def _generate_metadata_kind(filename, targets=None, qa_group=None, affidavit=None):
""" Generates AppStream metadata of a specific kind """
db = LvfsDatabase(os.environ)
db_firmware = LvfsDatabaseFirmware(db)
items = db_firmware.get_items()
store = appstream.Store('lvfs')
for item in items:
# filter
if item.target == 'private':
continue
if targets and item.target not in targets:
continue
if qa_group and qa_group != item.qa_group:
continue
# add each component
for md in item.mds:
component = appstream.Component()
component.id = md.cid
component.kind = 'firmware'
component.name = md.name
component.summary = md.summary
component.description = md.description
if md.url_homepage:
component.urls['homepage'] = md.url_homepage
component.metadata_license = md.metadata_license
component.project_license = md.project_license
component.developer_name = md.developer_name
# add provide
if md.guid:
prov = appstream.Provide()
prov.kind = 'firmware-flashed'
prov.value = md.guid
component.add_provide(prov)
# add release
if md.version:
rel = appstream.Release()
rel.version = md.version
rel.description = md.release_description
if md.release_timestamp:
rel.timestamp = md.release_timestamp
rel.checksums = []
rel.location = 'https://secure-lvfs.rhcloud.com/downloads/' + item.filename
rel.size_installed = md.release_installed_size
rel.size_download = md.release_download_size
rel.urgency = md.release_urgency
component.add_release(rel)
# add container checksum
if md.checksum_container:
csum = appstream.Checksum()
csum.target = 'container'
csum.value = md.checksum_container
csum.filename = item.filename
rel.add_checksum(csum)
# add content checksum
if md.checksum_contents:
csum = appstream.Checksum()
csum.target = 'content'
csum.value = md.checksum_contents
csum.filename = md.filename_contents
rel.add_checksum(csum)
# add screenshot
if md.screenshot_caption:
ss = appstream.Screenshot()
ss.caption = md.screenshot_caption
if md.screenshot_url:
im = appstream.Image()
im.url = md.screenshot_url
ss.add_image(im)
component.add_screenshot(ss)
# add component
store.add(component)
# dump to file
if not os.path.exists(DOWNLOAD_DIR):
os.mkdir(DOWNLOAD_DIR)
filename = os.path.join(DOWNLOAD_DIR, filename)
store.to_file(filename)
# upload to the CDN
blob = open(filename, 'rb').read()
_upload_to_cdn(filename, blob)
# generate and upload the detached signature
if affidavit:
blob_asc = affidavit.create(blob)
_upload_to_cdn(filename + '.asc', blob_asc)
def upload():
""" Upload a .cab file to the LVFS service """
# only accept form data
if request.method != 'POST':
return redirect(url_for('.index'))
# not correct parameters
if not 'target' in request.form:
return error_internal('No target')
if not 'file' in request.files:
return error_internal('No file')
# can the user upload directly to stable
if request.form['target'] in ['stable', 'testing']:
if not session['qa_capability']:
return error_permission_denied('Unable to upload to this target as not QA user')
# check size < 50Mb
fileitem = request.files['file']
if not fileitem:
return error_internal('No file object')
data = fileitem.read()
if len(data) > 50000000:
return error_internal('File too large, limit is 50Mb', 413)
if len(data) == 0:
return error_internal('File has no content')
if len(data) < 1024:
return error_internal('File too small, mimimum is 1k')
# check the file does not already exist
db = LvfsDatabase(os.environ)
db_firmware = LvfsDatabaseFirmware(db)
fwid = hashlib.sha1(data).hexdigest()
try:
item = db_firmware.get_item(fwid)
except CursorError as e:
return error_internal(str(e))
if item:
return error_internal("A firmware file with hash %s already exists" % fwid, 422)
# parse the file
arc = cabarchive.CabArchive()
try:
if os.path.exists(CABEXTRACT_CMD):
arc.set_decompressor(CABEXTRACT_CMD)
arc.parse(data)
except cabarchive.CorruptionError as e:
return error_internal('Invalid file type: %s' % str(e), 415)
except cabarchive.NotSupportedError as e:
return error_internal('The file is unsupported: %s' % str(e), 415)
# check .inf exists
fw_version_inf = None
fw_version_display_inf = None
cf = arc.find_file("*.inf")
if cf:
if cf.contents.find('FIXME') != -1:
return error_internal("The inf file was not complete; "
"Any FIXME text must be replaced with the correct values.")
