initial sync from svn; added .hg-keepme files to otherwise empty directories because hg would drop those
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/add-missing-orig Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,41 @@
+#!/usr/bin/perl
+
+# some packages list the orig.tar.gz in the source package,
+# but not in the changes file; reprepro will complain later if
+# it cant find the file in the pool; we include the .dsc to
+# make sure that the orig.tar.gz is there
+
+use strict;
+use warnings;
+
+my $incoming = "/home/apt/incoming";
+my $repo = "/home/apt/repo";
+my $cc = "/usr/bin/changestool";
+my $cs = "gpg --clearsign";
+
+my @changes = qw(
+cyrus-imapd-2.2_2.2.13-6.ius.stable_i386.changes
+drbdlinks_1.09-1~ius.3_i386.changes
+exigrey_0.1-3_i386.changes
+interchange_5.5.1-1.ius.etch.1_i386.changes
+libnet-pcap-perl_0.12-hs.1_i386.changes
+libnss-ldap_238-1.schlittermann.1_i386.changes
+);
+
+for (@changes) {
+
+ my $c = "$incoming/$_";
+ my $cmd;
+
+ print "Attempting to add missing upstream sources for [$c] .. ";
+ $cmd = "$cc $c includeallsources";
+ system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+ print "done\n";
+
+ print "Attempting to sign updated changes file [$c] .. ";
+ $cmd = "$cs $c";
+ system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+ rename("$c.asc", $c) or warn "rename([$c.asc], [$c]) failed: [$!]\n";
+ print "done\n";
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/fix-all-necessary Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,5 @@
+~/bin/add-missing-orig
+~/bin/sign-unsigned-changes
+~/bin/sign-unsigned-dsc-and-changes
+~/bin/resign-revoked
+~/bin/resign-expired
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/fix-sections Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,97 @@
+#!/usr/bin/perl
+
+use strict;
+
+use IO::File;
+use File::Find;
+use File::Basename;
+
+my $build_dir = "/home/apt/build";
+my $invalid_sections = "unknown";
+my $default_section = "misc";
+my $sign_with = 'me@debrep.vbox.hurz.is.schlittermann.de';
+my $sections = {
+ '^nagios' => 'net',
+ '^exi(acl|grey)$' => 'mail',
+ '^ha-sync$' => 'admin',
+ '^ca-certificates' => 'misc',
+ '^firestart$' => 'admin',
+ '^logbuch$' => 'admin',
+ '^sitecp$' => 'web',
+ '^texmf' => 'tex',
+ '^schlittermann-apt-keys$' => 'net',
+ '^update-serial$' => 'net'
+};
+
+my @tofix;
+-d $build_dir or mkdir $build_dir or die "Can't mkdir [$build_dir]: $!";
+chdir $build_dir or die "Can't chdir [$build_dir]: $!";
+
+#find(\&f, qw(/home/apt/incoming/));
+
+for my $cf (@tofix) {
+ print "Attempting to fix Sections for [$cf] .. ";
+ $cf =~ /^(.+\/)?(.+)_([^-]+)(-(.+))?_(.+).changes$/;
+ my ($p, $v, $r, $a) = ($2, $3, $5, $6);
+
+ my $ra = qx/dpkg --print-architecture/;
+ chomp $ra;
+ unless ($a eq $ra) {
+ warn "skipping foreign arch [$a]\n";
+ next;
+ }
+
+ (my $sf = $cf) =~ s/_[0-9a-z]+\.changes$/.dsc/;
+ system("dpkg-source -x $sf") == 0 or warn "[dpkg-source -x $sf] failed: $?\n";
+ chdir "$p-$v" or warn "Can't chdir [$p-$v]: $!\n";
+ if ("$p-$v" =~ /nagios-plugin-ntp-1.0$/) {
+ chmod 0755, "configure" or warn "Can't chmod 0755, [$p-$v/configure]: $!\n";
+ }
+ {
+ local $/;
+ my $fh = new IO::File "< debian/control" or warn "Can't open [< debian/control]: $!\n";
+ my $c = <$fh>;
+ close $fh or warn "Can't close [$fh]: $!\n";
+ my $s;
+ for (keys %{$sections}) {
+ if ($p =~ /$_/) {
+ $s = $sections->{$_};
+ last;
+ }
+ }
+ $s ||= $default_section;
+ $c =~ s/(\n)?section:\s+$invalid_sections\n/${1}Section: $s\n/i;
+ $fh = new IO::File "> debian/control" or warn "Can't open [> debian/control]: $!\n";
+ print $fh $c;
+ close $fh or warn "Can't close [$fh]: $!\n";
+ }
+
+ system("dpkg-buildpackage -k$sign_with -rfakeroot") == 0 or warn "[dpkg-buildpackage -k$sign_with -rfakeroot] failed: $?\n";
+ chdir ".." or warn "Can't chdir [..]: $!\n";
+ (my $uf = basename($cf)) =~ s/.changes$/.upload/;
+ -e $uf and { unlink $uf or warn "Can't unlink [$uf]: $!\n" };
+ system("dupload " . basename($cf)) == 0 or warn "[dupload $cf] failed: $?\n";
+
+ print "finished\n";
+}
+
+=pod
+sub f {
+
+ /\.changes$/ or return;
+
+ my $f = $_;
+ my $fh = new IO::File "< $f";
+ warn "Can't open [< $f]: $!\n" unless defined $fh;
+ while (<$fh>) {
+ chomp;
+ my $s;
+ if (/([0-9a-fA-F]{32}) ([0-9]+) ([a-z]+) ([a-z]+) (.+)$/ && ($s = $3) =~ /$invalid_sections/) {
+ push @tofix, $File::Find::name;
+ close $fh or warn "Can't close [$fh]: $!\n";
+ return;
+ }
+ }
+ close $fh or warn "Can't close [$fh]: $!\n";
+}
+=cut
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/rebuild-unsigned-dsc Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,105 @@
+#!/usr/bin/perl
+
+# Some source packages come unsigned. This wouldnt be a problem if it wouldnt
+# cause reprepro to spit messages like: 'Data seems not to be signed trying to
