Age | Commit message (Collapse) | Author |
|
Time to add some new features to the main development branch.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
It is time to roll out 0.9.0 for wider use. Update requirements to the
latest supported and tested versions.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
It is a common request to be able to get a partial thread in case
someone submitted an auxiliary standalone patch in the middle of a
larger patch series. Passing the msgid of the start of the thread along
with --no-parent should tell b4 to break the thread at the start of the
message-id specified and only consider that message and its children.
Suggested-by: Mark Brown <broonie@kernel.org>
Link: https://lore.kernel.org/tools/YpTI9lhCfA7shi6j@sirena.org.uk/
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Minor nitpicking by PyCharm, but not completely unreasonable.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Sometimes the DKIM record will have the full email address instead of
just the @domainname.com part. For those cases, drop the local part so
we don't falsely claim domain mismatching during b4-am runs.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
When performing attestor identity comparisons, lowercase email addresses
and domain names for case-insensitive matching.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
b4's usage of git-log '--branches' option is broken. The option takes a
glob pattern *only* and must have an '=', but b4 ends up passing
'--branches <guessbranch>' to git-log. This will kind of work, but is
not checking only 'guessbranch'. For example, these 3 commands all do
something different:
git log -1 --branches=master
git log -1 --branches master
git log -1 --branches=*aster
A maintainer wanting to apply a patch or series likely has a small set of
known branches they apply patches to. Using a glob pattern is not a good
fit for that. Instead, allow --guess-branch to be repeated and to take
fixed refs.
Signed-off-by: Rob Herring <robh@kernel.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Link: https://lore.kernel.org/r/20220331195346.1384515-1-robh@kernel.org
|
|
On lore.kernel.org we provide a unified index of all mailing lists in
/all/, which removes the need to perform a redirect lookup when querying
by message-id. However, some public-inbox instances may not have that,
so we still need to be able to fall back to that redirect lookup. Adapt
a patch from Rob Herring to support both situations.
Link: https://lore.kernel.org/tools/20220225031135.4136158-1-robh@kernel.org/
Suggested-by: Rob Herring <robh@kernel.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Sometimes folks indent their trailers with whitespace, so relax the
rules to recognize this situation. In theory, this shouldn't introduce
false-positives.
Suggested-by: Rob Herring <robh@kernel.org>
Link: https://lore.kernel.org/r/20211214214327.4003631-1-robh@kernel.org
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Instead of hardcoding the logic to bail at all presence of control
characters, soften it a bit to only error out when we see the presence
of Cfs in the absence of any other character from a non-latin character
set in the same line.
Additionally, show exactly where the Cfs were found when printing out
the error message.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Implement initial support for checking if the patch message contains
unicode control characters that can be used to trick code reviewer into
accepting maliciously formatted code.
Link: https://lore.kernel.org/tools/20211101175020.5r4cwmy4qppi7dis@meerkat.local/
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
There appears to be a bug in smtplib that doesn't properly support 8-bit
content even when upstream SMTP gateway supports 8BITMIME (they all do,
it's not 90s any more). Work around this by passing the message payload
as bytes instead of string.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
I'm felling comfortable that "b4 ty" is sufficiently mature at this
point to implement sending thank-yous directly. This is only the initial
implementation that covers only the very basic parts of git's sendemail
configuration options, but this should actually cover 90% of cases if
not more.
One important caveat -- I moved the "b4 ty -s" flag to be "b4 ty -t" in
order to disambiguate it from the capital -S (that actually does the
sending). Since "b4 ty" is still marked as an experimental feature, I
feel we can do this without much impact.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
If b4 doesn't have an explicit keyringsrc configured, attempt to fetch
it from patatt configuration instead. This avoids some very confusing
situations where patatt would validate and b4 would reject. (I had an
expired pubkey in my gpg default keyring, but the same pubkey had an
updated expiration date in patatt's keyring.)
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Link: https://lore.kernel.org/r/20211007165551.2312946-1-keescook@chromium.org
|
|
Allow people to set up their own preferred merge templates, using the
netdev standard as default.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
By popular demand, provide a way to apply series straight to a git
repository. By default, we're still going the safest possible route:
- create a sparse worktree consisting just of the files being modified
- run "git am" against the temporary worktree
- if "git am" went well, fetch from the temporary worktree into our
current tree and leave everything in FETCH_HEAD
- unless we're running "b4 shazam -A" in which case we just apply to the
current HEAD (exact equivalent of b4 am -o- | git am)
Further changes to come based on feedback.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
New version of lore.kernel.org is live today, so release the version of
b4 that works best with it.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
When generating am-ready patch series, separate each standard body part
with a single pair of newlines regardless of how many the original
message contained.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Extindex allows us to get rid of a couple of kludges:
- we no longer need to manually backfill, as /all/ contains all sources
- we can just query /all/ for new series
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
We want to dedupe all threads we retrieve from public-inbox, so do this
in the central place instead of only when doing get_strict_tread().
