1 files changed, 77 insertions, 13 deletions

diff --git a/brep/handler/submit/submit-git.bash.in b/brep/handler/submit/submit-git.bash.in
index cc679c8..cf7300d 100644
--- a/brep/handler/submit/submit-git.bash.in
+++ b/brep/handler/submit/submit-git.bash.in
@@ -59,6 +59,10 @@ function owners_dir () # <repo-dir>
 # Check if a repository already contains the package. Respond with the
 # 'duplicate submission' result manifest and exit if that's the case.
 #
+# Also check if the repository contains newer revision of this package
+# version. Respond with the 'newer revision is present' result manifest and
+# exit if that's the case.
+#
 function check_package_duplicate () # <name> <version> <repo-dir>
 {
   trace_func "$@"
@@ -72,14 +76,21 @@ function check_package_duplicate () # <name> <version> <repo-dir>
 
   run source "$rep/submit.config.bash"
 
-  # Check for duplicate package in all sections. Use <name>-<version>.*
-  # without .tar.gz in case we want to support more archive types later.
+  local rev
+  rev="$(version_revision "$ver")"
+
+  # Check for duplicate package and its newer revisions in all sections. Use
+  # <name>-<version>.* without .tar.gz in case we want to support more archive
+  # types later.
   #
   local s
   for s in "${!sections[@]}"; do
+    local d="$rep/${sections[$s]}"
+
+    # Check for duplicate.
+    #
     local p
-    IFS=$'\n' eval \
-    'p=($(run pkg_find_archive "$nam-$ver.*" "$rep/${sections[$s]}"))'
+    run pkg_find_archive "$nam-$ver.*" "$d" | readarray -t p
 
     if [ "${#p[@]}" -ne 0 ]; then
       local n="${p[1]}"
@@ -93,6 +104,26 @@ function check_package_duplicate () # <name> <version> <repo-dir>
         exit_with_manifest 422 "submission conflicts with $n/$v"
       fi
     fi
+
+    # Check for newer revision.
+    #
+    local arcs
+    run pkg_find_archives "$nam" "$ver*" "$d" | readarray -t arcs
+
+    local f
+    for f in "${arcs[@]}"; do
+      local p
+      pkg_verify_archive "$f" | readarray -t p
+
+      local v="${p[1]}"
+
+      local rv
+      rv="$(version_revision "$v")"
+
+      if [ "$rv" -gt "$rev" ]; then
+        exit_with_manifest 422 "newer revision $nam/$v is present"
+      fi
+    done
   done
 }
 
@@ -168,6 +199,7 @@ function auth_project () # <project> <control> <repo-dir>
 
   local r="unknown"
   local m="$d/$prj/project-owner.manifest"
+  local info=
 
   # If the project owner manifest exists then parse it and try to authenticate
   # the submitter as the project owner.
@@ -180,16 +212,31 @@ function auth_project () # <project> <control> <repo-dir>
 
     local n v
     while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do
-      if [[ "$n" == "control" && "$ctl" == "$v"* ]]; then
-        r="project"
-        break
+      if [[ "$n" == "control" ]]; then
+        if [[ "$ctl" == "$v"* ]]; then
+          r="project"
+          break
+        fi
+
+        # If the control URLs don't match, then compare them case-
+        # insensitively, converting them to the lower case. If they match
+        # case-insensitively, then still fail the authentication but provide
+        # additional information in the manifest message value.
+        #
+        if [[ "${ctl,,}" == "${v,,}"* ]]; then
+          info="
+  info: control repository URL differs only in character case
+  info: submitted URL:       $ctl
+  info: project owner's URL: $v
+  info: consider using --control to specify exact URL"
+        fi
       fi
     done
 
     manifest_parser_finish
 
     if [ "$r" != "project" ]; then
-      exit_with_manifest 401 "project owner authentication failed"
+      exit_with_manifest 401 "project owner authentication failed$info"
     fi
   fi
 
@@ -215,7 +262,8 @@ function auth_package () # <project> <package> <control> <repo-dir>
 
   local prj="$1"
   local pkg="$2"
-  local ctl="${3%.git}" # Strip the potential .git extension.
+  local ctl="${3%.git}" # For comparison strip the potential .git extension.
+  local ctl_orig="$3"   # For diagnostics use the original URL.
   local rep="$4"
 
   local d
@@ -232,6 +280,7 @@ function auth_package () # <project> <package> <control> <repo-dir>
 
   local r="unknown"
   local m="$d/$prj/$pkg/package-owner.manifest"
+  local info=
 
   # If the package owner manifest exists then parse it and try to authenticate
   # the submitter as the package owner.
@@ -246,16 +295,31 @@ function auth_package () # <project> <package> <control> <repo-dir>
     #
     local n v
     while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do
-      if [ "$n" == "control" -a "${v%.git}" == "$ctl" ]; then
-        r="package"
-        break
+      if [ "$n" == "control" ]; then
+        local u="${v%.git}"
+
+        if [ "$u" == "$ctl" ]; then
+          r="package"
+          break
+        fi
+
+        # If the control URLs don't match, then compare them case-
+        # insensitively (see auth_project() for details).
+        #
+        if [ "${u,,}" == "${ctl,,}" ]; then
+          info="
+  info: control repository URL differs only in character case
+  info: submitted URL:       $ctl_orig
+  info: package owner's URL: $v
+  info: consider using --control to specify exact URL"
+        fi
       fi
     done
 
     manifest_parser_finish
 
     if [ "$r" != "package" ]; then
-      exit_with_manifest 401 "package owner authentication failed"
+      exit_with_manifest 401 "package owner authentication failed$info"
     fi
   fi