On 04/ 1/11 05:53 PM, Shawn Walker wrote:
On 03/21/11 06:05 PM, Brock Pytlik wrote:
Greetings all,
webrev:
http://cr.opensolaris.org/~bpytlik/ips-18047-v1/
Bugs:
16867 pkgsign should handle existing signatures better
17982 pkgsign should cleanly handle the aborted transaction case
18021 all information needed to verify a signature action should be
included in the action
18047 need support for pathlen basic constraint
18052 manifest.get_size should reflect true signature size
src/modules/client/publisher.py:
lines 1739-1741: this can simply be:
return hashlib.sha1(s).hexdigest()
Ok.
line 2133: s/ca_dict.extend/ca_dict[k].extend/ ?
Thanks, I've added a test to make sure this is exercised.
src/modules/client/transport/transport.py:
lines 2826-2828: why is this not done in MultiFile too?
because you want to rely on the sigpolicy module indirectly
triggering cert retrieval? it seems like having it go through
the normal download path would be better since it would be included
in progress output.
The short answer was that it didn't seem to need to be. I'm happy to add
it to MultiFile.
src/modules/p5p:
old lines 664-677: by removing these lines, approved and revoke certs
will not be recorded (as a side effect); you really only needed to
remove old lines 675-677
Huh. Ok.
new lines 676-678, 1176-1179: lots of comments in here are no longer
valid or need tweaking
Ok, comments have been removed or updated
src/modules/server/repository.py:
line 1953: trans_id should never be None, why this change?
Because it can be None, I hit it in testing. If I remember right if you
abort/ctrl-c during an open or perhaps an append in JUST the right spot,
then you can get here with trans_id being None. Specifically, if you
ctrl-c after transaction.open has make its directories, but before it
completes, I think you get into this situation. I encountered it while
trying to reproduce bug 17982.
src/sign.py:
line 261: s/exisitng/existing/
Fixed
src/tests/cli/t_pkgrepo.py:
line 1074: s/test_08/test_07/
Done
Overall, this seems much nicer.
Thanks for taking a look!
Brock
BTW, are we ever going to add 'signature' actions to pkg(5)?
-Shawn
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