+# use directly...' which may be confusing when you think that it is related to
+# a changes file
+# play with -d option of dpkg-buildpackage to either show unmet build deps and
+# fail or to hide and try to ignore them
+use strict;
+
+die 'dont use me, use sign-unsigned-dsc-and-changes instead';
+
+use IO::File;
+use File::Basename;
+use Symbol qw(gensym);
+
+my $build_dir = "/home/apt/build";
+my $sign_with = 'me@debrep.vbox.hurz.is.schlittermann.de';
+my @unsigned = qw(
+
+ /home/apt/incoming/nagios-client-check_1.4.5-1_i386.changes
+ /home/apt/incoming/freeradius_1.0.0+cvs20040609-0.hs_i386.changes
+
+);
+
+my $vc = "gpg --verify";
+my $cc = "gpg --clearsign";
+
+-d $build_dir or mkdir $build_dir or die "Can't mkdir [$build_dir]: $!";
+chdir $build_dir or die "Can't chdir [$build_dir]: $!";
+
+for my $cf (@unsigned) {
+
+ (my $sf = $cf) =~ s/_[0-9a-z]+\.changes$/.dsc/;
+
+ # we assume that the dsc has been successfully rebuilt when its signature can
+ # be verified
+ my $r = qx/$vc $sf 2>&1/;
+ next unless $?;
+
+ print "Attempting to rebuild unsigned [$sf] ... ";
+
+ $cf =~ /^(.+\/)?(.+)_([^-]+)(-(.+))?_(.+).changes$/;
+ my ($p, $v, $r, $a) = ($2, $3, $5, $6);
+
+ my $ra = qx/dpkg --print-architecture/;
+ chomp $ra;
+ unless ($a eq $ra) {
+ warn "skipping foreign arch [$a]\n";
+ next;
+ }
+
+ system("dpkg-source -x $sf") == 0 or warn "[dpkg-source -x $sf] failed: $?\n";
+ chdir "$p-$v" or warn "Can't chdir [$p-$v]: $!\n";
+
+ apply_patches($sf);
+
+ my $cmd = "dpkg-buildpackage -d -k$sign_with -rfakeroot";
+ system($cmd) == 0 or warn "[$cmd] failed: $?\n";
+ chdir ".." or warn "Can't chdir [..]: $!\n";
+ (my $uf = basename($cf)) =~ s/.changes$/.upload/;
+ -e $uf and { unlink $uf or warn "Can't unlink [$uf]: $!\n" };
+ system("dupload " . basename($cf)) == 0 or warn "[dupload $cf] failed: $?\n";
+
+ print "finished\n";
+}
+
+sub apply_patches($) {
+
+ my ($f) = @_;
+
+ if ($f eq "/home/apt/incoming/freeradius_1.0.0+cvs20040609-0.hs.dsc") {
+ my $ch = gensym;
+ my $cmd = "|patch -p0";
+ open $ch, $cmd or warn "Can't run [$cmd]: $!\n";
+ print $ch <<EOP;
+--- src/modules/rlm_x99_token/x99_rlm.c.orig 2004-02-26 20:04:37.000000000 +0100
++++ src/modules/rlm_x99_token/x99_rlm.c 2009-06-15 11:12:48.000000000 +0200
+@@ -516,9 +516,7 @@
+ return RLM_MODULE_INVALID;
+ }
+
+- /* Fast path if we didn't protect the state. */
+- if (!(user_info.card_id & X99_CF_AM))
+- goto good_state;
++ if (user_info.card_id & X99_CF_AM) {
+
+ /* Verify the state. */
+ (void) memset(challenge, 0, sizeof(challenge));
+@@ -544,8 +542,8 @@
+ "auth: bad state for [%s]: expired", username);
+ return RLM_MODULE_REJECT;
+ }
+-good_state:
+- /* State is good! */
++
++ }
+
+ } else {
+ /* This should only happen if the authorize code didn't run. */
+EOP
+ close $ch or warn "Can't close [$ch]: $!\n";
+ }
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/resign-expired Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,31 @@
+#!/usr/bin/perl
+
+use strict;
+use File::Find;
+use File::Temp;
+
+$ENV{LANG} = "POSIX";
+my $vc = qq(gpg --verify);
+my $dc = qq(gpg --batch --yes --decrypt);
+my $cc = qq(gpg --batch --yes --clearsign);
+#my $expired = "Hinweis: Dieser Schlüssel ist verfallen!";
+my $expired = "Note: This key has expired!";
+
+find(\&f, qw(/home/apt/incoming/));
+
+sub f {
+
+ /\.changes$/ or return;
+ my $f = $_;
+ my $r = qx/$vc $f 2>&1/;
+ return if $?;
+ $r =~ /$expired/ || return;
+ print "Attempting to resign [$f] .. ";
+ my $t = File::Temp->new()->filename();
+ my $cmd = "$dc -o $t $f &>/dev/null";
+ open PIPE, "$cmd |" or warn "Can't open [$cmd |]: [$?] [$!]\n";
+ $cmd = "$cc -o $f $t";
+ open PIPE, "$cmd |" or warn "Can't open [$cmd |]: [$?] [$!]\n";
+ print "finished\n";
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/resign-revoked Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,30 @@
+#!/usr/bin/perl
+
+use strict;
+use File::Find;
+use File::Temp;
+
+my $incoming = "/home/apt/incoming";
+
+my @tofix = qw(
+
+ send-config_1.0-1_i386.changes
+
+);
+
+my $dc = qq(gpg --batch --yes --decrypt);
+my $cc = qq(gpg --batch --yes --clearsign);
+
+for (@tofix) {
+
+ my $f = "$incoming/$_";
+
+ print "Attempting to resign [$f] .. ";
+ my $t = File::Temp->new()->filename();
+ my $cmd = "$dc -o $t $f &>/dev/null";
+ open PIPE, "$cmd |" or warn "Can't open [$cmd |]: [$?] [$!]\n";
+ $cmd = "$cc -o $f $t";
+ open PIPE, "$cmd |" or warn "Can't open [$cmd |]: [$?] [$!]\n";
+ print "finished\n";
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/rpi Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,410 @@
+#!/usr/bin/perl
+
+use warnings;
+use strict;
+
+use IO::File;
+use IPC::Run qw(run);
+use Mail::Sendmail;
+use Sys::Hostname::Long;
+
+=head1 Name
+
+rpi - a wrapper around B<reprepro processincoming>
+
