Secure testing commits - Sep 2005 - r1996 - lib/python

Author: fw
Date: 2005-09-15 10:41:24 +0000 (Thu, 15 Sep 2005)
New Revision: 1996

Modified:
   lib/python/bugs.py
   lib/python/security_db.py
Log:
Record whether a package note refers to a source or binary package.

lib/python/security_db.py (DB):
  Upgrade schema.  Add package_kind column to package_notes.
(DB.calculateVulnerabilities):
  Update and use package_kind.

lib/python/bugs.py (PackageNote, PackageNoteFromDB, BugFromDB):
  Add package_kind attribute.


Modified: lib/python/bugs.py
==================================================================---
lib/python/bugs.py	2005-09-15 10:19:03 UTC (rev 1995)
+++ lib/python/bugs.py	2005-09-15 10:41:24 UTC (rev 1996)
@@ -66,6 +66,7 @@
             raise ValueError, "invalid urgency"
         self.urgency = urgency
         self.bugs = []
+        self.package_kind = "unknown"
 
     def affects(self, version, release=None):
         """Returns true if this package note affects the given
version.
@@ -170,13 +171,15 @@
 
 class PackageNoteFromDB(PackageNote):
     def __init__(self, cursor, nid):
-        for bug_name, package, fixed_version, release, urgency \
+        for bug_name, package, fixed_version, release, urgency, package_kind\
             in cursor.execute\
-            ("""SELECT bug_name, package, fixed_version,
release, urgency
+            ("""SELECT bug_name, package, fixed_version,
release, urgency,
+            package_kind
             FROM package_notes WHERE id = ?""", (nid,)):
             PackageNote.__init__(package, fixed_version, release, urgency)
             self.id = nid
             self.bug_name = bug_name
+            self.package_kind = package_kind
             self.loadBugs(cursor)
             return
         raise ValueError, "invalid package note ID %d" % id
@@ -337,13 +340,15 @@
                 self.comments.append((t, c))
 
             # temporary list required because loadBugs needs the cursor
-            for nid, package, fixed_version, release, urgency \
+            for nid, package, fixed_version, release, urgency, package_kind \
                     in list(cursor.execute
-                ("""SELECT id, package, fixed_version, release,
urgency
+                ("""SELECT id, package, fixed_version, release,
urgency,
+                package_kind
                 FROM package_notes WHERE bug_name = ?""",
(name,))):
                 n = PackageNote(package, fixed_version, release, urgency)
                 n.id = nid
                 n.bug_name = name
+                n.package_kind = package_kind
                 n.loadBugs(cursor)
                 self.notes.append(n)
             return

Modified: lib/python/security_db.py
==================================================================---
lib/python/security_db.py	2005-09-15 10:19:03 UTC (rev 1995)
+++ lib/python/security_db.py	2005-09-15 10:41:24 UTC (rev 1996)
@@ -96,11 +96,13 @@
                           ''sarge'' :
''stable'',
                           ''woody'':
''oldstable''}
 
+        self.schema_version = 2
+
         c = self.cursor()
         for (v,) in c.execute("PRAGMA user_version"):
             if v == 0:
                 self.initSchema()
-            if v <> 1:
+            elif v <> self.schema_version:
                 raise SchemaMismatch, `v`
             return
         assert False
@@ -185,6 +187,7 @@
              CHECK (fixed_version IS NULL OR fixed_version <>
''''),
          fixed_version_id INTEGER NOT NULL DEFAULT 0,
          release TEXT NOT NULL,
+         package_kind TEXT NOT NULL DEFAULT ''unknown'',
          urgency TEXT NOT NULL)""")
         cursor.execute(
             "CREATE INDEX package_notes_bug ON
package_notes(bug_name)")
@@ -246,7 +249,7 @@
         # the application is started after the underlying error has
         # been fixed.
 
-        cursor.execute("PRAGMA user_version = 1")
+        cursor.execute("PRAGMA user_version = %d" %
self.schema_version)
 
     def filePrint(self, filename):
         """Returns a fingerprint string for
filename."""
@@ -714,7 +717,7 @@
 
         if self.verbose:
             print "calculateVulnerabilities:"
-            print "  check for version consistency in package notes"
+            print "  checking version consistency in package notes"
         for (bug_name, pkg_name, rel, unstable_ver, rel_ver) \
                 in list(cursor.execute(
         """SELECT a.bug_name, a.package, a.release,
@@ -785,6 +788,11 @@
                  OR p.release = (SELECT nickname FROM nicknames
                                  WHERE realname =
n.release))""")
 
+        cursor.execute(
+            """UPDATE package_notes SET package_kind =
''source''
+            WHERE EXISTS (SELECT * FROM source_package_status AS s
+                          WHERE s.note = package_notes.id)""")
+
         # Same story for binary packages.  We prefer source packages,
         # so we skip all notes which have already source packages
         # attached.
@@ -800,8 +808,7 @@
             AND (NOT EXISTS (SELECT * FROM tmp_bug_releases AS t
                             WHERE t.bug_name = n.bug_name
                             AND t.release = p.release))
-            AND (NOT EXISTS (SELECT * FROM source_package_status AS s
-                             WHERE s.package = p.rowid))""")
+            AND n.package_kind = ''unknown''""")
             
         if self.verbose:
             print "    binary packages (qualified)"
@@ -815,8 +822,7 @@
                  OR p.release = n.release || ''-security''
                  OR p.release = (SELECT nickname FROM nicknames
                                  WHERE realname = n.release))
-            AND (NOT EXISTS (SELECT * FROM source_package_status AS s
-                             WHERE s.package = p.rowid))""")
+            AND  n.package_kind =
''unknown''""")
 
         return