
6045
by Marc Deslauriers
active/CVE-2012-4447: added tiff research |
344 |
arch = 'all' |
345 |
pkgs[pkg][rel][arch]['build_state'] = 'Binaries pending' |
|
|
2628
by Kees Cook
check all published binaries to make sure they are actually in the archive |
346 |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
347 |
|
348 |
def is_debug_pkg(name): |
|
349 |
if name.endswith("-dbg") or name.endswith("-dbgsym") or name.endswith("-mozsymbols"): |
|
350 |
return True |
|
351 |
if name.endswith("-source") and name.startswith("openjdk-"): |
|
352 |
return True |
|
353 |
if ("-locale-" in name and not name.endswith("-locale-en") and |
|
354 |
(name.startswith("firefox") or name.startswith("thunderbird"))): |
|
355 |
return True |
|
356 |
||
357 |
||
|
8468
by Jamie Strandboge
scripts/sis-changes: set the distribution rather than just passing the string |
358 |
if opt.distribution is None: |
359 |
# We could default to this, but it would require changes elsewhere
|
|
360 |
# distribution = lp.distributions['ubuntu']
|
|
|
8478
by Marc Deslauriers
sis-changes: fix typo |
361 |
distribution = opt.distribution |
|
8468
by Jamie Strandboge
scripts/sis-changes: set the distribution rather than just passing the string |
362 |
else: |
363 |
distribution = lp.distributions[opt.distribution] |
|
364 |
archive, group, ppa = lpl_common.get_archive(opt.ppa, lp, opt.debug, distribution=distribution) |
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
365 |
|
366 |
pkgs = dict() |
|
367 |
if opt.superseded_version: |
|
368 |
status = "Superseded" |
|
369 |
else: |
|
370 |
status = "Published" |
|
371 |
for pkg_name in args: |
|
|
4660
by Marc Deslauriers
- Add pocket parameter to sis-changes, and make prepare-kernel-usn |
372 |
params = dict(source_name=pkg_name, |
373 |
exact_match=True, |
|
374 |
status=status) |
|
375 |
if opt.pocket: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
376 |
params['pocket'] = opt.pocket |
|
4660
by Marc Deslauriers
- Add pocket parameter to sis-changes, and make prepare-kernel-usn |
377 |
|
378 |
for item in archive.getPublishedSources(**params): |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
379 |
load_pkg_details_from_lp(pkgs, pkg_name, item) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
380 |
|
381 |
if opt.action == 'changes': |
|
382 |
for pkg in args: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
383 |
if pkg not in pkgs: |
|
5036.1.4
by Kees Cook
improve pocket control and error reporting |
384 |
msg = "Source package '%s' not found in group %s PPA %s" % (pkg, group, ppa) |
385 |
if opt.pocket: |
|
386 |
msg += " pocket %s" % (opt.pocket) |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
387 |
raise ValueError(msg) |
|
1433
by Jamie Strandboge
sis-changes: strip out epoch when constructing file names |
388 |
|
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
389 |
for rel in sorted(pkgs[pkg].keys()): |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
390 |
if not opt.include_devel and rel == cve_lib.devel_release: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
391 |
print("Skipping '%s' (use --include-devel)" % (rel), file=sys.stderr) |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
392 |
continue
|
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
393 |
if not opt.include_eol and rel in cve_lib.eol_releases: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
394 |
print("Skipping '%s' (use --include-eol)" % (rel), file=sys.stderr) |
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
395 |
continue
|
|
1433
by Jamie Strandboge
sis-changes: strip out epoch when constructing file names |
396 |
version = pkgs[pkg][rel]['source']['version'] |
397 |
if ':' in version and not version.endswith(':'): |
|
398 |
# strip out epoch, if it exists
|
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
399 |
version = version[(version.find(':') + 1):] |
|
1433
by Jamie Strandboge
sis-changes: strip out epoch when constructing file names |
400 |
|
|
1609
by Kees Cook
retry on LP failures, don't lower pkg name/ver, more debugging |
401 |
if opt.debug: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
402 |
print("Fetching %s %s ..." % (pkg, version), file=sys.stderr) |
|
1609
by Kees Cook
retry on LP failures, don't lower pkg name/ver, more debugging |
403 |
|
|
3093
by Kees Cook
eliminate last of screenscraping now that API has binary changes files |
404 |
download_url(pkgs[pkg][rel]['source']['changes']) |
|
2356
by Kees Cook
finish the APIification of sis-changes |
405 |
|
|
1785
by Jamie Strandboge
update openssl CVEs |
406 |
archs = sorted(pkgs[pkg][rel].keys()) |
407 |
if opt.arch: |
|
408 |
archs = archlist = opt.arch.split(',') |
|
409 |
||
|
4593
by Steve Beattie
make sis_changes --action=changes not abort when it hits an arch: all package |
410 |
if opt.dsc: |
411 |
dsc = download_url(pkgs[pkg][rel]['source']['dsc']) |
|
412 |
dsc_arch = get_arch_from_dsc(dsc) |
|
413 |
if dsc_arch == 'all': |
