A custom exception is nicer to handle in the caller.

Uploads that were 'skipped' should not be recorded in
signature_history as they will be repeocessed later.

Look in signature_history table if the changes was already seen to
prevent re-uploading old changes files.

textwrap.wrap is used by TransitionCheck.

lintian passes --no-check to dpkg-source by default since 2.5.15. There
is no longer a need to set undocumented environment variables.

The yaml.load() function can run arbitrary code, the safe_load() variant only
understands a safe subset of YAML which is enough for dak.

Reference: http://bugs.debian.org/717851

Many version checks fail because the uploaded version is identical to the one
already present. Make the message correct for that case as well.

Reference: <http://bugs.debian.org/710086#15>

Return the binary package name for the error message and not the package
object.

Give a proper error message if a source package includes an upstream
tarball, but doesn't have a Debian revision.

By default dpkg-source -x requires a valid signature, but uses different
keyrings than configured in dak. So this check can fail for signatures dak has
just verified as valid a bit earlier.

With this patch lintian will pass --no-check to dpkg-source to skip signature
(and checksum) verification.

As dak/examine_package.py is also used by process-new we cannot run
lintian unconditionally as the unprivileged user. Therefore move the
Unpriv{User,Group} setting from the database to a (group-specific)
dak.conf.

When moving the hash validation in e6b1c633
one occurrence of "what" was not changed to "filename".

drop usage of the DMUA flag, only use the new ACL set, as announced in
https://lists.debian.org/debian-devel-announce/2012/09/msg00012.html
and
https://lists.debian.org/debian-devel-announce/2012/09/msg00008.htmlSigned-off-by: NJoerg Jaspert <joerg@debian.org>

For now packages that use DMUA in the source package are still accepted.

There was one extra closing parens in a call to raise
RejectStupidMaintainerException (oops, stupid me), lets remove it.
Signed-off-by: NGergely Nagy <algernon@madhouse-project.org>

The external_files table is to be used by - for example -
security.d.o: we should export the files table to debian-security
under the disguised name of external_files.

We also introduce the use_extfiles setting, and a new check:
check.ExternalHashesCheck, which will compare the uploaded files
hashes to the external_files table, if that holds an entry for them.

It will only do that though, if the use_extfiles setting is on.
Signed-off-by: NGergely Nagy <algernon@madhouse-project.org>

Instead of setting the source within a for loop, set it outside, so it
does what it is supposed to do, instead of accidentally working
because self has a source field set too.
Signed-off-by: NGergely Nagy <algernon@madhouse-project.org>

allow our tempfile/tempdir generating function to chmod/chgrp the created
files/directories
use that to have the processed uploads and the lintian tagfile readable by
the dak-unpriv user/group
run lintian sudo-ed to dak-unpriv
Signed-off-by: NJoerg Jaspert <joerg@debian.org>

This way suite mappings will also be evaluated for the DM checks.

Bug: http://bugs.debian.org/685807