Re: [PATCH 1/1] snapshot: support tar signature for compressed tar

Thu, 07 Jun 2018 06:17:39 -0700 

On Thu, Jun 07, 2018 at 02:15:34PM +0200, Christian Hesse wrote:
> From: Christian Hesse <[email protected]>
> 
> This adds support for kernel.org style signatures where the uncompressed
> tar archive is signed and compressed later. The signature is valid for
> all tar* snapshots.
> 
> Signed-off-by: Christian Hesse <[email protected]>
> ---
>  ui-shared.c   | 8 ++++++++
>  ui-snapshot.c | 2 +-
>  2 files changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/ui-shared.c b/ui-shared.c
> index 8a786e0..40935ae 100644
> --- a/ui-shared.c
> +++ b/ui-shared.c
> @@ -1139,6 +1139,14 @@ void cgit_print_snapshot_links(const struct cgit_repo 
> *repo, const char *ref,
>                       cgit_snapshot_link("sig", NULL, NULL, NULL, NULL,
>                                          filename.buf);
>                       html(")");
> +             } else if (f->bit & 0x16 && cgit_snapshot_get_sig(ref, 
> &cgit_snapshot_formats[3])) {

This works, but it feels far too magic and likely to break in the
future.  I'd rather add a new field for base snapshot type, either as a
const char * set that to ".tar" for the relevant archive formats or as a
bitmask which is set to 0x08 for now to allow fallback to tar.  If we do
that, we should extract at least that bit value to a named constant to
make it clear what is going on.

> +                     int suf_len = strlen(f->suffix);
> +                     strbuf_remove(&filename, strlen(filename.buf) - 
> suf_len, suf_len);
> +                     strbuf_addstr(&filename, ".tar.asc");
> +                     html(" (");
> +                     cgit_snapshot_link("sig", NULL, NULL, NULL, NULL,
> +                                        filename.buf);
> +                     html(")");
>               }
>               html(separator);
>       }
> diff --git a/ui-snapshot.c b/ui-snapshot.c
> index c7611e8..76d0573 100644
> --- a/ui-snapshot.c
> +++ b/ui-snapshot.c
> @@ -263,7 +263,7 @@ void cgit_print_snapshot(const char *head, const char 
> *hex,
>       }
>  
>       f = get_format(filename);
> -     if (!f || !(ctx.repo->snapshots & f->bit)) {
> +     if (!f || (!sig_filename && !(ctx.repo->snapshots & f->bit))) {

This bypasses the permitted snapshots configuration, but I guess that's
ok because signature lookup is cheap unlike archive creation.

>               cgit_print_error_page(400, "Bad request",
>                               "Unsupported snapshot format: %s", filename);
>               return;
_______________________________________________
CGit mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/cgit

Reply via email to