On 04/ 1/11 07:10 PM, Brock Pytlik wrote:
On 04/ 1/11 05:53 PM, Shawn Walker wrote:
On 03/21/11 06:05 PM, Brock Pytlik wrote:
Greetings all,
webrev:
http://cr.opensolaris.org/~bpytlik/ips-18047-v1/
Bugs:
16867 pkgsign should handle existing signatures better
17982 pkgsign should cleanly handle the aborted transaction case
18021 all information needed to verify a signature action should be
included in the action
18047 need support for pathlen basic constraint
18052 manifest.get_size should reflect true signature size
...
src/modules/client/transport/transport.py:
lines 2826-2828: why is this not done in MultiFile too?
because you want to rely on the sigpolicy module indirectly
triggering cert retrieval? it seems like having it go through
the normal download path would be better since it would be included
in progress output.
The short answer was that it didn't seem to need to be. I'm happy to add
it to MultiFile
So if you did add it to MultiFile, it would just mean that all the cert
data would get downloaded as part of the normal download process for
packages. I can't really envision a scenario in which we wouldn't want
that to happen for signature actions.
Once added to MultiFile, that would also mean that some of the changes
you have in place to retrieve the certs may not be necessary.
src/modules/server/repository.py:
line 1953: trans_id should never be None, why this change?
Because it can be None, I hit it in testing. If I remember right if you
abort/ctrl-c during an open or perhaps an append in JUST the right spot,
then you can get here with trans_id being None. Specifically, if you
ctrl-c after transaction.open has make its directories, but before it
completes, I think you get into this situation. I encountered it while
trying to reproduce bug 17982.
It is an error to call this function without a valid transaction id.
This is not the right fix. You need to find out how trans_id gets set
to None in the first place and fix it there, or allow it to fail as it
was failing before.
-Shawn
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