+=head1 Description
+
+Until B<reprepro> supports a better mechanism for sending notifications for
+rejected packages we just execute B<reprepro processincoming> and parse its
+stdout and its stderr. Everything matching C<$important> patterns will be sent
+to either the signer of the changes file, the changer (from the B<Changed-By>
+field if present) or the maintainer (from the B<Maintainer> field). Depending
+on the type of message suggestions for problem resolution may be added. To
+enable us to determine which message relates to which .changes file we need a
+patched B<reprepro>:
+
+ --- incoming.c.orig 2009-06-11 10:48:27.000000000 +0200
+ +++ reprepro-3.5.2/incoming.c 2009-06-11 14:29:28.000000000 +0200
+ @@ -1854,6 +1854,8 @@
+ for( j = 0 ; j < i->files.count ; j ++ ) {
+ const char *basename = i->files.values[j];
+ size_t l = strlen(basename);
+ + char *fullfilename;
+ +
+ #define C_SUFFIX ".changes"
+ #define C_LEN strlen(C_SUFFIX)
+ if( l <= C_LEN || strcmp(basename+(l-C_LEN),C_SUFFIX) != 0 )
+ @@ -1861,7 +1863,16 @@
+ if( changesfilename != NULL && strcmp(basename, changesfilename) != 0 )
+ continue;
+ /* a .changes file, check it */
+ + fullfilename = calc_dirconcat(i->directory, i->files.values[j]);
+ + if( fullfilename == NULL ) {
+ + result = RET_ERROR_OOM;
+ + continue;
+ + }
+ + printf("processing changesfile '%s'\n", fullfilename);
+ + fprintf(stderr, "processing changesfile '%s'\n", fullfilename);
+ r = process_changes(database, dereferenced, i, j);
+ + printf("changesfile '%s' done\n", fullfilename);
+ + fprintf(stderr, "changesfile '%s' done\n", fullfilename);
+ RET_UPDATE(result, r);
+ }
+
+To avoid possibly bothering random people we can limit possible recipients with
+a regular expression in C<$valid_receivers>. Any output matching the
+C<$unimportant> regular expression will not be sent to anyone. If we cant
+determine anyone to send the notification to we will try to send it to the
+C<$fallback> address. Anything matching none of the defined patterns will be
+sent to the C<$fallback> address too. Everything will be printed to stdout.
+
+=cut
+
+my $hostname = hostname_long;
+for (*STDERR, *STDOUT) { select $_; $|=1; }
+
+# see man reprepro
+# used as argument to the -b option of reprepro
+my $repo = "$ENV{HOME}/repo";
+
+# the ruleset to use for processincoming
+my $ruleset = "ius";
+
+# the actual reprepro command to execute
+my @cmd = ('/usr/bin/reprepro', '-b', $repo, 'processincoming', $ruleset);
+
+# wont send any notification mails to anyone not matching this regexp
+my $valid_receivers = '[@.]schlittermann.de>?$';
+
+# anything noteworthy not sent to anyone else will be sent here; does not need
+# to match $valid_receivers
+my $fallback = "apt\@$hostname";
+
+# any output not matching any of the defined patterns will be logged here if
+# defined, dont forget to also pass the write mode, fex: "> /path/to/file" if
+# you want to overwrite it or ">> /path/to/file" if you want to append to it
+my $log_uncaught;
+$log_uncaught = ">> $ENV{HOME}/var/log/reprepro/uncaught";
+
+# raw command output will be logged here if defined, dont forget the write mode
+# - see $log_uncaught
+my $log_raw;
+$log_raw = ">> $ENV{HOME}/var/log/reprepro/raw";
+
+# anything that would be sent to the signer/changer/maintainer goes to
+# $fallback instead if this is set
+my $dont_send_to_real_uploader = 1;
+
+# prototypes for message handling routines
+sub m_mismatch($);
+sub m_missingfile($$$);
+sub m_mayexist($$$);
+sub m_allskipped($);
+sub m_equal_or_newer($$);
+sub m_unsigned($);
+sub m_asis();
+
+# prototypes for other routines
+sub parse_incoming($);
+sub uploader($);
+sub run_command_and_parse_output($$$$$$);
+sub parse_output($$$$$$$$);
+sub sendmails($$$$);
+
+# anything matching these is considered noteworthy and should be sent to someone
+my $important = {
+ qq{^File "([^"]+)" is already registered with different checksums!} => \&m_mismatch,
+ "^file '([^']+)' is needed for '([^']+)', not yet registered in the pool and not found in '([^']+)'\$" => \&m_missingfile,
+ "^Warning: trying to put version '([^']+)' of '([^']+)' in '([^']+)',\$" => \&m_mayexist,
+ "^Skipping ([^ ]+) because all packages are skipped!\$" => \&m_allskipped,
+ "^Data seems not to be signed trying to use directly...\$" => \&m_unsigned,
+ "^ERROR: File '([^']+)' does not match expextations:\$" => \&m_asis,
+ "^Not putting '([^']+)' in '([^']+)' as already in there with equal or newer version.\$" => \&m_equal_or_newer
+};
+
+# anything matching these will not be sent to anyone
+my $unimportant = '^'
+ . ( join '|',
+ "Exporting indices...",
+ "while there already is '[^']+' in there.",
+ "(md5|sha(1|256)) expected: [[:xdigit:]]{32,}, got: [[:xdigit:]]{32,}",
+ "size expected: \\d+, got: \\d+",
+ "There have been errors!")
