Bug#821051: [PATCH v3 2/3] byhand-code-sign: intermediate script for code sign

2016-11-29 Thread Ben Hutchings 
On Tue, 2016-11-29 at 12:33 -0200, Helen Koike wrote:
> 
> On 2016-11-20 09:24 AM, Ben Hutchings wrote:
> > On Wed, 2016-11-16 at 00:45 -0200, Helen Koike wrote:
> > [...]
> > > +TARGET="$ftpdir/dists/$suitedir/main/code-sign/"
> > > +OUT_TARBALL="$TARGET/${IN_TARBALL##*/}"
> > > +OUT_TARBALL="${OUT_TARBALL%.tar.xz}_sigs.tar.xz"
> > 
> > [...]
> > 
> > This naming may have to change; see Ansgar's message at
> >  and my
> > reply below.
> > 
> > Otherwise, I think this is fine.
> > 
> > Ben.
> > 
> 
> I am not sure I understand the pointed message regarding naming, what 
> should be a better naming here ?

Ansgar thinks that maintaining an embargo requires that we don't reveal
which packages have had security uploads.  So as long as the signature
tarballs themselves are not embargoed, their filenames should not be
visible or predictable.

Ben.

-- 
Ben Hutchings
Theory and practice are closer in theory than in practice.
- John Levine, moderator of
comp.compilers



signature.asc
Description: This is a digitally signed message part

Bug#821051: [PATCH v3 2/3] byhand-code-sign: intermediate script for code sign

2016-11-29 Thread Helen Koike 



On 2016-11-20 09:24 AM, Ben Hutchings wrote:

On Wed, 2016-11-16 at 00:45 -0200, Helen Koike wrote:
[...]

+TARGET="$ftpdir/dists/$suitedir/main/code-sign/"
+OUT_TARBALL="$TARGET/${IN_TARBALL##*/}"
+OUT_TARBALL="${OUT_TARBALL%.tar.xz}_sigs.tar.xz"

[...]

This naming may have to change; see Ansgar's message at
 and my
reply below.

Otherwise, I think this is fine.

Ben.



I am not sure I understand the pointed message regarding naming, what 
should be a better naming here ?


Helen

Bug#821051: [PATCH v3 2/3] byhand-code-sign: intermediate script for code sign

2016-11-20 Thread Ben Hutchings 
On Wed, 2016-11-16 at 00:45 -0200, Helen Koike wrote:
[...]
> +TARGET="$ftpdir/dists/$suitedir/main/code-sign/"
> +OUT_TARBALL="$TARGET/${IN_TARBALL##*/}"
> +OUT_TARBALL="${OUT_TARBALL%.tar.xz}_sigs.tar.xz"
[...]

This naming may have to change; see Ansgar's message at
 and my
reply below.

Otherwise, I think this is fine.

Ben.

-- 
Ben Hutchings
Lowery's Law:
 If it jams, force it. If it breaks, it needed replacing
anyway.


signature.asc
Description: This is a digitally signed message part

Bug#821051: [PATCH v3 2/3] byhand-code-sign: intermediate script for code sign

2016-11-15 Thread Helen Koike 
This script is meant to be called by AutomaticByHandPackages mechanism,
it will receive the a .tar.xz file with efi images and/or linux
modules, call byhand-code-sign-user as codesign user to generate another
.tar.xz with detached signatures and publish it in the 
$ftpdir/dists/$suitedir/main/code-sign/

Contributions:
Ben Hutchings 
---

This patch series is based on https://ftp-master.debian.org/git/dak.git master
Patches are also available here: 
https://github.com/helen-fornazier/dak/tree/review

 scripts/debian/byhand-code-sign | 52 +
 1 file changed, 52 insertions(+)
 create mode 100755 scripts/debian/byhand-code-sign

diff --git a/scripts/debian/byhand-code-sign b/scripts/debian/byhand-code-sign
new file mode 100755
index 000..f3eceab
--- /dev/null
+++ b/scripts/debian/byhand-code-sign
@@ -0,0 +1,52 @@
+#!/bin/bash
+
+set -u
+set -e
+set -o pipefail
+
+if [ $# -lt 5 ]; then
+   echo "Usage: $0 filename version arch changes_file suite"
+   exit 1
+fi
+
+IN_TARBALL="$1"# Tarball to read, compressed with xz
+VERSION="$2"
+ARCH="$3"
+CHANGES="$4"   # Changes file for the upload
+SUITE="$5"
+
+error() {
+   echo >&2 "E: $*"
+   exit 1
+}
+
+# Read dak configuration for security or main archive.
+# Also determine subdirectory for the suite.
+case "$0" in
+/srv/security-master.debian.org/*)
+   configdir="/srv/security-master.debian.org/dak/config/debian-security"
+   suitedir="$SUITE/updates"
+   ;;
+/srv/ftp-master.debian.org/*)
+   configdir="/srv/ftp-master.debian.org/dak/config/debian"
+   suitedir="$SUITE"
+   ;;
+*)
+   error "$0: Can't tell if security or not"
+   ;;
+esac
+. "$configdir/vars"
+
+TARGET="$ftpdir/dists/$suitedir/main/code-sign/"
+OUT_TARBALL="$TARGET/${IN_TARBALL##*/}"
+OUT_TARBALL="${OUT_TARBALL%.tar.xz}_sigs.tar.xz"
+
+# Check that this source/arch/version hasn't already been signed
+if [ -e "$OUT_TARBALL" ]; then
+   error "Signature tarball already exists: $OUT_TARBALL"
+fi
+
+mkdir -p "${OUT_TARBALL%/*}"
+
+sudo -u codesign "${0%/*}/byhand-code-sign-user" 
"$configdir/byhand-code-sign.conf" < "$IN_TARBALL" > "$OUT_TARBALL"
+echo "I: Created $OUT_TARBALL"
-- 
2.7.4