Improve regexp for email

Previous regexp assumed that first level domain is <=4 symbols, but modern domain zones are longer, e.g. email foo@foo.forex was incorrectly considered invalid by the old regexp Move this stuff from macro expansion to the script itself: the new regexp does not work inside RPM-invoked shell due to further subshells being invoked by '()' in the regexp (I don't know how to deal with it, `shopt -u expand_aliases` does not help) [ Regexp is from logist/wl.cgi ]
2025-02-25 00:02:55 +00:00 · 2019-11-12 02:06:06 +03:00 · 2019-11-12 02:06:06 +03:00 · 300bd5e2db
commit 300bd5e2db
parent cc3afd8669
1 changed files with 33 additions and 17 deletions
--- a/kernel.spec
+++ b/kernel.spec
@ -1,10 +1,13 @@
 # _get_email() in %%build contains bashisms for regexping
 %define _buildshell /bin/bash
 %define kernelversion	5
 %define patchlevel	3
 # sublevel is used for stable-based kernels
 %define sublevel	10
 # Release number. Increase this before a rebuild.
-%define rpmrel		1
+%define rpmrel		2
 %define fullrpmrel	%{rpmrel}
 %define rpmtag		%{disttag}
@ -78,21 +81,6 @@
 %define certs_signing_key_rnd %{certs_dir_rnd}/signing_key.pem
 %define certs_key_config_rnd %{certs_dir_rnd}/x509.genkey
 %define certs_verify_tmp %{certs_dir_rnd}/verify.tmp
 # %%certs_email_rnd expansion has bashisms
 %define _buildshell /bin/bash
 # On ABF, %%packager == $username <$email>
 # Try to extract email from %%packager if it is set
 # https://stackoverflow.com/a/5719562
 %define certs_email_rnd %(\
 	if echo '%{packager}' | grep -q 'packager}$' || [ -z "%{packager}" ]; \
 		then echo 'rpmbuild@rosa.unknown' && exit 0; \
 		else temp="$(echo '%{packager}' | awk '{print $NF}' | tr -d '<>')"; \
 	fi; \
 	if [[ "$temp" =~ ^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$ ]]; \
 		then echo "$temp" && exit 0; \
 		else echo 'rpmbuild@rosa.unknown' && exit 0; \
 	fi; \
 	echo 'rpmbuild@rosa.unknown' )
 ############################################################################
 # Build defines
@ -818,6 +806,34 @@ cd %src_dir
 # https://www.ibm.com/support/knowledgecenter/en/SSB23S_1.1.0.13/gtps7/cfgcert.html
 %if %{enhanced_security}
 mkdir -p "%{certs_dir_rnd}"
 # On ABF, %%packager == $username <$email>
 # Try to extract email from %%packager if it is set
 _get_email(){
 	# Check that macro %%packager was set and is not empty
 	if echo '%{packager}' | grep -q 'packager}$' || [ -z "%{packager}" ]
 		# If was not set or is empty, use default email
 		then echo 'rpmbuild@rosa.unknown' && return
 		# Otherwise try to extract email from 'name <email>' or sth else
 		else temp="$(echo '%{packager}' | tr '[:upper:]' '[:lower:]' | tr ' ' '\n' | tr -d '<>' | grep -E '@.*\..*' | head -n 1)"
 	fi
 	# Validate that what we have now is a valid email
 	# https://stackoverflow.com/a/2138832, https://stackoverflow.com/a/41192733
 	# Note that we set %%_buildshell to /bin/bash to guarantee the work of this bashism
 	regex_email="^[a-z0-9!#\$%&'*+/=?^_\`{|}~-]+(\.[a-z0-9!#$%&'*+/=?^_\`{|}~-]+)*@([a-z0-9]([a-z0-9-]*[a-z0-9])?\.)+[a-z0-9]([a-z0-9-]*[a-z0-9])?\$"
 	if [[ "$temp" =~ ${regex_email} ]]
 		# If it is, use it
 		then echo "$temp" && return
 		# Otherwise use default email
 		else echo 'rpmbuild@rosa.unknown' && return
 	fi
 	# If script above has not return'ed for any reason,
 	# e.g. because of non-bash shell being not able to
 	# process regexp, use default email
 	echo 'rpmbuild@rosa.unknown'
 }
 email="$(_get_email)"
 cat <<EOF > "%{certs_key_config_rnd}"
 [ req ]
 # https://github.com/openssl/openssl/issues/3536
@ -830,7 +846,7 @@ distinguished_name = req_distinguished_name
 [ req_distinguished_name ]
 organizationName = %{vendor} rpmbuild
 commonName = Build time autogenerated kernel key
-emailAddress = %{certs_email_rnd}
+emailAddress = ${email}
 EOF
 cat "%{certs_key_config_rnd}"