+ . '$';
+
+my $rci = "$repo/conf/incoming";
+my $i = parse_incoming($rci)->{$ruleset}->{'IncomingDir'};
+die "Can't find IncomingDir for ruleset [$ruleset] in configuration file: [$rci]\n" unless defined $i;
+
+# we need to determine uploaders before running reprepro, because it will
+# remove the *.changes files before we are going to parse its output
+my $uploaders = { map { $_ => uploader($_) } glob("$i/*.changes") };
+my $messages = run_command_and_parse_output([@cmd], $uploaders, $important, $unimportant, $log_uncaught, $log_raw);
+sendmails($messages, $valid_receivers, $fallback, $hostname);
+
+# determine 'uploader' of changes file; 'uploader' means here: either the
+# signer of the changes file or the changer or the maintainer in that order of
+# preference; the 'changer' means what is extracted from the 'Changed-By' field
+# of the .changes file if present; 'maintainer' will be extracted from the
+# 'Maintainer' field if necessary; nothing will be returned if the signature
+# verification command fails for some reason
+sub uploader($) {
+ my ($c) = @_;
+ my $vc = "LANG=POSIX /usr/bin/gpg --verify $c 2>&1";
+
+ my @r = qx{$vc};
+
+ if ($?) {
+ warn "[$0]: [$vc] failed: [$!] [$?]\n";
+ return;
+ }
+
+ for (@r) {
+ return "$1" if /^gpg: Good signature from "(.+)"$/;
+ }
+
+ my $e;
+ my $fh = new IO::File "< $c" or warn "[$0]: Can't open [< $c]: $!\n";
+ while (<$fh>) {
+ if (/^Changed-By:\s*(\S.+\S)\s*$/) {
+ $e = $1; last;
+ }
+ $e = $1 if /^Maintainer:\s*(\S.+\S)\s*$/
+ }
+ close $fh or warn "[$0]: Can't close [$fh]: $!\n";
+
+ return $e;
+
+}
+
+# checksum mismatch
+sub m_mismatch($) {
+ return "Try to remove the offending lines from the changesfile or just rebuild with dpkg-buildpackage -B\n";
+}
+
+# missingfile
+sub m_missingfile($$$) {
+ my ($m, $i, $c) = @_;
+ my $t = $m =~ /\.orig\.tar\.gz$/ ? "Try to rebuild with dpkg-buildpackage -sa or do 'changestool <.changes-filename> includeallsources' and resign the changesfile afterwards\n" : '';
+ #print "MISSINGFILE: [$c], [$t]\n";
+ return $t;
+}
+
+# mayexist
+sub m_mayexist($$$) {
+ # package & version are confused in reprepro output
+ # currently (3.5.2-6)
+ # my ($p, $v, $cca) = @_;
+ # $cca =~ /^[^|]+\|[^|]+\|([^|]+)$/;
+
+ #print "MAYEXIST: [$c], [package ..]\n";
+ return "package may be already present with higher version\n";
+}
+
+# allskipped
+sub m_allskipped($) {
+ #print "ALLSKIPPED: [$_[0]], [nüx ..]\n";
+ return "package may be already present with same or higher version\n";
+}
+
+# equal or newer
+sub m_equal_or_newer($$) {
+ #print "EQUAL_OR_NEWER: [$_[0]], [nüx ..]\n";
+ return '';
+}
+
+# unsigned
+sub m_unsigned($) { return 'You may want to check whether both the .changes and the .dsc file are signed'; }
+
+# return empty string
+sub m_asis() { return ''; }
+
+# parse conf/incoming, return ref to hash:
+# { name1 => { field11 => value11, field12 => value12, ... },
+# { name2 => { field21 => value21, ... }, ...
