summaryrefslogtreecommitdiff
path: root/dev-util/kup
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2022-05-12 16:42:50 +0300
committerV3n3RiX <venerix@koprulu.sector>2022-05-12 16:42:50 +0300
commit752d6256e5204b958b0ef7905675a940b5e9172f (patch)
tree330d16e6362a49cbed8875a777fe641a43376cd3 /dev-util/kup
parent0c100b7dd2b30e75b799d806df4ef899fd98e1ea (diff)
gentoo resync : 12.05.2022
Diffstat (limited to 'dev-util/kup')
-rw-r--r--dev-util/kup/Manifest4
-rw-r--r--dev-util/kup/files/kup-server-gitolite-subcmd.patch242
-rw-r--r--dev-util/kup/kup-0.3.6-r1.ebuild38
-rw-r--r--dev-util/kup/metadata.xml6
4 files changed, 289 insertions, 1 deletions
diff --git a/dev-util/kup/Manifest b/dev-util/kup/Manifest
index 28c7a4b9b758..bd2038f9e86e 100644
--- a/dev-util/kup/Manifest
+++ b/dev-util/kup/Manifest
@@ -1,5 +1,7 @@
+AUX kup-server-gitolite-subcmd.patch 6574 BLAKE2B 54c0140f39f1696b52fa8ef7cc7898c6c73329f052f2ad0f56aae107ddf40f1f19b8d872bc6ee9a0cb6285475b7b5566635aa8654d4ac9e2a3d87547b1c6902d SHA512 57b9b9fef82a5a2400f31b870984624bacb840c896d266689535002c44b4aa894e805799a0a29bf46dc6c8325e6e3c4c93917d73b9c6feff412bec4658e9c41f
DIST kup-0.3.4.tar.xz 40596 BLAKE2B 2cdb046af05803a1329b9d9f6e2ecba4dba77bc0c2da67cd29a3e1e3e4d1032a5dea771b5c4d9a63c57706fcf0adb809de3d6668411f0db64b58f4420b536f9e SHA512 b29e2aebdc0af45e96a0111933cdcb17f5227520c7be159f3bbf8c940f71cca2d688207b7a1d18087182f321c77c0fa168f3e0fe99b2b01afff1ddad2c9ce9cf
DIST kup-0.3.6.tar.xz 41404 BLAKE2B 7c4187032b3d29ea06ddeaea813370e5a68fa94c9b85dbd92930651ad52ea103a98be26bae32b9120d136d3558b27c29323191aab36a895e4b040eb8fd83d12f SHA512 136cd179abb6b658050cd51f00a4cee2b9022b40ce17c9e50290fcdd2303de2ca21a64569b4af6a46db88959812200b3654fce06a0b3c081af0c89b5db2ded20
EBUILD kup-0.3.4-r1.ebuild 515 BLAKE2B ec22f6dd6ba9347b637488218e512065e695b39b5d65d32b6f36522b91739d42eeaae1222a62f43e892cc48e29921cd3a6509880c7d0936958a2ed121750cd02 SHA512 fae116c9765f4f084a760d537d94c8e2135e91b3c569a3bb2dc969905ea8bfa42ad2cacf75b22deb2353c0d66d0be50e00df4b05a7de5206fdd3def36b569820
+EBUILD kup-0.3.6-r1.ebuild 849 BLAKE2B 1ccc10d9a3d200d57c1263152368b0e1cf20890f259c6c5f2f8b517c239f9791c5dfe21de10e3757f24cb234dd8a9439b7e198a04e232aae7a1cf40ee20d0d39 SHA512 d530879cb2fec78aaf3fcf8a1f98c5e699b5fe591115a17d525f77ad22e5ae53eaf7f18f67b0a94f7b11c21a461f5719c7eec26eb99aef5468210da4ddd26550
EBUILD kup-0.3.6.ebuild 514 BLAKE2B 6ffb4c9664fd181db4edc57594da35c8029c5ca8469c267778137c12e929c55db5388708e1aee5ae9b77b2f3452ec6fbed09e1709283e68cdae49daf63a58bb1 SHA512 3b8cc256ff972e1be0378cda0c9e0a16af2f09796d10a0ae4a2f0d72d2661968240a38cd6cba6af79c182d2e46c1ba5e21675548f9b5fa555658cfe901f3bfdb
-MISC metadata.xml 225 BLAKE2B 1702b2df6fd2eeef541d05e9f87af1d901036a8b9f91f497007c6e3e1f587b0a30d63e0f5334a5f61b86cec471042853c82e68302a85d1ad4cb7f149fc3aef59 SHA512 9af880d61ecd66710680d94dec379665673167f3af0839dd4134c85f4b9ef1f77862d4d25f97625bc9c40df0615b81a2ba6364c6eef8e749dec7c073aeb51646
+MISC metadata.xml 404 BLAKE2B 083eaefae2551560e31d574cc0786c0b48ed76bdc5ea4940c12639bb1fa52cdf8da46d12a3e70e8a3fb90e327f5212f68e93db345f82f047fc20de5c41743185 SHA512 221b6489b35d49b1e941ffc7e49449ec433726b20bff67beed4f183104d3f7a24c95d3aa4851df3906309e90c0d80c7a85a3dfe810d58018bc67738729cc3576