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Instead of relying on DKIM validation, use list-id preference when
dealing with multiple messages matching the same message-id. We may
end up adding an attestation check to it as well in the future.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
With newer lore.kernel.org and /all/, we get duplicate messages when
message bodies are different due to one of the messages passing through
a DKIM-compliant list, and another one through something that injects
in-body or in-subject junk. When dealing with duplicates, check both for
DKIM status and prefer the message that actually passes DKIM validation.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Sometimes the encoding indicated in the header lies and it's not actualy
that codepage at all. When that happens, just replace errors and
continue.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
When the mbox and am subcommands grab a message ID from the mbox
on stdin, they call message_from_bytes(), which in turn calls
BytesParser().parsebytes(s).
parsebytes() has a headersonly parameter that can be used to tell it
to stop parsing after reading the headers. The headers are all that's
needed here, so use BytesParser directly and set headersonly.
Signed-off-by: Kyle Meyer <kyle@kyleam.com>
Link: https://lore.kernel.org/tools/20210717164836-mutt-send-email-mst@kernel.org/
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
The mbox, am, and pr subcommands accept an mbox on stdin and extract
the message ID. When stdin.read() is called, Python assumes the
encoding is locale.getpreferredencoding(False). This may not match
the content encoding, leading to a decoding error.
Instead feed the stdin bytes to message_from_bytes(), which leads to a
decode('ASCII', errors='surrogateescape') underneath. That's
sufficient to get the message ID from the ASCII headers.
Reported-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Kyle Meyer <kyle@kyleam.com>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Drop anything in the body below "-- " before parsing the contents for
trailers. This won't catch all possible situations, as the "-- "
standard is a bit of a dying standard, so add a list of known baddies
like "Phone:" and "Email:" that are likely to trip us up.
Reported-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Link: https://lore.kernel.org/tools/20210719213535.vw3u4yg5mgxqysaf@pengutronix.de/
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
With multiple git worktrees, '.git' can be a file pointing to the real
'.git' directory, so the current check for a directory is too strict.
Signed-off-by: Rob Herring <robh@kernel.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Link: https://lore.kernel.org/r/20210621204335.1627303-1-robh@kernel.org
|
|
Use --all by default, instead of limiting ourselves just to the current
HEAD. This is actually a faster operation, because we don't have to
pre-filter results.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Based on some feedback, attempt to reimplement --guess-base by looking
at the file index hashes and using --find-object to locate when they
were last changed. We limit this using --since and --until, so that we
aren't trying to look through the entire history of the repo. For the
--until date, we take the date of the patch. For the --since date, we
take the timedelta using the number of days specified by
--guess-lookback (default is 14 days).
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
We already do this automatically elsewhere, so this causes a problem if
we do it again.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
In order to avoid some of the more obscure charset encoding problems, we
switched to using as_string() for generating messages before saving them
in an mbox file. However, this uncovered a bug where the unixfrom was
not actually generated and saved, despite as_bytes() and as_string()
supposedly behaving identically.
See:
https://docs.python.org/3/library/email.message.html#email.message.EmailMessage.as_string
This commit fixes the problem by properly setting the unixfrom and using
the recommended (and hopefully less buggy) email.generator interface
when saving mailboxes.
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Since we're not caring about 2.x compatibility, pytest seems to be a
good candidate for this job. Obviously, there's a lot of ground to
cover, but the goal is to do all future modifications with tests added
so we can reduce regressions.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
When returning sloppy trailers, make sure we always return a 4-member
list, which includes the provenant LoreMessage itself.
Reported-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
This moves maildir saving code into __init__.py so that we can benefit
from it via other subcommands, such as pr.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
PyCharm is unhappy with PEP conformance, so shuffle things around a bit
to satisfy it.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
We can pass a logger object to dkim.verify() which will be used to
report internal errors and debugging info. This can be helpful when
investigating DKIM verification issues but is probably not wanted during
normal operation so the log level of each message is reset to DEBUG.
Each message is also prefixed with 'DKIM: ' to identify its origin when
debug output is enabled.
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Link: https://lore.kernel.org/r/20210607100252.8253-3-paul@pbarker.dev
|
|
As recently found in patatt [1], mail gateways and archivers may mangle
headers like DKIM-Signature if they are sent as an excessively long
line. An example of this occuring was found when the DKIM-Signature
header generated by Microsoft Office 365 collided with the
header re-encoding performed by lists.sr.ht when generating mbox
archive files. This encoding causes dkim.verify() to fail.