|
|
9108
by Steve Beattie
Initial attempt at fixing sis-changes to cope with vivid using amd64 to |
414 |
archs = [cve_lib.get_all_arch(rel)] |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
415 |
print("Skipping non-i386 builds for 'Architecture: all' package %s %s" % (pkg, rel), file=sys.stderr) |
|
4593
by Steve Beattie
make sis_changes --action=changes not abort when it hits an arch: all package |
416 |
|
|
1785
by Jamie Strandboge
update openssl CVEs |
417 |
for arch in archs: |
|
2356
by Kees Cook
finish the APIification of sis-changes |
418 |
# Ignore 'source' and 'item' for build states
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
419 |
if arch in ['source', 'item']: |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
420 |
continue
|
|
2356
by Kees Cook
finish the APIification of sis-changes |
421 |
if pkgs[pkg][rel][arch]['build_state'] != 'Successfully built': |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
422 |
print("Skipping '%s' build for %s %s %s" % (pkgs[pkg][rel][arch]['build_state'], pkg, rel, arch), file=sys.stderr) |
|
1441
by Kees Cook
minor tweaks to url merging, rename, and fixed think-o in binary file list parsing |
423 |
continue
|
|
3093
by Kees Cook
eliminate last of screenscraping now that API has binary changes files |
424 |
download_url(pkgs[pkg][rel][arch]['changes']) |
|
1440
by Jamie Strandboge
sis-changes: clean up urls and add a download option |
425 |
|
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
426 |
elif opt.action == 'binaries': |
427 |
for pkg in args: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
428 |
if pkg not in pkgs: |
429 |
raise ValueError("Source package '%s' not found in PPA" % (pkg)) |
|
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
430 |
for rel in sorted(pkgs[pkg].keys()): |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
431 |
if not opt.include_devel and rel == cve_lib.devel_release: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
432 |
print("Skipping '%s' (use --include-devel)" % (rel), file=sys.stderr) |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
433 |
continue
|
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
434 |
if not opt.include_eol and rel in cve_lib.eol_releases: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
435 |
print("Skipping '%s' (use --include-eol)" % (rel), file=sys.stderr) |
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
436 |
continue
|
437 |
version = pkgs[pkg][rel]['source']['version'] |
|
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
438 |
archlist = sorted(pkgs[pkg][rel].keys()) |
439 |
if opt.arch: |
|
440 |
archlist = opt.arch.split(',') |
|
441 |
for arch in archlist: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
442 |
if arch not in pkgs[pkg][rel]: |
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
443 |
continue
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
444 |
if 'binaries' not in pkgs[pkg][rel][arch]: |
|
1512
by Jamie Strandboge
make sure pkgs[pkg][rel][arch]['binaries'] exists in sis-changes |
445 |
continue
|
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
446 |
for name in sorted(pkgs[pkg][rel][arch]['binaries'].keys()): |
|
5901
by Jamie Strandboge
scripts/sis-changes: |
447 |
# If --include-debug is not specified, don't download:
|
448 |
# -dbg
|
|
449 |
# -dbgsym
|
|
450 |
# -mozsymbols
|
|
451 |
# non-english firefox-locale-*
|
|
452 |
# non-english thunderbird-locale-*
|
|
|
6463
by Jamie Strandboge
scripts/sis-changes: don't download openjdk-*-source by default when |
453 |
# openjdk-*-source
|
|
7697
by jdstrand
scripts/sis-changes: don't download udebs unless specifying --include-debug. |
454 |
# .udeb
|
|
5901
by Jamie Strandboge
scripts/sis-changes: |
455 |
if not opt.include_debug and \ |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
456 |
(is_debug_pkg(name) or |
457 |
pkgs[pkg][rel][arch]['binaries'][name].endswith(".udeb")): |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
458 |
print("Skipping '%s' (use --include-debug)" % (name), file=sys.stderr) |
|
4058
by Jamie Strandboge
scripts/sis-changes: only download -dbg, -dbgsym and -mozsymbols packages if |
459 |
continue
|
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
460 |
download_url(pkgs[pkg][rel][arch]['binaries'][name]) |
461 |
||
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
462 |
elif opt.action == 'buildlogs': |
463 |
for pkg in args: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
464 |
if pkg not in pkgs: |
465 |
raise ValueError("Source package '%s' not found in PPA" % (pkg)) |
|
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
466 |
for rel in sorted(pkgs[pkg].keys()): |
467 |
if not opt.include_devel and rel == cve_lib.devel_release: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
468 |
print("Skipping '%s' (use --include-devel)" % (rel), file=sys.stderr) |
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
469 |
continue
|