# check .inf file is valid
cfg = InfParser()
cfg.read_data(cf.contents)
try:
tmp = cfg.get('Version', 'Class')
except (ConfigParser.NoOptionError, ConfigParser.NoSectionError) as e:
return error_internal('The inf file Version:Class was missing')
if tmp != 'Firmware':
return error_internal('The inf file Version:Class was invalid')
try:
tmp = cfg.get('Version', 'ClassGuid')
except ConfigParser.NoOptionError as e:
return error_internal('The inf file Version:ClassGuid was missing')
if tmp != '{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}':
return error_internal('The inf file Version:ClassGuid was invalid')
try:
tmp = cfg.get('Version', 'DriverVer')
fw_version_display_inf = tmp.split(',')
if len(fw_version_display_inf) != 2:
return error_internal('The inf file Version:DriverVer was invalid')
except ConfigParser.NoOptionError as e:
pass
# this is optional, but if supplied must match the version in the XML
# -- also note this will not work with multi-firmware .cab files
try:
fw_version_inf = cfg.get('Firmware_AddReg', 'HKR->FirmwareVersion')
if fw_version_inf.startswith('0x'):
fw_version_inf = str(int(fw_version_inf[2:], 16))
if fw_version_inf == '0':
fw_version_inf = None
except (ConfigParser.NoOptionError, ConfigParser.NoSectionError) as e:
pass
# check metainfo exists
cfs = arc.find_files("*.metainfo.xml")
if len(cfs) == 0:
return error_internal('The firmware file had no .metadata.xml files')
# parse each MetaInfo file
apps = []
for cf in cfs:
component = appstream.Component()
try:
component.parse(str(cf.contents))
component.validate()
except appstream.ParseError as e:
return error_internal('The metadata %s could not be parsed: %s' % (cf, str(e)))
except appstream.ValidationError as e:
return error_internal('The metadata %s file did not validate: %s' % (cf, str(e)))
# check the file does not have any missing request.form
if cf.contents.find('FIXME') != -1:
return error_internal("The metadata file was not complete; "
"Any FIXME text must be replaced with the correct values.")
# check the firmware provides something
if len(component.provides) == 0:
return error_internal("The metadata file did not provide any GUID.")
if len(component.releases) == 0:
return error_internal("The metadata file did not provide any releases.")
# check the inf file matches up with the .xml file
if fw_version_inf and fw_version_inf != component.releases[0].version:
return error_internal("The inf Firmware_AddReg[HKR->FirmwareVersion] "
"'%s' did not match the metainfo.xml value '%s'."