The Python email.header module provides the decode_header() and
make_header() functions which can be used to handle MIME encoded-word
syntax or other header manglings which may occur. Fixing up the header
content using these functions before calling dkim.verify() allows the
verification to succeed.
[1]: https://lore.kernel.org/tools/20210531140539.7630-1-paul@pbarker.dev/
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Link: https://lore.kernel.org/r/20210607100252.8253-2-paul@pbarker.dev
|
|
When we discover that a message can only be attested after we trim the
body, we *must* set the body to that version, otherwise an attacker
could append arbitrary content past the l= value boundary. We already do
this in the current form, but we weren't properly handing in-body
headers like From: and Subject: that are used to indicate to git the
patch author vs. committer.
This patch set fixes that and also streamlines a few other places where
we were already relying on git mailinfo calls.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Before:
✓ [PATCH v2 1/8] selftests/x86: Test signal frame XSTATE header corruption handling
✓ [PATCH v2 2/8] x86/fpu: Prevent state corruption in __fpu__restore_sig()
✓ [PATCH 3/8] x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
✓ [PATCH 4/8] x86/fpu: Limit xstate copy size in xstateregs_set()
✓ [PATCH v2 5/8] x86/fpu: Sanitize xstateregs_set()
✓ [PATCH 6/8] x86/fpu: Add address range checks to copy_user_to_xstate()
✓ [PATCH 7/8] x86/fpu: Clean up the fpu__clear() variants
✓ [PATCH 8/8] x86/fpu: Deduplicate copy_xxx_to_xstate()
After:
✓ [PATCH v2 1/8] selftests/x86: Test signal frame XSTATE header corruption handling
✓ [PATCH v2 2/8] x86/fpu: Prevent state corruption in __fpu__restore_sig()
✓ [PATCH v1->v2 3/8] x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
✓ [PATCH v1->v2 4/8] x86/fpu: Limit xstate copy size in xstateregs_set()
✓ [PATCH v2 5/8] x86/fpu: Sanitize xstateregs_set()
✓ [PATCH v1->v2 6/8] x86/fpu: Add address range checks to copy_user_to_xstate()
✓ [PATCH v1->v2 7/8] x86/fpu: Clean up the fpu__clear() variants
✓ [PATCH v1->v2 8/8] x86/fpu: Deduplicate copy_xxx_to_xstate()
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
When a message has a developer signature but is failing the signature
check, rerun it again with trim_body. If that passes, we know that the
signature is failing due to mailing list junk appended to the bottom of
the message. In that case, automatically trim the message body so we
have exactly what the developer attested and signed.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
The cache aging for threads was not running resulting in failures to
fetch new messages in threads. Fix the empty cache check which should
be for no '.msgs' directories.
Fixes: 4950093c0c3e ("Don't use mboxo for anything")
Signed-off-by: Rob Herring <robh@kernel.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Link: https://lore.kernel.org/r/20210601200835.940887-1-robh@kernel.org
|
|
save_git_am_mbox() replaces 'From mboxrd@z ' with 'From git@z ' to
make it clear that the output format is not mboxrd. However, all
occurrences in the message are replaced, corrupting patches that
contain 'From mboxrd@z '. Restrict the replacement to the first line
of the message.
Signed-off-by: Kyle Meyer <kyle@kyleam.com>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Link: https://lore.kernel.org/r/20210528042635.24959-1-kyle@kyleam.com
|
|
I think we are ready to go with the 0.7.0 release. There's always more
tweaks to add, but at this point we can benefit from wider usage.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
When the signature is validated using the default keyring, run an
additional check on the UIDs and show the discrepancy if the identity
used in the X-Developer-Signature header is different from the UIDs we
have on the key.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
The newer version of public-inbox is not injecting its own List-Archive
headers, so stop relying on it for any purpose.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Be a bit more discerning about the header matches for lore.kernel.org.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Our version of public-inbox still adds List-* headers of its own. This
is gone in the newer version, so strip these in hopes that this helps
verify more DKIM signatures.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
A series may not have a cover letter, so properly handle that situation.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
When processing -P_, filter by that msgid (and its follow-ups) early on,
instead of parsing the entire thread and only then looking for matches.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Per discussion on the users list, add initial support for the
"Obsoleted-by" trailer that points at the new revision for the series
instead of doing a blind match by subject+from.
Probably buggy and needs better support for series number collisions
(right now we don't check if the newly retrieved series has a revision
number greater than the revision we already have).
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|