+sub parse_incoming($) {
+
+ my ($cf) = @_;
+ my ($name, $conf);
+ my $fh = new IO::File "< $cf" or warn "Can't open [< $cf]: $!";
+
+ while (<$fh>) {
+
+ if (/^(\S+)\s*:\s*(\S+)\s/) {
+
+ if ($1 eq 'Name') {
+ $name = $2;
+ $conf->{$name} = {};
+ } else {
+ warn "Undefined Name\n" unless defined $name;
+ $conf->{$name}->{$1} = $2;
+ }
+
+ }
+
+ }
+ close $fh or warn "Can't close [$fh]: $!\n";
+
+ return $conf;
+
+}
+
+# run the command and parse its output
+sub run_command_and_parse_output($$$$$$) {
+
+ my @cmd = @{shift()};
+ my ($u, $important, $unimportant, $luname, $lrname) = @_;
+
+ my ($ih, $oh, $eh);
+
+ run \@cmd, \$ih, \$oh, \$eh or warn "running [@cmd] returned: [$?] [$!]\n";
+
+ my ($ln, $lh);
+ $ln = { uncaught => $luname, raw => $lrname };
+
+ for (keys %{$ln}) {
+ if (defined $ln->{$_}) {
+ $lh->{$_} = new IO::File $ln->{$_} or warn "Can't open [$ln->{$_}]: $!\n";
+ }
+ }
+
+ my $messages = parse_output([@cmd], $oh, $eh, $u, $important, $unimportant, $lh->{'uncaught'}, $lh->{'raw'});
+
+ for (keys %{$lh}) {
+ if (defined $lh->{$_}) {
+ close $lh->{$_} or warn "Can't close [$lh->{$_}]: $!";
+ }
+ }
+
+ return $messages;
+
+}
+
+# parse the commands output extract messages matching the defined patterns from
+# stdout/err, add suggestions for problem resolution if possible and try to
+# assign it to an uploader
+sub parse_output($$$$$$$$) {
+
+ my @cmd = @{shift()};
+ my ($oh, $eh, $u, $important, $unimportant, $uncaught, $raw) = @_;
+
+ my ($m, $c, $f);
+
+ $f = 'fallback';
+
+ LINE:
+ for my $line (split /\n/, $oh . $eh) {
+
+ $line .= "\n";
+ print "[@cmd]: $line";
+ print $raw $line if defined $raw;
+
+ # try to determine uploader
+ if ($line =~ /^processing changesfile '([^']+)'$/) {
+ $c = $1;
+ $u = $uploaders->{$c};
+ unless (defined $u) {
+
+ $u = $f;
+ my $w = "Won't send notification for [$i/$c] because i couldn't determine any uploader to sent it to.\n";
+ $m->{$u} //= '';
+ $m->{$u} .= "[$c]: $w";
+ warn "[$0]: $w";
+
+ }
+
+ next LINE;
+
+ }
+
+ # done with that changesfile
+ if ($line =~ /^changesfile '[^']+' done$/) {
+ undef $c;
+ $u = $f;
+ next LINE;
+ }
+
+ # anything matching $important should be sent to someone
+ for (keys(%{$important})) {
+ if ($line =~ $_) {
+ my $t = $important->{$_}->($1, $2, $3, $4, $5, $6, $7, $8, $9);
+ if (defined $u) {
+ $m->{$u} = '' unless defined $m->{$u};
+ $m->{$u} .= "[$c]: $line";
+ $m->{$u} .= $t if defined $t;
+ $m->{$u} .= "\n";
+ }
+ next LINE;
+ }
+
+ }
+
+ # unimportant stuff?
+ next LINE if $line =~ /$unimportant/;
+
+ # everything not matching any other pattern
+ $m->{$f} = '' unless defined $m->{$f};
+ $m->{$f} .= "[uncaught line]: $line\n";
+
+ print $uncaught $line if defined $uncaught;
+
+ }
+
+ return $m;
+
+}
+
+# send the notification mails
+sub sendmails($$$$) {
+
+ my ($messages, $valid_receivers, $fallback, $hostname) = @_;
+
+ my $from = "$ENV{LOGNAME}\@$hostname";
+ my $mfb = $messages->{'fallback'};
+
+ for my $u (keys %{$messages}) {
+
+ next if $u eq 'fallback';
+
+ if ($u =~ $valid_receivers) {
+
+ my ($msg, $to) = ($messages->{$u}, $u);
+ ($msg, $to) = ("[This is just a test mail to you. If this wasn't a test mail, then it should have been sent to [$u]]\n\n" . $messages->{$u}, $fallback) if $dont_send_to_real_uploader;
+
+ sendmail(From => $from,
+ Subject => "[apt] Possible Problem importing your changes",
+ To => $to,
+ Message => $msg);
+ print "[$0]: ", $Mail::Sendmail::log, "\n";
+ warn "[$0]: ", $Mail::Sendmail::error, "\n" if $Mail::Sendmail::error;
+
+ } else {
+
+ my $w = "Won't send notification: invalid receiver [$u]\n\n";
+ $mfb //= ''; $mfb .= $w; $mfb .= ">>>\n[$messages->{$u}]\n<<<\n\n";
+ warn "[$0]: $w";
+
+ }
+
+ }
+
+ if (defined $mfb) {
+
+ sendmail(From => $from,
+ Subject => "[apt] Possible Problem processing incoming",
+ To => $fallback,
+ Message => $mfb);
+ print "[$0]: ", $Mail::Sendmail::log, "\n";
+ warn "[$0]: ", $Mail::Sendmail::error, "\n" if $Mail::Sendmail::error;
+
+ }
+
+}
+
+sub BEGIN {
+ print "[$0]: Started at ", scalar localtime, "\n";
+}
+
+sub END {
+ print "[$0]: Finished at ", scalar localtime, "\n";
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/sign-unsigned-changes Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,30 @@
+#!/usr/bin/perl
+
+use strict;
+use File::Find;
+
+my $incoming = "/home/apt/incoming";
+
+my @unsigned = qw(
+
+ freeradius_1.0.0+cvs20040609-0.hs.5_i386.changes
+
+);
+
+my $vc = "gpg --verify";
+my $cc = "gpg --clearsign";
+
+for (@unsigned) {
+
+ my $f = "$incoming/$_";
+
+ # since we use a fixed list of unsigned files we shouldnt sign them twice
+ my $r = qx/$vc $f 2>&1/;
+ next unless $?;
+
+ print "Attempting to sign [$f] .. ";
+ system("$cc $f") == 0 or warn "system([$cc] [$f]) failed: [$?] [$!]\n";
+ rename("$f.asc", $f) or warn "rename([$f.asc], [$f]) failed: [$!]\n";
+ print "finished\n";
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/sign-unsigned-dsc-and-changes Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,54 @@
+#!/usr/bin/perl
+
+# Some source packages come unsigned. This wouldnt be a problem if it wouldnt
+# cause reprepro to spit messages like: 'Data seems not to be signed trying to
+# use directly...' which may be confusing when you think that it is related to
+# a changes file
+use strict;
+
+use IO::File;
+use File::Basename;
+use Symbol qw(gensym);
+
+my $arch = 'i386';
+my $incoming = "/home/apt/incoming";
+
+my @unsigned = qw(
+
+ nagios-client-check_1.4.5-1.dsc
+ freeradius_1.0.0+cvs20040609-0.hs.dsc
+ libnss-ldap_238-1.schlittermann.1.dsc
+
+);
+
