From mboxrd@z Thu Jan 1 00:00:00 1970 From: john at keeping.me.uk (John Keeping) Date: Thu, 7 Jun 2018 14:17:14 +0100 Subject: [PATCH 1/1] snapshot: support tar signature for compressed tar In-Reply-To: <20180607121534.20416-1-list@eworm.de> References: <20180607141251.67607d90@leda> <20180607121534.20416-1-list@eworm.de> Message-ID: <20180607131714.GE1922@john.keeping.me.uk> On Thu, Jun 07, 2018 at 02:15:34PM +0200, Christian Hesse wrote: > From: Christian Hesse > > This adds support for kernel.org style signatures where the uncompressed > tar archive is signed and compressed later. The signature is valid for > all tar* snapshots. > > Signed-off-by: Christian Hesse > --- > ui-shared.c | 8 ++++++++ > ui-snapshot.c | 2 +- > 2 files changed, 9 insertions(+), 1 deletion(-) > > diff --git a/ui-shared.c b/ui-shared.c > index 8a786e0..40935ae 100644 > --- a/ui-shared.c > +++ b/ui-shared.c > @@ -1139,6 +1139,14 @@ void cgit_print_snapshot_links(const struct cgit_repo *repo, const char *ref, > cgit_snapshot_link("sig", NULL, NULL, NULL, NULL, > filename.buf); > html(")"); > + } else if (f->bit & 0x16 && cgit_snapshot_get_sig(ref, &cgit_snapshot_formats[3])) { This works, but it feels far too magic and likely to break in the future. I'd rather add a new field for base snapshot type, either as a const char * set that to ".tar" for the relevant archive formats or as a bitmask which is set to 0x08 for now to allow fallback to tar. If we do that, we should extract at least that bit value to a named constant to make it clear what is going on. > + int suf_len = strlen(f->suffix); > + strbuf_remove(&filename, strlen(filename.buf) - suf_len, suf_len); > + strbuf_addstr(&filename, ".tar.asc"); > + html(" ("); > + cgit_snapshot_link("sig", NULL, NULL, NULL, NULL, > + filename.buf); > + html(")"); > } > html(separator); > } > diff --git a/ui-snapshot.c b/ui-snapshot.c > index c7611e8..76d0573 100644 > --- a/ui-snapshot.c > +++ b/ui-snapshot.c > @@ -263,7 +263,7 @@ void cgit_print_snapshot(const char *head, const char *hex, > } > > f = get_format(filename); > - if (!f || !(ctx.repo->snapshots & f->bit)) { > + if (!f || (!sig_filename && !(ctx.repo->snapshots & f->bit))) { This bypasses the permitted snapshots configuration, but I guess that's ok because signature lookup is cheap unlike archive creation. > cgit_print_error_page(400, "Bad request", > "Unsupported snapshot format: %s", filename); > return;