470 |
if not opt.include_eol and rel in cve_lib.eol_releases: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
471 |
print("Skipping '%s' (use --include-eol)" % (rel), file=sys.stderr) |
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
472 |
continue
|
473 |
archlist = sorted(pkgs[pkg][rel].keys()) |
|
474 |
if opt.arch: |
|
475 |
archlist = opt.arch.split(',') |
|
476 |
for arch in archlist: |
|
|
10913
by Steve Beattie
sis-changes: add a couple more sanity checks for downloading things |
477 |
if opt.debug: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
478 |
print("Fetching build log for %s %s %s ..." % (pkg, rel, arch), file=sys.stderr) |
|
10913
by Steve Beattie
sis-changes: add a couple more sanity checks for downloading things |
479 |
if not cve_lib.arch_is_valid_for_release(arch, rel): |
480 |
continue
|
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
481 |
if arch not in pkgs[pkg][rel]: |
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
482 |
continue
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
483 |
if 'build_log' not in pkgs[pkg][rel][arch]: |
|
10264
by Steve Beattie
scripts/sis-changes: add buildlogs target. |
484 |
continue
|
485 |
download_url(pkgs[pkg][rel][arch]['build_log']) |
|
486 |
||
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
487 |
elif opt.action == 'list': |
488 |
for pkg in sorted(pkgs.keys()): |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
489 |
print(pkg) |
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
490 |
|
491 |
elif opt.action == 'source': |
|
492 |
for pkg in args: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
493 |
if pkg not in pkgs: |
494 |
raise ValueError("Source package '%s' not found in PPA" % (pkg)) |
|
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
495 |
for rel in sorted(pkgs[pkg].keys()): |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
496 |
if not opt.include_devel and rel == cve_lib.devel_release: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
497 |
print("Skipping '%s' (use --include-devel)" % (rel), file=sys.stderr) |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
498 |
continue
|
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
499 |
if not opt.include_eol and rel in cve_lib.eol_releases: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
500 |
print("Skipping '%s' (use --include-eol)" % (rel), file=sys.stderr) |
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
501 |
continue
|
502 |
version = pkgs[pkg][rel]['source']['version'] |
|
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
503 |
download_url(pkgs[pkg][rel]['source']['dsc']) |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
504 |
if 'diff' in pkgs[pkg][rel]['source']: |
|
1549
by Kees Cook
add "source" and "list" actions to sis-changes |
505 |
download_url(pkgs[pkg][rel]['source']['diff']) |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
506 |
if 'diff' not in pkgs[pkg][rel]['source'] or opt.fetch_orig: |
|
10454
by Tyler Hicks
scripts/sis-changes: Fix the broken --fetch-orig option |
507 |
download_url(pkgs[pkg][rel]['source']['orig']) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
508 |
|
509 |
elif opt.action == 'check-build': |
|
510 |
EXIT_OKAY = 0 |
|
511 |
EXIT_FAIL = 1 |
|
512 |
exit_code = EXIT_OKAY |
|
513 |
for pkg in args: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
514 |
if pkg not in pkgs: |
515 |
raise ValueError("Source package '%s' not found in PPA" % (pkg)) |
|
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
516 |
found = dict() |
517 |
||
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
518 |
suffix = "" |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
519 |
if len(args) > 1: |
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
520 |
suffix = " (%s)" % (pkg) |
521 |
||
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
522 |
for rel in sorted(pkgs[pkg].keys()): |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
523 |
if not opt.include_devel and rel == cve_lib.devel_release: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
524 |
print("Skipping '%s' (use --include-devel)" % (rel), file=sys.stderr) |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
525 |
continue
|
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
526 |
if not opt.include_eol and rel in cve_lib.eol_releases: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
527 |
print("Skipping '%s' (use --include-eol)" % (rel), file=sys.stderr) |
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
528 |
continue
|
529 |
version = pkgs[pkg][rel]['source']['version'] |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
530 |
found.setdefault(rel, dict()) |
|
3123
by Kees Cook
consolidate the architecture (and release) logic into cve_lib |
531 |
for arch in cve_lib.arch_list: |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
532 |
found[rel].setdefault(arch, False) |
533 |
if arch in pkgs[pkg][rel]: |
|
|
1439