+my $cv = "/usr/bin/gpg --verify";
+my $cc = "/usr/bin/gpg --clearsign";
+my $cu = "/usr/bin/changestool";
+
+for (@unsigned) {
+
+ my $cmd;
+
+ my $sf = "$incoming/$_";
+ (my $cf = $sf) =~ s/\.dsc$/_${arch}.changes/;
+
+ # we assume that the changes have been successfully resigned too when the dsc
+ # files can be verified
+ my $r = qx/$cv $sf 2>&1/;
+ next unless $?;
+
+ print "Attempting to sign [$sf] .. ";
+ $cmd = "$cc $sf";
+ system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+ rename("$sf.asc", $sf) or warn "rename([$sf.asc], [$sf]) failed: [$!]\n";
+ print "finished\n";
+
+ print "Attempting to update and sign [$cf] .. ";
+ $cmd = "$cu $cf updatechecksums $sf";
+ system("$cmd") == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+ $cmd = "$cc $cf";
+ system($cmd) == 0 or warn "[system($cmd)] failed: [$?] [$!]\n";
+ rename("$cf.asc", $cf) or warn "rename([$cf.asc], [$cf]) failed: [$!]\n";
+ print "finished\n";
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/packages-old Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,206 @@
+dists/stable/main/binary-amd64/Packages:Package: ca-certificates-schlittermann
+dists/stable/main/binary-amd64/Packages:Package: cyrus-admin-2.2
+dists/stable/main/binary-amd64/Packages:Package: cyrus-doc-2.2
+dists/stable/main/binary-amd64/Packages:Package: cyrus22-admin
+dists/stable/main/binary-amd64/Packages:Package: cyrus22-doc
+dists/stable/main/binary-amd64/Packages:Package: ddns
+dists/stable/main/binary-amd64/Packages:Package: drbdlinks
+dists/stable/main/binary-amd64/Packages:Package: exiacl
+dists/stable/main/binary-amd64/Packages:Package: exigrey
+dists/stable/main/binary-amd64/Packages:Package: ferm
+dists/stable/main/binary-amd64/Packages:Package: finch-dev
+dists/stable/main/binary-amd64/Packages:Package: firestart
+dists/stable/main/binary-amd64/Packages:Package: ha-sync
+dists/stable/main/binary-amd64/Packages:Package: havp
+dists/stable/main/binary-amd64/Packages:Package: interchange-cat-standard
+dists/stable/main/binary-amd64/Packages:Package: interchange-ui
+dists/stable/main/binary-amd64/Packages:Package: ius.upgrade
+dists/stable/main/binary-amd64/Packages:Package: libpurple-bin
+dists/stable/main/binary-amd64/Packages:Package: libpurple-dev
+dists/stable/main/binary-amd64/Packages:Package: logbuch
+dists/stable/main/binary-amd64/Packages:Package: nagios-client-check
+dists/stable/main/binary-amd64/Packages:Package: nagios-passivist
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-amanda
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-antivir
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-aptkeys
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-avwebgate
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-cert
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-check-exim
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-exim
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-hddtemp
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-mailq
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-ntp
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-raid
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-rsnapshot
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugin-spamd
+dists/stable/main/binary-amd64/Packages:Package: nagios-plugins-exim
+dists/stable/main/binary-amd64/Packages:Package: pidgin-data
+dists/stable/main/binary-amd64/Packages:Package: pidgin-dev
+dists/stable/main/binary-amd64/Packages:Package: qfoot
+dists/stable/main/binary-amd64/Packages:Package: schlittermann-apt-keys
+dists/stable/main/binary-amd64/Packages:Package: schlittermann-ssh-keys
+dists/stable/main/binary-amd64/Packages:Package: send-config
+dists/stable/main/binary-amd64/Packages:Package: sitecp
+dists/stable/main/binary-amd64/Packages:Package: texmf-ius
+dists/stable/main/binary-amd64/Packages:Package: update-serial
+dists/stable/main/binary-i386/Packages:Package: ca-certificates-schlittermann
+dists/stable/main/binary-i386/Packages:Package: cyrus-admin-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-clients-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-common-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-dev-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-doc-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-imapd-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-murder-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-nntpd-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus-pop3d-2.2
+dists/stable/main/binary-i386/Packages:Package: cyrus22-admin
+dists/stable/main/binary-i386/Packages:Package: cyrus22-clients
+dists/stable/main/binary-i386/Packages:Package: cyrus22-common
+dists/stable/main/binary-i386/Packages:Package: cyrus22-dev
+dists/stable/main/binary-i386/Packages:Package: cyrus22-doc
+dists/stable/main/binary-i386/Packages:Package: cyrus22-imapd
+dists/stable/main/binary-i386/Packages:Package: cyrus22-murder
+dists/stable/main/binary-i386/Packages:Package: cyrus22-pop3d
+dists/stable/main/binary-i386/Packages:Package: ddns
+dists/stable/main/binary-i386/Packages:Package: drbdlinks
+dists/stable/main/binary-i386/Packages:Package: exiacl
+dists/stable/main/binary-i386/Packages:Package: exigrey
+dists/stable/main/binary-i386/Packages:Package: ferm
+dists/stable/main/binary-i386/Packages:Package: finch
+dists/stable/main/binary-i386/Packages:Package: finch-dev
+dists/stable/main/binary-i386/Packages:Package: firestart
+dists/stable/main/binary-i386/Packages:Package: ha-sync
+dists/stable/main/binary-i386/Packages:Package: interchange
