Change behaviour of getMinUpgrade

This allows to differentiate between situations where
the system is unaffected and unexistance of an upgrade path.

Previously, the glsa-check would treat GLSAs that had no
upgrade path (such as mask glsas) as not affecting the system.

svn path=/trunk/gentoolkit/; revision=647

http://git.overlays.gentoo.org/gitweb/?p=proj/gentoolkit.git;a=commit;h=ef38a394c5c2f5901173a53914705730850f9b3f

diff --git a/bin/glsa-check b/bin/glsa-check
old mode 100755 (executable)
new mode 100644 (file)
index 0e2b7a3..969ad84
--- a/bin/glsa-check
+++ b/bin/glsa-check
@@ -207,6 +207,11 @@ if mode in ["dump", "fix", "inject", "pretend"]:
                elif mode == "fix":
                        sys.stdout.write("fixing "+myid+"\n")
                        mergelist = myglsa.getMergeList(least_change=least_change)
+                       if mergelist == None:
+                               sys.stdout.write(">>> no vulnerable packages installed\n")
+                       elif mergelist == []:
+                               sys.stdout.write(">>> cannot fix GLSA, no unaffected packages available\n")
+                               sys.exit(2)
                        for pkg in mergelist:
                                sys.stdout.write(">>> merging "+pkg+"\n")
                                # using emerge for the actual merging as it contains the dependency
@@ -225,6 +230,11 @@ if mode in ["dump", "fix", "inject", "pretend"]:
                elif mode == "pretend":
                        sys.stdout.write("Checking GLSA "+myid+"\n")
                        mergelist = myglsa.getMergeList(least_change=least_change)
+                       if mergelist == None:
+                               sys.stdout.write(">>> no vulnerable packages installed\n")
+                       elif mergelist == []:
+                               sys.stdout.write(">>> cannot fix GLSA, no unaffected packages available\n")
+                               sys.exit(2)
                        if mergelist:
                                sys.stdout.write("The following updates will be performed for this GLSA:\n")
                                for pkg in mergelist:

diff --git a/pym/portage/glsa.py b/pym/portage/glsa.py
index 514dcc044e75e49287872aa255c2a291895684b0..76eae2b699b97031a649de1a9dbeef38d87fc18b 100644 (file)
--- a/pym/portage/glsa.py
+++ b/pym/portage/glsa.py
@@ -342,8 +342,9 @@ def getMinUpgrade(vulnerableList, unaffectedList, portdbapi, vardbapi, minimize=
        I{vulnerableList} and returns string describing
        the lowest version for the package that matches an atom in 
        I{unaffectedList} and is greater than the currently installed
-       version or None if the system is not affected. Both
-       I{vulnerableList} and I{unaffectedList} should have the
+       version. It will return an empty list if the system is affected,
+       and no upgrade is possible or None if the system is not affected.
+       Both I{vulnerableList} and I{unaffectedList} should have the
        same base package.
        
        @type   vulnerableList: List of Strings
@@ -361,7 +362,7 @@ def getMinUpgrade(vulnerableList, unaffectedList, portdbapi, vardbapi, minimize=
        @return:        the lowest unaffected version that is greater than
                                the installed version.
        """
-       rValue = None
+       rValue = ""
        v_installed = reduce(operator.add, [match(v, vardbapi) for v in vulnerableList], [])
        u_installed = reduce(operator.add, [match(u, vardbapi) for u in unaffectedList], [])
 
@@ -371,14 +372,14 @@ def getMinUpgrade(vulnerableList, unaffectedList, portdbapi, vardbapi, minimize=
                        install_unaffected = False
 
        if install_unaffected:
-               return rValue
-       
+               return None
+
        for u in unaffectedList:
                mylist = match(u, portdbapi, match_type="match-all")
                for c in mylist:
                        i = best(v_installed)
                        if vercmp(c.version, i.version) > 0 \
-                                       and (rValue == None \
+                                       and (rValue == "" \
                                                or not match("="+rValue, portdbapi) \
                                                or (minimize ^ (vercmp(c.version, rValue.version) > 0)) \
                                                        and match("="+c, portdbapi)) \
@@ -646,7 +647,7 @@ class Glsa:
                                        for v in path["vul_atoms"]:
                                                rValue = rValue \
                                                        or (len(match(v, self.vardbapi)) > 0 \
-                                                               and getMinUpgrade(path["vul_atoms"], path["unaff_atoms"], \
+                                                               and None != getMinUpgrade(path["vul_atoms"], path["unaff_atoms"], \
                                                                                self.portdbapi, self.vardbapi))
                return rValue