by Kees Cook
update check-build logic |
534 |
state = pkgs[pkg][rel][arch]['build_state'] |
|
2356
by Kees Cook
finish the APIification of sis-changes |
535 |
if state == 'Successfully built': |
|
1439
by Kees Cook
update check-build logic |
536 |
found[rel][arch] = True |
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
537 |
if opt.verbose: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
538 |
print('\t%s %s Built' % (rel, arch)) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
539 |
|
540 |
code = EXIT_OKAY |
|
541 |
report_rel = [] |
|
542 |
||
|
1485
by Kees Cook
update CVE lists and scripts for the opening of jaunty |
543 |
for rel in cve_lib.releases: |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
544 |
complete = 1 |
545 |
# Skip missing source.changes
|
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
546 |
if rel not in found.keys(): |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
547 |
continue
|
|
1448
by Kees Cook
handle the "all" build case |
548 |
|
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
549 |
if not opt.include_devel and rel == cve_lib.devel_release: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
550 |
print("Skipping '%s' (use --include-devel)" % (rel), file=sys.stderr) |
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
551 |
continue
|
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
552 |
if not opt.include_eol and rel in cve_lib.eol_releases: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
553 |
print("Skipping '%s' (use --include-eol)" % (rel), file=sys.stderr) |
|
2085
by Jamie Strandboge
sis-changes: add --include-eol and don't download end of lifed files for |
554 |
continue
|
555 |
version = pkgs[pkg][rel]['source']['version'] |
|
|
1691
by Jamie Strandboge
sis-changes: add --include-devel option (default is not skip the development |
556 |
|
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
557 |
def drop_support(supported, arches): |
558 |
for drop_arch in arches: |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
559 |
for area in ['expected', 'required']: |
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
560 |
if drop_arch in supported[area]: |
561 |
supported[area].remove(drop_arch) |
|
562 |
supported['bonus'].append(drop_arch) |
|
563 |
||
|
3123
by Kees Cook
consolidate the architecture (and release) logic into cve_lib |
564 |
support = copy.deepcopy(cve_lib.release_expectations[rel]) |
|
1485
by Kees Cook
update CVE lists and scripts for the opening of jaunty |
565 |
# Special-case the split kernel in intrepid and later
|
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
566 |
if re.match('linux(-meta|-source-2.6.15|-(backports|ubuntu|restricted)-modules(-2.6.[0-9]+)?)?$', pkg): |
|
2216
by Kees Cook
build in proper logic for linux kernel arch builds |
567 |
if 'lpia' in support['required'] and rel not in ['hardy']: |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
568 |
drop_support(support, ['lpia']) |
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
569 |
# Non-Dapper and Non-Hardy does not build sparc, ppc, hppa
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
570 |
if rel not in ['dapper', 'hardy']: |
571 |
drop_support(support, ['sparc', 'powerpc', 'hppa']) |
|
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
572 |
# Intrepid does not build armel or ia64
|
|
3089
by Kees Cook
yikes, fix the kernel arch support list override logic |
573 |
if rel in ['intrepid']: |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
574 |
drop_support(support, ['lpia', 'ia64']) |
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
575 |
# Jaunty does not build armel or ia64
|
|
3089
by Kees Cook
yikes, fix the kernel arch support list override logic |
576 |
if rel in ['jaunty']: |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
577 |
drop_support(support, ['armel', 'ia64']) |
|
2756
by Kees Cook
published gobs of kernel updates |
578 |
if re.match('linux-(|meta-)ec2$', pkg): |
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
579 |
# EC2 is i386/amd64 only
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
580 |
drop_support(support, ['sparc', 'powerpc', 'lpia', 'armel', 'armhf']) |
|
10214
by Steve Beattie
add raspi2 kernels in a couple of script locations |
581 |
if re.match('linux-(|meta-)(fsl-imx51|mvl-dove|ti-omap4?|qcm-msm|armadaxp|raspi2)$', pkg): |
|
2466
by Kees Cook
correctly handle arch modification to supported list when doing multiple packages on the cmdline |
582 |
# ARM kernels are, shockingly, ARM-only
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
583 |
drop_support(support, ['sparc', 'powerpc', 'lpia', 'i386', 'amd64']) |
|
6009
by John Johansen
Update scripts for new kernel backports naming format and add -lts-quantal kernel |
584 |
if re.match('linux-(|meta-)(lts-.*)$', pkg): |
|
3449
by Kees Cook
scripts/sis-changes:do not report same-version skips, noisy; add arch exceptions for lts backport kernel |
