Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

signature fixups #306

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

signature fixups #306

wants to merge 5 commits into from

Conversation

Duncaen
Copy link
Member

@Duncaen Duncaen commented Jul 11, 2020

No description provided.

Duncaen added 5 commits July 11, 2020 16:54
@Duncaen
lib/repo.c: add xbps_repo_pubkey to read and cache repo pubkeys
ea0eb17 
This function should be used when verifying packages as it will improve
performance by keeping the public key in memory instead of reading it
for each file that has to be verified.
@Duncaen
lib/repo.c: close the repository if there is an error
59cc5b4
@Duncaen
lib/verifysig.c: use new xbps_repo_pubkey
1388de5
@Duncaen
lib/transaction_fetch.c: try to load repo public keys before starting…
9f32c18 
… to fetch packages

This will avoid downloading packages if the repository is not signed or
the public key is corrupt or not imported.

Closes void-linux#298
@Duncaen
lib/verifysig.c: use read instead of mmap to read signature files
dda1c5d 
There is no point in mmaping 512 byte files and is probably hurting
performance.
Chocimier
Chocimier reviewed Jul 11, 2020
View reviewed changes
lib/transaction_fetch.c
}

/*
* Download binary package and signature if either one
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Enqueue downloading?

lib/transaction_fetch.c
* of them don't exist.
*/
if (!xbps_remote_binpkg_exists(xhp, obj)) {
if (!fetch && !(fetch = xbps_array_create())) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Average transaction do fetch package, just creating array on top will be not only more readable, but also faster.

lib/verifysig.c

return val;
rd = read(fd, buf, sizeof buf);
if (rd == -1) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rd != sizeof buf, and errno ? errno : EIO ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess sigfile is required to have a size of 512 bytes, right?

It would be good if this could be a #define somewhere, and documented in comments. And I would just use rd != SIGFILE_SIZE, then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ericonr ericonr ericonr left review comments

@Chocimier Chocimier Chocimier left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Duncaen @Chocimier @ericonr