diff --git a/dev-util/kup/files/kup-server-gitolite-subcmd.patch b/dev-util/kup/files/kup-server-gitolite-subcmd.patch
new file mode 100644
index 000000000000..89ea3ff02bf3
--- /dev/null
+++ b/dev-util/kup/files/kup-server-gitolite-subcmd.patch
@@ -0,0 +1,242 @@
+Upstream kup provided this patch, that was apparently written by the Gitolite
+author.
+
+--- standard/kup-server 2017-03-28 13:01:24.000000000 -0400
++++ gitolite/kup-server 2018-03-26 15:01:20.000000000 -0400
+@@ -1,4 +1,4 @@
+-#!/usr/bin/perl -T
++#!/usr/bin/perl
+ ## -----------------------------------------------------------------------
+ ##
+ ## Copyright 2011 Intel Corporation; author: H. Peter Anvin
+@@ -68,12 +68,20 @@
+
+ use Digest::SHA;
+
+-my $VERSION = '0.3.6';
+-
+-# Scrub the environment completely
+-%ENV = ('PATH' => '/bin:/usr/bin',
+- 'LANG' => 'C',
+- 'SHELL' => '/bin/false'); # Nothing in this program should shell out
++use lib $ENV{GL_LIBDIR};
++use Gitolite::Easy;
++use Gitolite::Conf::Load;
++
++my $VERSION = '0.3.6 (gitolite integrated)';
++
++# Scrub the environment completely, except gitolite variables and HOME
++{
++ my %env = %ENV;
++ %ENV = ('PATH' => '/bin:/usr/bin',
++ 'LANG' => 'C',
++ 'SHELL' => '/bin/false'); # Nothing in this program should shell out
++ $ENV{$_} = $env{$_} for ('HOME', grep(/^GL_/, keys %env));
++}
+
+ # The standard function to call on bail
+ sub fatal($) {
+@@ -88,16 +96,7 @@
+ }
+
+ sub my_username() {
+- my $whoami = getuid();
+- my ($name,$passwd,$uid,$gid,$quota,$comment,$gcos,$dir,$shell,$expire) = getpwuid($whoami);
+-
+- if (!defined($name) || $whoami != $uid) {
+- # We haven't called openlog() yet so we need to do it here
+- openlog("kup-server($whoami)", 'ndelay,pid', LOG_LOCAL5);
+- fatal("You don't exist, go away!");
+- }
+-
+- return (defined($name) && $whoami == $uid) ? $name : $whoami;
++ return $ENV{GL_USER};
+ }
+
+ my $user_name = my_username();
+@@ -106,7 +105,7 @@
+
+
+ # Get config values from kup-server.cfg
+-my $cfg_file = '/etc/kup/kup-server.cfg';
++my $cfg_file = '/var/lib/gitolite3/.gitolite/local-code/configs/kup-server.cfg';
+
+ my $cfg = new Config::Simple($cfg_file);
+
+@@ -371,6 +370,51 @@
+ return 1;
+ }
+
++# kup-server may "read" files from the kup data_path, or repos. If a repo is
++# supplied, we assume it's a gitolite repo and check access accordingly (while
++# remembering that kup seems to add a leading slash). If a repo is *not*
++# supplied, we assume we're talking about the kup data_path, which means we
++# make gitolite access rules from the "fake" repo called "@kup-server"
++sub read_allowed
++{
++ Gitolite::Common::trace( 1, 'read_allowed', @_ );
++ my $repo = shift || '@kup-server';
++
++ # gitolite expects a "normalised" repo name; no leading slash, no trailing ".git"
++ $repo =~ s(^/)(); $repo =~ s/\.git$//;
++
++ return can_read($repo);
++}
++
++# kup-server does not write to normal repos, it only writes to files in the
++# kup data_path. So we don't have to worry about any repo other than
++# "@kup-server", which is therefore hardcoded in here.