585 |
# LTS backports seem to be built only for i386 and amd64?
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
586 |
drop_support(support, ['sparc', 'powerpc', 'lpia', 'armel', 'armhf']) |
|
2216
by Kees Cook
build in proper logic for linux kernel arch builds |
587 |
|
|
9108
by Steve Beattie
Initial attempt at fixing sis-changes to cope with vivid using amd64 to |
588 |
# Detect the "all" case -- only all_arch in the build record
|
589 |
all_arch = cve_lib.get_all_arch(rel) |
|
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
590 |
if all_arch in pkgs[pkg][rel] and 'source' in pkgs[pkg][rel] and len(pkgs[pkg][rel].keys()) == 2: |
|
1448
by Kees Cook
handle the "all" build case |
591 |
support['bonus'] = [] |
592 |
support['expected'] = [] |
|
|
9108
by Steve Beattie
Initial attempt at fixing sis-changes to cope with vivid using amd64 to |
593 |
support['required'] = [all_arch] |
|
1448
by Kees Cook
handle the "all" build case |
594 |
|
|
3123
by Kees Cook
consolidate the architecture (and release) logic into cve_lib |
595 |
for arch in cve_lib.arch_list: |
|
1448
by Kees Cook
handle the "all" build case |
596 |
if arch in support['required'] and not found[rel][arch]: |
|
2356
by Kees Cook
finish the APIification of sis-changes |
597 |
build_state = "[no build for %s]" % (arch) |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
598 |
if arch in pkgs[pkg][rel]: |
|
1584
by Kees Cook
handle arch-limited builds |
599 |
build_state = pkgs[pkg][rel][arch]['build_state'] |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
600 |
print('ERROR: %s missing for %s (%s)' % (arch, rel, build_state) + suffix, file=sys.stderr) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
601 |
code = EXIT_FAIL |
602 |
complete = 0 |
|
|
3123
by Kees Cook
consolidate the architecture (and release) logic into cve_lib |
603 |
for arch in cve_lib.arch_list: |
|
1448
by Kees Cook
handle the "all" build case |
604 |
if arch in support['expected'] and not found[rel][arch]: |
|
2356
by Kees Cook
finish the APIification of sis-changes |
605 |
build_state = "[no build for %s]" % (arch) |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
606 |
if arch in pkgs[pkg][rel]: |
|
1584
by Kees Cook
handle arch-limited builds |
607 |
build_state = pkgs[pkg][rel][arch]['build_state'] |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
608 |
print('WARN: %s missing for %s (%s)' % (arch, rel, build_state) + suffix, file=sys.stderr) |
|
3123
by Kees Cook
consolidate the architecture (and release) logic into cve_lib |
609 |
for arch in cve_lib.arch_list: |
|
1448
by Kees Cook
handle the "all" build case |
610 |
if arch in support['bonus'] and found[rel][arch]: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
611 |
print('BONUS: %s found for %s' % (arch, rel) + suffix, file=sys.stderr) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
612 |
if complete: |
613 |
report_rel.append(rel) |
|
614 |
||
615 |
if code == EXIT_OKAY: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
616 |
print("OK: " + " ".join(report_rel) + suffix) |
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
617 |
else: |
|
13810
by Steve Beattie
sis-changes: python3-ish/pip8 cleanups |
618 |
if len(report_rel) > 0: |
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
619 |
print("READY: " + " ".join(report_rel) + suffix) |
620 |
print("FAIL: not all releases ready" + suffix) |
|
621 |
print("*** DO NOT PUBLISH YET *** There is no method to unembargo an architecture later") |
|
|
1396
by Kees Cook
load data from XML, add check-upload action handler |
622 |
exit_code = EXIT_FAIL |
623 |
sys.exit(exit_code) |
|
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
624 |
|
625 |
else: |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
626 |
print("Unknown action '%s'" % (opt.action), file=sys.stderr) |
|
1454
by Kees Cook
create "binaries" action to download PPA-produced binaries |
627 |
sys.exit(1) |
|
1455
by Kees Cook
consolidate download dir move |
628 |
|
629 |
if opt.download: |
|
630 |
# Can't use os.rename because of potential for:
|
|
631 |
# OSError: [Errno 18] Invalid cross-device link'
|
|
632 |
shutil.move(tmpdir, download_dir) |
|
|
13726
by Steve Beattie
scripts/cve_lib.py: add linux-aws/trusty to meta kernel list |
633 |
print("Files downloaded to %s" % (download_dir)) |