Alex Elsayed wrote:
> I think a safe way to do it within what I described above might be:
>
> 1.) Start using mirrors:// a lot more heavily
> 2.) Note (in the exheres?) the public-key fingerprint(s) allowed to sign
> for a distfile, if applicable
> 3.) In the manifest-managing tool, download a statistically significant
> subset (or all) of the mirrors of a given file.
> 4.) Download the upstream checksums and gpg signatures as well, in
> addition to whatever ones we choose to provide.
> 5.) Validate all of the above (cross product of file-mirrors and
> checksums/signatures)
> 6.) If a copy fails any check, mark that mirror as untrusted/blacklisted.
> Refuse to download any distfile from it.
> 7.) Multiplex the list of good mirrors and the checksums/signatures for
> *all* of the downloads of an exheres into a single metalink file. Yes, it
> supports that.
> 8.) On fetch, simply use a metalink client (there are several) to fetch
> them. At least one metalink client supports downloading all files within
> the metalink simultaneously, providing an added benefit of improving
> download speeds.
Just had an idea to make this far more efficient.
3, 4, and 5 get revised as follows:
(pseudocode)
fetch_all_checksums_signatures()
# If checksums for mirrors a, b, and c disagree with mirror d, this
# would loop twice - once for 'a, b, c, checksums = <checksums>', and
# once for 'd checksums = <checksums>' (except actually a data structure)
# If all checksums agree, this will, of course, only loop once
int found_valid = 0
for (checksum_subsets) {
while (mirrors not empty) {
download_file(mirror)
is_valid = check_file()
if (is_valid) {
found_valid++;
# Metalink splits each file into 'chunks', which have their own
# checksums. This allows failing a bad mirror without wasting much
# bandwidth, and makes it unnecessary to download every copy.
generate_chunk_checksums()
break
} else {
blacklist_mirror()
}
}
}
if (found_valid == 0) {
error "No valid mirrors for $distfile!"
} else if (found_valid > 1) {
error "More than one group of mirrors that disagreed about checksums
validated - both cannot be right. Please include more information to
identify the valid distfile."
}
_______________________________________________
Exherbo-dev mailing list
[email protected]
http://lists.exherbo.org/mailman/listinfo/exherbo-dev