+dists/stable/main/binary-i386/Packages:Package: interchange-cat-standard
+dists/stable/main/binary-i386/Packages:Package: interchange-ui
+dists/stable/main/binary-i386/Packages:Package: ius.upgrade
+dists/stable/main/binary-i386/Packages:Package: libcyrus-imap-perl22
+dists/stable/main/binary-i386/Packages:Package: libpurple-bin
+dists/stable/main/binary-i386/Packages:Package: libpurple-dev
+dists/stable/main/binary-i386/Packages:Package: libpurple0
+dists/stable/main/binary-i386/Packages:Package: logbuch
+dists/stable/main/binary-i386/Packages:Package: nagios-client-check
+dists/stable/main/binary-i386/Packages:Package: nagios-passivist
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-amanda
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-antivir
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-aptkeys
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-avwebgate
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-cert
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-check-exim
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-exim
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-hddtemp
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-mailq
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-ntp
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-raid
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-rsnapshot
+dists/stable/main/binary-i386/Packages:Package: nagios-plugin-spamd
+dists/stable/main/binary-i386/Packages:Package: nagios-plugins-exim
+dists/stable/main/binary-i386/Packages:Package: pidgin
+dists/stable/main/binary-i386/Packages:Package: pidgin-data
+dists/stable/main/binary-i386/Packages:Package: pidgin-dbg
+dists/stable/main/binary-i386/Packages:Package: pidgin-dev
+dists/stable/main/binary-i386/Packages:Package: schlittermann-apt-keys
+dists/stable/main/binary-i386/Packages:Package: schlittermann-ssh-keys
+dists/stable/main/binary-i386/Packages:Package: send-config
+dists/stable/main/binary-i386/Packages:Package: sitecp
+dists/stable/main/binary-i386/Packages:Package: texmf-ius
+dists/stable/main/binary-i386/Packages:Package: update-serial
+dists/stable/main/source/Sources:Package: ca-certificates-schlittermann
+dists/stable/main/source/Sources:Package: cyrus-imapd-2.2
+dists/stable/main/source/Sources:Package: cyrus22-imapd
+dists/stable/main/source/Sources:Package: ddns
+dists/stable/main/source/Sources:Package: drbdlinks
+dists/stable/main/source/Sources:Package: exiacl
+dists/stable/main/source/Sources:Package: exigrey
+dists/stable/main/source/Sources:Package: ferm
+dists/stable/main/source/Sources:Package: firestart
+dists/stable/main/source/Sources:Package: ha-sync
+dists/stable/main/source/Sources:Package: havp
+dists/stable/main/source/Sources:Package: interchange
+dists/stable/main/source/Sources:Package: ius.upgrade
+dists/stable/main/source/Sources:Package: logbuch
+dists/stable/main/source/Sources:Package: nagios-client-check
+dists/stable/main/source/Sources:Package: nagios-passivist
+dists/stable/main/source/Sources:Package: nagios-plugin-amanda
+dists/stable/main/source/Sources:Package: nagios-plugin-antivir
+dists/stable/main/source/Sources:Package: nagios-plugin-aptkeys
+dists/stable/main/source/Sources:Package: nagios-plugin-avwebgate
+dists/stable/main/source/Sources:Package: nagios-plugin-cert
+dists/stable/main/source/Sources:Package: nagios-plugin-check-exim
+dists/stable/main/source/Sources:Package: nagios-plugin-exim
+dists/stable/main/source/Sources:Package: nagios-plugin-hddtemp
+dists/stable/main/source/Sources:Package: nagios-plugin-mailq
+dists/stable/main/source/Sources:Package: nagios-plugin-ntp
+dists/stable/main/source/Sources:Package: nagios-plugin-raid
+dists/stable/main/source/Sources:Package: nagios-plugin-rsnapshot
+dists/stable/main/source/Sources:Package: nagios-plugin-spamd
+dists/stable/main/source/Sources:Package: nagios-plugins-exim
+dists/stable/main/source/Sources:Package: pidgin
+dists/stable/main/source/Sources:Package: qfoot
+dists/stable/main/source/Sources:Package: schlittermann-apt-keys
+dists/stable/main/source/Sources:Package: schlittermann-ssh-keys
+dists/stable/main/source/Sources:Package: send-config
+dists/stable/main/source/Sources:Package: sitecp
+dists/stable/main/source/Sources:Package: texmf-ius
+dists/stable/main/source/Sources:Package: update-serial
+dists/testing/main/binary-amd64/Packages:Package: exiacl
+dists/testing/main/binary-amd64/Packages:Package: ha-sync
+dists/testing/main/binary-amd64/Packages:Package: update-serial
+dists/testing/main/binary-i386/Packages:Package: exiacl
+dists/testing/main/binary-i386/Packages:Package: ha-sync
+dists/testing/main/binary-i386/Packages:Package: libalarm-perl
+dists/testing/main/binary-i386/Packages:Package: libnet-pcap-perl
+dists/testing/main/binary-i386/Packages:Package: pemtrans
+dists/testing/main/binary-i386/Packages:Package: texmf-ius
+dists/testing/main/binary-i386/Packages:Package: update-serial
+dists/testing/main/source/Sources:Package: exiacl
+dists/testing/main/source/Sources:Package: ha-sync
+dists/testing/main/source/Sources:Package: libalarm-perl
+dists/testing/main/source/Sources:Package: libnet-pcap-perl
+dists/testing/main/source/Sources:Package: pemtrans
+dists/testing/main/source/Sources:Package: texmf-ius
+dists/testing/main/source/Sources:Package: update-serial
+dists/unstable/main/binary-amd64/Packages:Package: cyrus22-admin
+dists/unstable/main/binary-amd64/Packages:Package: cyrus22-doc
+dists/unstable/main/binary-amd64/Packages:Package: exiacl