++sub write_allowed
++{
++ Gitolite::Common::trace( 1, 'write_allowed', @_ );
++ my($path, $perm) = @_;
++
++ # other values for perm are + (rm) and C (mkdir), analogous to gitolite's
++ # "+ means delete or rewind branch, C means create branch"
++ $perm ||= 'W';
++
++ my $repo = '@kup-server';
++
++ # the paths that gitolite expects start with "refs/heads/", since we are
++ # simply re-using the existing ACL for this. (But remember $path, in
++ # kup-land, already starts with a "/".)
++ $path = "refs/heads" . $path;
++
++ return can_write($repo, $perm, $path) ||
++ can_write($repo, $perm, "$path/");
++ # the second check is because, when specifying a permission on a directory
++ # in gitolite, you end with a "/", say "RW+C foo/ = user". To exercise
++ # that right, the user runs "kup mkdir foo" or "kup rm foo". This fails,
++ # because the regex "foo/" won't match. (In a *git* repo it doesn't
++ # matter, because git doesn't allow empty directories, so it never
++ # happens).
++}
++
+ # Return a percentage, valid even if the denominator is zero
+ sub percentage($$)
+ {
+@@ -526,6 +570,10 @@
+ fatal("Invalid pathname in TAR command");
+ }
+
++ if (!read_allowed($tree)) {
++ fatal("Read access denied");
++ }
++
+ if (!is_clean_string($prefix)) {
+ fatal("Invalid prefix string");
+ }
+@@ -569,6 +617,10 @@
+ fatal("Invalid pathname in DIFF command");
+ }
+
++ if (!read_allowed($tree)) {
++ fatal("Read access denied");
++ }
++
+ if ($tree !~ /\.git$/ || ! -d $git_path.$tree ||
+ ! -d $git_path.$tree.'/objects') {
+ fatal("No such git tree");
+@@ -788,8 +840,13 @@
+ or fatal("dup error");
+ close($devnull);
+
++ my $gpgvbin = '/opt/gnupg22/bin/gpgv';
++ if ( ! -x $gpgvbin) {
++ $gpgvbin = '/usr/bin/gpgv';
++ }
++
+ my $status =
+- system('/usr/bin/gpgv',
++ system($gpgvbin,
+ '--quiet',
+ '--homedir', $tmpdir,
+ '--keyring', $pgp_path."/${user_name}.gpg",
+@@ -839,6 +896,10 @@
+ fatal("Invalid filename in PUT command");
+ }
+
++ if (!write_allowed($file)) {
++ fatal("Write access denied");
++ }
++
+ my @install_ext;
+ my @conflic_ext;
+ my $stem;
+@@ -917,6 +978,10 @@
+ fatal("Invalid filename in MKDIR command");
+ }
+
++ if (!write_allowed($file, 'C')) {
++ fatal("MKDIR access denied");
++ }
++
+ my @badext = ('.sign', keys(%zformats));
+
+ foreach my $e (@badext) {
+@@ -991,6 +1056,16 @@
+ fatal("Invalid filename in $cmd command");
+ }
+
++ if ($cmd eq 'MOVE') {
++ if (!write_allowed($from, '+')) {
++ fatal("Delete (as part of MOVE) access denied");
++ }
++ }
++
++ if (!write_allowed($to)) {
++ fatal("Write access denied");
++ }
++
+ if ($from =~ /\.gz$/) {
+ if ($to !~ /\.gz$/) {
+ fatal("$cmd of .gz file must itself end in .gz");
+@@ -1093,6 +1168,10 @@