% (fw_version_inf, component.releases[0].version))
# check the guid and version does not already exist
try:
items = db_firmware.get_items()
except CursorError as e:
return error_internal(str(e))
for item in items:
for md in item.mds:
if md.guid == component.provides[0].value and md.version == component.releases[0].version:
return error_internal("A firmware file for this version already exists", 422)
# check the ID hasn't been reused by a different GUID
for item in items:
for md in item.mds:
if md.cid == component.id and not md.guid == component.provides[0].value:
return error_internal("The %s ID has already been used by GUID %s" % (md.cid, md.guid), 422)
# add to array
apps.append(component)
# only save if we passed all tests
basename = os.path.basename(fileitem.filename)
new_filename = fwid + '-' + basename
# add these after parsing in case multiple components use the same file
asc_files = {}
# fix up the checksums and add the detached signature
for component in apps:
# ensure there's always a container checksum
release = component.releases[0]
csum = release.get_checksum_by_target('content')
if not csum:
csum = appstream.Checksum()
csum.target = 'content'
csum.filename = 'firmware.bin'
component.releases[0].add_checksum(csum)
# get the contents checksum
fw_data = arc.find_file(csum.filename)
if not fw_data:
return error_internal('No %s found in the archive' % csum.filename)
csum.kind = 'sha1'
csum.value = hashlib.sha1(fw_data.contents).hexdigest()
# set the sizes
release.size_installed = len(fw_data.contents)
release.size_download = len(data)
# add the detached signature if not already signed
sig_data = arc.find_file(csum.filename + ".asc")
if not sig_data:
if not csum.filename in asc_files:
try:
affidavit = create_affidavit()
except NoKeyError as e:
return error_internal('Failed to sign archive: ' + str(e))
cff = cabarchive.CabFile(fw_data.filename + '.asc',
affidavit.create(fw_data.contents))
asc_files[csum.filename] = cff
else:
# check this file is signed by something we trust
try:
affidavit = create_affidavit()
affidavit.verify(fw_data.contents)
except NoKeyError as e:
return error_internal('Failed to verify archive: ' + str(e))
# add all the .asc files to the archive
for key in asc_files:
arc.add_file(asc_files[key])
# export the new archive and get the checksum
cab_data = arc.save(compressed=True)
checksum_container = hashlib.sha1(cab_data).hexdigest()
# dump to a file
if not os.path.exists(DOWNLOAD_DIR):
os.mkdir(DOWNLOAD_DIR)
fn = os.path.join(DOWNLOAD_DIR, new_filename)
open(fn, 'wb').write(cab_data)
# dump to the CDN
_upload_to_cdn(new_filename, StringIO(cab_data))
# create parent firmware object
target = request.form['target']
fwobj = LvfsFirmware()
fwobj.qa_group = session['qa_group']
fwobj.addr = _get_client_address()
fwobj.filename = new_filename
fwobj.fwid = fwid
fwobj.target = target
if fw_version_display_inf:
fwobj.version_display = fw_version_display_inf[1]
# create child metadata object for the component
for component in apps:
md = LvfsFirmwareMd()
md.fwid = fwid
md.cid = component.id
md.name = component.name
md.summary = component.summary
md.developer_name = component.developer_name
md.metadata_license = component.metadata_license
md.project_license = component.project_license
md.url_homepage = component.urls['homepage']
md.description = component.description
md.checksum_container = checksum_container
# from the provide
prov = component.provides[0]
md.guid = prov.value
# from the release
rel = component.releases[0]
md.version = rel.version
md.release_description = rel.description
md.release_timestamp = rel.timestamp
md.release_installed_size = rel.size_installed
md.release_download_size = rel.size_download
md.release_urgency = rel.urgency
# from the first screenshot
if len(component.screenshots) > 0:
ss = component.screenshots[0]
if ss.caption:
md.screenshot_caption = ss.caption
if len(ss.images) > 0:
im = ss.images[0]
if im.url:
md.screenshot_url = im.url
# from the content checksum
csum = component.releases[0].get_checksum_by_target('content')
md.checksum_contents = csum.value
md.filename_contents = csum.filename
fwobj.mds.append(md)
# add to database
try:
db_firmware.add(fwobj)
except CursorError as e:
return error_internal(str(e))
# set correct response code
_event_log("Uploaded file %s to %s" % (new_filename, target))
# ensure up to date
try:
if target != 'private':
metadata_update_qa_group(fwobj.qa_group)
if target == 'stable':
metadata_update_targets(['stable', 'testing'])
elif target == 'testing':
metadata_update_targets(['testing'])
except NoKeyError as e:
return error_internal('Failed to sign metadata: ' + str(e))
except CursorError as e:
return error_internal('Failed to generate metadata: ' + str(e))
return redirect(url_for('.firmware_id', fwid=fwid))