+dists/unstable/main/binary-amd64/Packages:Package: firestart
+dists/unstable/main/binary-amd64/Packages:Package: freeradius-dialupadmin
+dists/unstable/main/binary-amd64/Packages:Package: nagios-client-check
+dists/unstable/main/binary-amd64/Packages:Package: nagios-plugin-check-iface
+dists/unstable/main/binary-amd64/Packages:Package: qfoot
+dists/unstable/main/binary-amd64/Packages:Package: schlittermann-ssh-keys
+dists/unstable/main/binary-amd64/Packages:Package: send-config
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-admin
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-clients
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-common
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-dev
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-doc
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-imapd
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-murder
+dists/unstable/main/binary-i386/Packages:Package: cyrus22-pop3d
+dists/unstable/main/binary-i386/Packages:Package: exiacl
+dists/unstable/main/binary-i386/Packages:Package: firestart
+dists/unstable/main/binary-i386/Packages:Package: freeradius
+dists/unstable/main/binary-i386/Packages:Package: freeradius-dialupadmin
+dists/unstable/main/binary-i386/Packages:Package: freeradius-iodbc
+dists/unstable/main/binary-i386/Packages:Package: freeradius-krb5
+dists/unstable/main/binary-i386/Packages:Package: freeradius-ldap
+dists/unstable/main/binary-i386/Packages:Package: freeradius-mysql
+dists/unstable/main/binary-i386/Packages:Package: freeradius-postgresql
+dists/unstable/main/binary-i386/Packages:Package: libnss-ldap
+dists/unstable/main/binary-i386/Packages:Package: nagios-client-check
+dists/unstable/main/binary-i386/Packages:Package: nagios-plugin-check-iface
+dists/unstable/main/binary-i386/Packages:Package: schlittermann-ssh-keys
+dists/unstable/main/binary-i386/Packages:Package: send-config
+dists/unstable/main/binary-i386/Packages:Package: texmf-ius
+dists/unstable/main/source/Sources:Package: cyrus22-imapd
+dists/unstable/main/source/Sources:Package: exiacl
+dists/unstable/main/source/Sources:Package: firestart
+dists/unstable/main/source/Sources:Package: freeradius
+dists/unstable/main/source/Sources:Package: libnss-ldap
+dists/unstable/main/source/Sources:Package: nagios-client-check
+dists/unstable/main/source/Sources:Package: nagios-plugin-check-iface
+dists/unstable/main/source/Sources:Package: qfoot
+dists/unstable/main/source/Sources:Package: schlittermann-ssh-keys
+dists/unstable/main/source/Sources:Package: send-config
+dists/unstable/main/source/Sources:Package: texmf-ius
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/pub/debian-ius Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,1 @@
+.
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/repo/conf/distributions Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,29 @@
+Origin: ius
+Suite: stable
+Codename: lenny
+Architectures: amd64 i386 source
+Components: main non-free contrib
+Description: ius specific (or backported) packages
+SignWith: yes
+Uploaders: uploaders
+Log: /home/apt/var/log/reprepro/lenny
+
+Origin: ius
+Suite: testing
+Codename: squeeze
+Architectures: amd64 i386 source
+Components: main non-free contrib
+Description: ius specific (or backported) packages
+SignWith: yes
+Uploaders: uploaders
+Log: /home/apt/var/log/reprepro/squeeze
+
+Origin: ius
+Suite: unstable
+Codename: sid
+Architectures: amd64 i386 source
+Components: main non-free contrib
+Description: ius specific (or backported) packages
+SignWith: yes
+Uploaders: uploaders
+Log: /home/apt/var/log/reprepro/sid
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/repo/conf/incoming Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,8 @@
+Name: ius
+# processincoming is nonrecursive
+IncomingDir: /home/apt/incoming
+TempDir: /home/apt/repo/tmp
+Allow: stable>lenny testing>squeeze unstable>sid
+Default: lenny
+Permit: older_version
+Cleanup: on_error
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/repo/conf/uploaders Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,1 @@
+allow * by any key
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/repo/dists Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,1 @@
+../pub/dists
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/repo/pool Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,1 @@
+../pub/pool
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/reprepro-3.5.2-incoming.c.diff Fri Jul 03 15:23:10 2009 +0200
@@ -0,0 +1,28 @@
+--- incoming.c.orig 2009-06-11 10:48:27.000000000 +0200
++++ reprepro-3.5.2/incoming.c 2009-06-11 14:29:28.000000000 +0200
+@@ -1854,6 +1854,8 @@
+ for( j = 0 ; j < i->files.count ; j ++ ) {
+ const char *basename = i->files.values[j];
+ size_t l = strlen(basename);
++ char *fullfilename;
++
+ #define C_SUFFIX ".changes"
+ #define C_LEN strlen(C_SUFFIX)
+ if( l <= C_LEN || strcmp(basename+(l-C_LEN),C_SUFFIX) != 0 )
+@@ -1861,7 +1863,16 @@
+ if( changesfilename != NULL && strcmp(basename, changesfilename) != 0 )
+ continue;
+ /* a .changes file, check it */
++ fullfilename = calc_dirconcat(i->directory, i->files.values[j]);
++ if( fullfilename == NULL ) {
++ result = RET_ERROR_OOM;
++ continue;
++ }
++ printf("processing changesfile '%s'\n", fullfilename);
++ fprintf(stderr, "processing changesfile '%s'\n", fullfilename);
+ r = process_changes(database, dereferenced, i, j);
++ printf("changesfile '%s' done\n", fullfilename);
++ fprintf(stderr, "changesfile '%s' done\n", fullfilename);
+ RET_UPDATE(result, r);
+ }
+