On 03/21/11 06:05 PM, Brock Pytlik wrote:
Greetings all,
webrev:
http://cr.opensolaris.org/~bpytlik/ips-18047-v1/
Bugs:
16867 pkgsign should handle existing signatures better
17982 pkgsign should cleanly handle the aborted transaction case
18021 all information needed to verify a signature action should be
included in the action
18047 need support for pathlen basic constraint
18052 manifest.get_size should reflect true signature size
src/modules/client/publisher.py:
lines 1739-1741: this can simply be:
return hashlib.sha1(s).hexdigest()
line 2133: s/ca_dict.extend/ca_dict[k].extend/ ?
src/modules/client/transport/transport.py:
lines 2826-2828: why is this not done in MultiFile too?
because you want to rely on the sigpolicy module indirectly
triggering cert retrieval? it seems like having it go through
the normal download path would be better since it would be included
in progress output.
src/modules/p5p:
old lines 664-677: by removing these lines, approved and revoke certs
will not be recorded (as a side effect); you really only needed to
remove old lines 675-677
new lines 676-678, 1176-1179: lots of comments in here are no longer
valid or need tweaking
src/modules/server/repository.py:
line 1953: trans_id should never be None, why this change?
src/sign.py:
line 261: s/exisitng/existing/
src/tests/cli/t_pkgrepo.py:
line 1074: s/test_08/test_07/
Overall, this seems much nicer.
BTW, are we ever going to add 'signature' actions to pkg(5)?
-Shawn
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