+ fatal("Invalid pathname in DELETE command");
+ }
+
++ if (!write_allowed($file, "+")) {
++ fatal("Delete access denied");
++ }
++
+ if ($file !~ /\.gz$/ &&
+ has_extension($file, '.sign', keys(%zformats))) {
+ fatal("DELETE of auxiliary files not supported");
+@@ -1222,6 +1301,10 @@
+
+ my($dir) = @args;
+
++ if (!read_allowed()) {
++ fatal("Read access denied");
++ }
++
+ # DIR / is permitted unlike any other command
+ $dir =~ s:/$::g;
+ if ($dir ne '' && !is_valid_filename($dir)) {
+@@ -1261,7 +1344,25 @@
+
+ sub do_info()
+ {
+- print "kup-server $VERSION\n";
++ print "kup-server $VERSION\n\n";
++
++ my %xlat = (
++ R => 'ls',
++ RW => 'put',
++ 'RW+' => 'put/rm/mv',
++ 'RWC' => 'put/mkdir',
++ 'RW+C' => 'put/rm/mv/mkdir',
++ '-' => '(denied)',
++ );
++ Gitolite::Conf::Load::load('@kup-server');
++ my @rules = Gitolite::Conf::Load::rules('@kup-server', $ENV{GL_USER});
++ for my $r (@rules) {
++ my ($dummy, $perm, $ref) = @$r;
++ $ref =~ s(^refs/heads/)();
++ $ref =~ s(/USER/)(/$ENV{GL_USER}/);
++ $ref = ($ref eq 'refs/.*') ? '/*' : '/' . $ref . '*';
++ printf "%-24s %s\n", ($xlat{$perm} || $perm), $ref;
++ }
+ }
+
+ sub get_command()
diff --git a/dev-util/kup/kup-0.3.6-r1.ebuild b/dev-util/kup/kup-0.3.6-r1.ebuild
new file mode 100644
index 000000000000..2dbef2793236
--- /dev/null
+++ b/dev-util/kup/kup-0.3.6-r1.ebuild
@@ -0,0 +1,38 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="kernel.org uploader tool"
+HOMEPAGE="https://www.kernel.org/pub/software/network/kup"
+SRC_URI="https://www.kernel.org/pub/software/network/kup/${P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+RDEPEND="
+ dev-lang/perl
+ dev-perl/BSD-Resource
+ dev-perl/Config-Simple"
+IUSE='gitolite'
+
+DOCS=( README )
+
+src_prepare() {
+ if use gitolite; then
+ cp -f "${S}/${PN}-server" "${S}/${PN}-server-gitolite"
+ patch "${S}/${PN}-server-gitolite" <"${FILESDIR}"/${PN}-server-gitolite-subcmd.patch || die
+ fi
+ default
+}
+
+src_install() {
+ dobin "${PN}" "${PN}-server" gpg-sign-all
+ doman "${PN}.1"
+ einstalldocs
+ if use gitolite; then
+ exeinto /usr/libexec/gitolite/commands/
+ newexe ${PN}-server-gitolite ${PN}-server
+ fi
+}
diff --git a/dev-util/kup/metadata.xml b/dev-util/kup/metadata.xml
index 2e859f1becb2..5a770bec41a7 100644
--- a/dev-util/kup/metadata.xml
+++ b/dev-util/kup/metadata.xml
@@ -4,4 +4,10 @@
<maintainer type="person">
<email>monsieurp@gentoo.org</email>
</maintainer>
+ <upstream>
+ <remote-id type="github">mricon/kup</remote-id>
+ </upstream>
+ <use>
+ <flag name="gitolite">Enable support for dev-vcs/gitolite in kup-server</flag>
+ </use>
</pkgmetadata>
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-22 20:54:25 +0000