John Keeping <[email protected]> on Thu, 2018/06/07 14:17: > On Thu, Jun 07, 2018 at 02:15:34PM +0200, Christian Hesse wrote: > > From: Christian Hesse <[email protected]> > > > > This adds support for kernel.org style signatures where the uncompressed > > tar archive is signed and compressed later. The signature is valid for > > all tar* snapshots. > > > > Signed-off-by: Christian Hesse <[email protected]> > > --- > > ui-shared.c | 8 ++++++++ > > ui-snapshot.c | 2 +- > > 2 files changed, 9 insertions(+), 1 deletion(-) > > > > diff --git a/ui-shared.c b/ui-shared.c > > index 8a786e0..40935ae 100644 > > --- a/ui-shared.c > > +++ b/ui-shared.c > > @@ -1139,6 +1139,14 @@ void cgit_print_snapshot_links(const struct > > cgit_repo *repo, const char *ref, cgit_snapshot_link("sig", NULL, NULL, > > NULL, NULL, filename.buf); > > html(")"); > > + } else if (f->bit & 0x16 && cgit_snapshot_get_sig(ref, > > &cgit_snapshot_formats[3])) { > > This works, but it feels far too magic and likely to break in the > future. I'd rather add a new field for base snapshot type, either as a > const char * set that to ".tar" for the relevant archive formats or as a > bitmask which is set to 0x08 for now to allow fallback to tar. If we do > that, we should extract at least that bit value to a named constant to > make it clear what is going on.
Already working on that. ;)
What concerns me a lot more is the fact that we rely on the array position.
If anybody decides to insert a new element in cgit_snapshot_formats before
the tar element things break.
I decided to reorder the element and add a comment about what we rely on...
Wondering whether or not you like it and if there are any better ideas. :-p
I prefer this order anyway.
> > + int suf_len = strlen(f->suffix);
> > + strbuf_remove(&filename, strlen(filename.buf) -
> > suf_len, suf_len);
> > + strbuf_addstr(&filename, ".tar.asc");
> > + html(" (");
> > + cgit_snapshot_link("sig", NULL, NULL, NULL, NULL,
> > + filename.buf);
> > + html(")");
> > }
> > html(separator);
> > }
> > diff --git a/ui-snapshot.c b/ui-snapshot.c
> > index c7611e8..76d0573 100644
> > --- a/ui-snapshot.c
> > +++ b/ui-snapshot.c
> > @@ -263,7 +263,7 @@ void cgit_print_snapshot(const char *head, const char
> > *hex, }
> >
> > f = get_format(filename);
> > - if (!f || !(ctx.repo->snapshots & f->bit)) {
> > + if (!f || (!sig_filename && !(ctx.repo->snapshots & f->bit))) {
>
> This bypasses the permitted snapshots configuration, but I guess that's
> ok because signature lookup is cheap unlike archive creation.
It does, but for signatures only. I think it is not worth the trouble making
the condition even more complex to deny ".zip.asc".
> > cgit_print_error_page(400, "Bad request",
> > "Unsupported snapshot format: %s",
> > filename); return;
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];)
putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
pgpC2pZvk_VoJ.pgp
Description: OpenPGP digital signature
_______________________________________________ CGit mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/cgit
