| 1 |
Dnia 2013-06-22, o godz. 17:02:56 |
| 2 |
""Paweł Hajdan, Jr."" <phajdan.jr@g.o> napisał(a): |
| 3 |
|
| 4 |
> On 6/20/13 2:16 AM, Michał Górny wrote: |
| 5 |
> > Doing test signatures won't cover all failures. |
| 6 |
> |
| 7 |
> Do you know an example? The only one I'm aware of is when a test |
| 8 |
> signature is made very close to the expiration date, and then the real |
| 9 |
> signature would be done after it. |
| 10 |
|
| 11 |
Well, Michael explained one in the other branch of this thread quite |
| 12 |
thoroughly. Other than that, there can be random runtime errors |
| 13 |
and race conditions. |
| 14 |
|
| 15 |
I'd say it's as good as using stat() to check whether a file exists |
| 16 |
before opening it. But thinking of it, I've got another idea... |
| 17 |
|
| 18 |
How about opening 'gpg -s' in a subprocess before first commit |
| 19 |
and feeding the Manifest afterwards? As far as I can see, gpg asks for |
| 20 |
the password instantly, so likely most of the bases will be covered |
| 21 |
already, and we're be doing a single signature only. |
| 22 |
|
| 23 |
-- |
| 24 |
Best regards, |
| 25 |
Michał Górny |
Archives