From owner-cvs-all Tue Feb 6 20:56:58 2001 Delivered-To: cvs-all@freebsd.org Received: from mta5.snfc21.pbi.net (mta5.snfc21.pbi.net [206.13.28.241]) by hub.freebsd.org (Postfix) with ESMTP id E7D4337B401; Tue, 6 Feb 2001 20:56:31 -0800 (PST) Received: from xor.obsecurity.org ([64.165.226.103]) by mta5.snfc21.pbi.net (Sun Internet Mail Server sims.3.5.2000.01.05.12.18.p9) with ESMTP id <0G8D002PUB0IHS@mta5.snfc21.pbi.net>; Tue, 6 Feb 2001 19:29:09 -0800 (PST) Received: by xor.obsecurity.org (Postfix, from userid 1000) id A852A66B62; Tue, 06 Feb 2001 19:30:30 -0800 (PST) Date: Tue, 06 Feb 2001 19:30:30 -0800 From: Kris Kennaway Subject: Re: cvs commit: src/usr.sbin/pkg_install/sign Makefile README check.ccommon.c extern.h gzip.c gzip.h main.c pgp.h pgp_check.cpgp_sign.c pkg_sign.1 sha1.c sign.c stand.c stand.h x509.c In-reply-to: <3A80324E.8F170DDF@softweyr.com>; from wes@softweyr.com on Tue, Feb 06, 2001 at 10:20:14AM -0700 To: Wes Peters Cc: Maxim Sobolev , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Message-id: <20010206193030.A17973@mollari.cthul.hu> MIME-version: 1.0 Content-type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="GvXjxJ+pjyke8COw" Content-disposition: inline User-Agent: Mutt/1.2.5i References: <200102060646.f166kgf65013@freefall.freebsd.org> <3A7FB338.57B1EE07@FreeBSD.org> <3A80324E.8F170DDF@softweyr.com> Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --GvXjxJ+pjyke8COw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Feb 06, 2001 at 10:20:14AM -0700, Wes Peters wrote: > Maxim Sobolev wrote: > >=20 > > Wes Peters wrote: > >=20 > > > wes 2001/02/05 22:46:42 PST > > > > > > Added files: > > > usr.sbin/pkg_install/sign Makefile README check.c common.c > > > extern.h gzip.c gzip.h main.c pgp.h > > > pgp_check.c pgp_sign.c pkg_sign.1 > > > sha1.c sign.c stand.c stand.h x509.c > > > Log: > > > Add package signing utilities; somebody might actually want them. > > > These are not enabled in the pkg_install Makefile as of yet; > > > adding the "sign" directory to the SUBDIR list will enable > > > building of sign. > > > > > > Submitted by: Wes Peters > > > Obtained from: Original framework from OpenBSD 2.7, X.509 bi= ts from DoBox. > >=20 > > Why it's called pkg_sign? As far as I understood from your previous mes= sages it's just > > a general tool to sign gzip archives, so it probably better to call it = gzip_sign or > > something and move out of pkg_install. >=20 > Because that's exactly where it occurred in the "Orginal framework from O= penBSD". > Sometimes commonality is a good thing. >=20 > I'll be looking at ways to extend it to sign bzipped archives also, but t= he > intent is to provide a way to verify that packages have been correctly=20 > transmitted across some distribution mechanism, and may mutate into somet= hing > that has nothing to do with the gzip header used now. The long-talked about plan to use .zip for packageNG is also relevant here. The code which does the signing is independent of how it attaches the signatures to the archive. Kris --GvXjxJ+pjyke8COw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6gMFWWry0BWjoQKURAtZyAKDO5TWWbTXasL38jygFRWOnuFVhJwCg2Akx VeQwZbkbvGmeuH349n/lB5k= =Sk0z -----END PGP SIGNATURE----- --GvXjxJ+pjyke8COw-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message