Gentoo Logo

About | Projects | Docs | Forums | Lists | Bugs | Get Gentoo! | Support | Planet | Wiki

Gentoo Spaceship
Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-portage-dev
Navigation:
Lists: gentoo-portage-dev: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-portage-dev@g.o
From: Marius Mauch <genone@g.o>
Subject: Re: Manifest signing
Date: Tue, 22 Nov 2005 22:18:16 +0100 
On Sat, 19 Nov 2005 15:29:30 +0900
Jason Stubbs <jstubbs@g.o> wrote:

> On Saturday 19 November 2005 15:01, Robin H. Johnson wrote:
> > After my post to -core about how to move ahead with signing, I
> > thought the next best place to continue is in a discussion of how
> > Portage handles manifests and their signatures.
> > 
> > First, the blatantly obvious, for the benefit of same developers,
> > even though it's not relevant to signing. It is still a weak-point
> > and does need to be addressed. Multiple-hashes!
> 
> Yep, portages that don't break on multiple hashes being specified
> have been around long enough for this to now be feasible.

Hmm, sneak it in .53? *g*
Just joking.

> > So now the new Manifest structure looks roughly like this
> > (abbreviated): -- PGP
> > MD5 ...
> > MD5 ...
> > -- SIG
> > -- SIG
> > -- PGP
> > MD5 ...
> > -- SIG
> > -- SIG
> > etc.
> > 
> > This has one important implication for backwards compatibility in
> > checking of Manifests.
> > In the case that a filename appears more than once in the file, only
> > the last instance of it should be used, as that is the one that
> > relates to the current version of the file. It's 4 lines of code in
> > the current portage that need to be removed for this to work (see
> > my -core post for where exactly).
> 
> Hence, if we fix it in the next version we still have to wait six
> months to a year for most everybody to be using it so we don't break
> lots and lots of systems...
> 
> Wouldn't it be easier to just disallow unsigned commits on the server
> side?

Probably, but might have an impact on server load (but Robin is the
expert there ;). But that only covers one part of Robins problem
(unsigned commits) but not the other (resigning of unchanged files), so
he still needs the transactional Manifests, but I don't think the
problem is worth the complications.

Marius

-- 
Public Key at http://www.genone.de/info/gpg-key.pub

In the beginning, there was nothing. And God said, 'Let there be
Light.' And there was still nothing, but you could see a bit better.
Attachment:
signature.asc (PGP signature)
References:
Manifest signing
-- Robin H. Johnson
Re: Manifest signing
-- Jason Stubbs
Navigation:
Lists: gentoo-portage-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Manifest signing
Next by thread:
Re: Manifest signing
Previous by date:
Re: Manifest signing
Next by date:
Re: [PATCH] inital Manifest2 support


Updated Jun 17, 2009

Summary: Archive of the gentoo-portage-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.