Skip to main content

[pkg-discuss] Re: Updated sha-2 webrev

  • From: Tim Foster < >
  • To:
  • Subject: [pkg-discuss] Re: Updated sha-2 webrev
  • Date: Fri, 04 Oct 2013 12:23:54 +1300

On 10/ 4/13 11:52 AM, Danek Duvall wrote:
Tim Foster wrote:

  if we can get the publication API to optionally not add attributes when
called via pkgrecv (I admit to not knowing how to do this yet, because it
has to work for HTTP publication too) then the omission of pkg.filetype
would be short-lived.  We'll still need to keep the addition of 'elfbits'
and 'elfarch' around though, to allow older versions of pkg(5) to pkgrecv
signed packages without action modification.

I think what we want here is full manifest publication.  That will mean
that it'll be up to the client to do any annotation it deems necessary.
The server (when not in-process) can check (or not, as it sees fit) to make
sure everything's correctly annotated, but shouldn't actually add anything.

That sounds like a fairly radical (though necessary) departure from the existing publication model, and perhaps something we would have done with the great plans for the publication model rewrite, before pkgsurf(1) came along.


In the meantime, I was hoping that we could make a small compatible change to the existing model that was compact enough to let us backport this as a bugfix to any earlier versions of pkg that we wanted to make pkgrecv work properly for (wrt. avoiding the addition of attributes that may invalidate signatures)

Using an in-process server, I figured this would be straightforward but wasn't sure whether we could do it for HTTP-based publication, so investigated a bit just now.


It's a bit of a hack, but we _could_ use the User-Agent: request header to determine what the client is, then choose to allow attribute addition or not based on that:

e.g. we allow attribute addition during publication with request headers like:

{'Remote-Addr': '127.0.0.1', 'Host': 'localhost:9099', 'Client-Release': '5.12', 'Accept': '*/*', 'User-Agent': 'pkg/373070ea940e (sunos i86pc; 5.12 on12-gate:2013-09-30; none; pkgsend)'}

but if we have this:

{'Remote-Addr': '127.0.0.1', 'Host': 'localhost:9099', 'Client-Release': '5.12', 'Accept': '*/*', 'User-Agent': 'pkg/373070ea940e (sunos i86pc; 5.12 on12-gate:2013-09-30; none; pkgrecv)'}

then we don't allow attribute addition (because the client name was 'pkgrecv')

It's a damned shame we didn't go in this direction to start.

Yes, I agree - ENOCRYSTALBALL

        cheers,
                        tim



[pkg-discuss] Re: Updated sha-2 webrev

(continued)

[pkg-discuss] Re: Updated sha-2 webrev

Tim Foster 10/02/2013

[pkg-discuss] Re: Updated sha-2 webrev

Shawn Walker 10/02/2013

[pkg-discuss] Re: Updated sha-2 webrev

Tim Foster 10/02/2013

[pkg-discuss] Re: Updated sha-2 webrev

Shawn Walker 10/02/2013

[pkg-discuss] Re: Updated sha-2 webrev

Tim Foster 10/02/2013

[pkg-discuss] Re: Updated sha-2 webrev

Shawn Walker 10/03/2013

[pkg-discuss] Re: Updated sha-2 webrev

Tim Foster 10/03/2013

[pkg-discuss] Re: Updated sha-2 webrev

Danek Duvall 10/03/2013

[pkg-discuss] Re: Updated sha-2 webrev

Tim Foster 10/03/2013

[pkg-discuss] Re: Updated sha-2 webrev

Danek Duvall 10/03/2013

[pkg-discuss] Re: Updated sha-2 webrev

Tim Foster 10/03/2013

[pkg-discuss] Re: Updated sha-2 webrev

Danek Duvall 10/03/2013
 
 
Close
loading
Please Confirm
Close