enable enforcing foreign keys
[~helmut/debian-dedup.git] / importpkg.py
1 #!/usr/bin/python
2
3 import hashlib
4 import sqlite3
5 import struct
6 import sys
7 import tarfile
8 import zlib
9
10 from debian.debian_support import version_compare
11 from debian import deb822
12 import lzma
13
14 from dedup.hashing import HashBlacklist, DecompressedHash, SuppressingHash, hash_file
15 from dedup.compression import GzipDecompressor, DecompressedStream
16 from dedup.image import ImageHash
17
18 class ArReader(object):
19     global_magic = b"!<arch>\n"
20     file_magic = b"`\n"
21
22     def __init__(self, fileobj):
23         self.fileobj = fileobj
24         self.remaining = None
25         self.padding = 0
26
27     def skip(self, length):
28         while length:
29             data = self.fileobj.read(min(4096, length))
30             if not data:
31                 raise ValueError("archive truncated")
32             length -= len(data)
33
34     def read_magic(self):
35         data = self.fileobj.read(len(self.global_magic))
36         if data != self.global_magic:
37             raise ValueError("ar global header not found")
38         self.remaining = 0
39
40     def read_entry(self):
41         self.skip_current_entry()
42         if self.padding:
43             if self.fileobj.read(1) != '\n':
44                 raise ValueError("missing ar padding")
45             self.padding = 0
46         file_header = self.fileobj.read(60)
47         if not file_header:
48             raise EOFError("end of archive found")
49         parts = struct.unpack("16s 12s 6s 6s 8s 10s 2s", file_header)
50         parts = [p.rstrip(" ") for p in parts]
51         if parts.pop() != self.file_magic:
52             raise ValueError("ar file header not found")
53         self.remaining = int(parts[5])
54         self.padding = self.remaining % 2
55         return parts[0] # name
56
57     def skip_current_entry(self):
58         self.skip(self.remaining)
59         self.remaining = 0
60
61     def read(self, length=None):
62         if length is None:
63             length = self.remaining
64         else:
65             length = min(self.remaining, length)
66         data = self.fileobj.read(length)
67         self.remaining -= len(data)
68         return data
69
70 class MultiHash(object):
71     def __init__(self, *hashes):
72         self.hashes = hashes
73
74     def update(self, data):
75         for hasher in self.hashes:
76             hasher.update(data)
77
78 boring_sha512_hashes = set((
79     # ""
80     "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
81     # "\n"
82     "be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09"))
83
84 def sha512_nontrivial():
85     return HashBlacklist(hashlib.sha512(), boring_sha512_hashes)
86
87 def gziphash():
88     hashobj = DecompressedHash(GzipDecompressor(), hashlib.sha512())
89     hashobj = SuppressingHash(hashobj, (ValueError, zlib.error))
90     hashobj.name = "gzip_sha512"
91     return HashBlacklist(hashobj, boring_sha512_hashes)
92
93 def imagehash():
94     hashobj = ImageHash(hashlib.sha512())
95     hashobj = SuppressingHash(hashobj, (ValueError,))
96     hashobj.name = "image_sha512"
97     return hashobj
98
99 def get_hashes(tar):
100     for elem in tar:
101         if not elem.isreg(): # excludes hard links as well
102             continue
103         hasher = MultiHash(sha512_nontrivial(), gziphash(), imagehash())
104         hasher = hash_file(hasher, tar.extractfile(elem))
105         for hashobj in hasher.hashes:
106             hashvalue = hashobj.hexdigest()
107             if hashvalue:
108                 yield (elem.name, elem.size, hashobj.name, hashvalue)
109
110 def process_package(db, filelike):
111     cur = db.cursor()
112     cur.execute("PRAGMA foreign_keys = ON;")
113     af = ArReader(filelike)
114     af.read_magic()
115     state = "start"
116     while True:
117         try:
118             name = af.read_entry()
119         except EOFError:
120             break
121         if name == "control.tar.gz":
122             if state != "start":
123                 raise ValueError("unexpected control.tar.gz")
124             state = "control"
125             tf = tarfile.open(fileobj=af, mode="r|gz")
126             for elem in tf:
127                 if elem.name != "./control":
128                     continue
129                 if state != "control":
130                     raise ValueError("duplicate control file")
131                 state = "control_file"
132                 control = tf.extractfile(elem).read()
133                 control = deb822.Packages(control)
134                 package = control["package"].encode("ascii")
135                 try:
136                     source = control["source"].encode("ascii").split()[0]
137                 except KeyError:
138                     source = package
139                 version = control["version"].encode("ascii")
140                 architecture = control["architecture"].encode("ascii")
141
142                 cur.execute("SELECT version FROM package WHERE package = ?;",
143                             (package,))
144                 row = cur.fetchone()
145                 if row and version_compare(row[0], version) > 0:
146                     return # already seen a newer package
147
148                 cur.execute("DELETE FROM content WHERE package = ?;",
149                             (package,))
150                 cur.execute("INSERT OR REPLACE INTO package (package, version, architecture, source) VALUES (?, ?, ?, ?);",
151                             (package, version, architecture, source))
152                 depends = control.relations.get("depends", [])
153                 depends = set(dep[0]["name"].encode("ascii")
154                               for dep in depends if len(dep) == 1)
155                 cur.execute("DELETE FROM dependency WHERE package = ?;",
156                             (package,))
157                 cur.executemany("INSERT INTO dependency (package, required) VALUES (?, ?);",
158                                 ((package, dep) for dep in depends))
159                 break
160             continue
161         elif name == "data.tar.gz":
162             tf = tarfile.open(fileobj=af, mode="r|gz")
163         elif name == "data.tar.bz2":
164             tf = tarfile.open(fileobj=af, mode="r|bz2")
165         elif name == "data.tar.xz":
166             zf = DecompressedStream(af, lzma.LZMADecompressor())
167             tf = tarfile.open(fileobj=zf, mode="r|")
168         else:
169             continue
170         if state != "control_file":
171             raise ValueError("missing control file")
172         for name, size, function, hexhash in get_hashes(tf):
173             try:
174                 name = name.decode("utf8")
175             except UnicodeDecodeError:
176                 print("warning: skipping filename with encoding error")
177                 continue # skip files with non-utf8 encoding for now
178             cur.execute("INSERT INTO content (package, filename, size, function, hash) VALUES (?, ?, ?, ?, ?);",
179                         (package, name, size, function, hexhash))
180         db.commit()
181         return
182     raise ValueError("data.tar not found")
183
184 def main():
185     db = sqlite3.connect("test.sqlite3")
186     process_package(db, sys.stdin)
187
188 if __name__ == "__main__":
189     main()