From mboxrd@z Thu Jan 1 00:00:00 1970 From: list at eworm.de (Christian Hesse) Date: Thu, 7 Jun 2018 17:13:02 +0200 Subject: [PATCH 1/1] snapshot: support tar signature for compressed tar In-Reply-To: <20180607131714.GE1922@john.keeping.me.uk> References: <20180607141251.67607d90@leda> <20180607121534.20416-1-list@eworm.de> <20180607131714.GE1922@john.keeping.me.uk> Message-ID: <20180607171302.5fedf42f@leda> John Keeping on Thu, 2018/06/07 14:17: > On Thu, Jun 07, 2018 at 02:15:34PM +0200, Christian Hesse wrote: > > From: Christian Hesse > > > > This adds support for kernel.org style signatures where the uncompressed > > tar archive is signed and compressed later. The signature is valid for > > all tar* snapshots. > > > > Signed-off-by: Christian Hesse > > --- > > ui-shared.c | 8 ++++++++ > > ui-snapshot.c | 2 +- > > 2 files changed, 9 insertions(+), 1 deletion(-) > > > > diff --git a/ui-shared.c b/ui-shared.c > > index 8a786e0..40935ae 100644 > > --- a/ui-shared.c > > +++ b/ui-shared.c > > @@ -1139,6 +1139,14 @@ void cgit_print_snapshot_links(const struct > > cgit_repo *repo, const char *ref, cgit_snapshot_link("sig", NULL, NULL, > > NULL, NULL, filename.buf); > > html(")"); > > + } else if (f->bit & 0x16 && cgit_snapshot_get_sig(ref, > > &cgit_snapshot_formats[3])) { > > This works, but it feels far too magic and likely to break in the > future. I'd rather add a new field for base snapshot type, either as a > const char * set that to ".tar" for the relevant archive formats or as a > bitmask which is set to 0x08 for now to allow fallback to tar. If we do > that, we should extract at least that bit value to a named constant to > make it clear what is going on. Already working on that. ;) What concerns me a lot more is the fact that we rely on the array position. If anybody decides to insert a new element in cgit_snapshot_formats before the tar element things break. I decided to reorder the element and add a comment about what we rely on... Wondering whether or not you like it and if there are any better ideas. :-p I prefer this order anyway. > > + int suf_len = strlen(f->suffix); > > + strbuf_remove(&filename, strlen(filename.buf) - > > suf_len, suf_len); > > + strbuf_addstr(&filename, ".tar.asc"); > > + html(" ("); > > + cgit_snapshot_link("sig", NULL, NULL, NULL, NULL, > > + filename.buf); > > + html(")"); > > } > > html(separator); > > } > > diff --git a/ui-snapshot.c b/ui-snapshot.c > > index c7611e8..76d0573 100644 > > --- a/ui-snapshot.c > > +++ b/ui-snapshot.c > > @@ -263,7 +263,7 @@ void cgit_print_snapshot(const char *head, const char > > *hex, } > > > > f = get_format(filename); > > - if (!f || !(ctx.repo->snapshots & f->bit)) { > > + if (!f || (!sig_filename && !(ctx.repo->snapshots & f->bit))) { > > This bypasses the permitted snapshots configuration, but I guess that's > ok because signature lookup is cheap unlike archive creation. It does, but for signatures only. I think it is not worth the trouble making the condition even more complex to deny ".zip.asc". > > cgit_print_error_page(400, "Bad request", > > "Unsupported snapshot format: %s", > > filename); return; -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];) putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 488 bytes Desc: OpenPGP digital signature URL: