From: | "Michał Górny" <mgorny@g.o> |
---|---|
To: | gentoo-portage-dev@l.g.o |
Subject: | [gentoo-portage-dev] [PATCH] rsync: Improve gemato rsync Manifest verification logic |
Date: | Thu, 01 Feb 2018 12:17:16 |
Message-Id: | 20180201121707.8623-1-mgorny@gentoo.org |
1 | Hi, |
2 | |
3 | Here's a batch of patches meant to be merged after the bugfix release. |
4 | They replace the calls to "gemato" executable with Python routine calls, |
5 | and further improve the security. |
6 | |
7 | The notable improvements are: |
8 | |
9 | 1. New shiny e-style output ;-). |
10 | |
11 | 2. Manifest signature is always verified, even if the tree is considered |
12 | unchanged. This allows us to detect recent key revocation even |
13 | without having other changes to verify. |
14 | |
15 | 3. OpenPGP keys are loaded and updated before rsync. This allows us |
16 | to bail out early, and let the user fix the situation without having |
17 | to do the whole rsync routine multiple times. |
18 | |
19 | 4. Manifest timestamp is compared to the local clock, and a warning |
20 | is issued if the tree received is at least 24 hours old. This allows |
21 | us to detect attacks based on preventing the user from upgrading. |
22 | |
23 | -- |
24 | Best regards, |
25 | Michał Górny |
Subject | Author |
---|---|
[gentoo-portage-dev] [PATCH 1/5] rsync: Verify the value of sync-rsync-verify-jobs | "Michał Górny" <mgorny@g.o> |
[gentoo-portage-dev] [PATCH 2/5] rsync: Use gemato routines directly instead of calling the CLI tool | "Michał Górny" <mgorny@g.o> |
[gentoo-portage-dev] [PATCH 3/5] rsync: Verify the Manifest signature even if tree is unchanged | "Michał Górny" <mgorny@g.o> |
[gentoo-portage-dev] [PATCH 4/5] rsync: Load and update keys early | "Michał Górny" <mgorny@g.o> |
[gentoo-portage-dev] [PATCH 5/5] rsync: Issue an explicit warning if Manifest timestamp is >24hr old | "Michał Górny" <mgorny@g.o> |