Date: Sun, 31 Dec 2000 10:48:33 -0700 From: Wes Peters <wes@softweyr.com> To: Warner Losh <imp@village.org> Cc: ports@FreeBSD.ORG Subject: Re: Package signing tools Message-ID: <3A4F7171.4D5786AB@softweyr.com> References: <3A4EDE33.84C7072@softweyr.com> <3A4ED1C0.14061CE5@softweyr.com> <20001231003920.A24519@peorth.iteration.net> <20001231014344.T305@argon.firepipe.net> <200012310741.eBV7f4s09193@billy-club.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote:
>
> In message <3A4EDE33.84C7072@softweyr.com> Wes Peters writes:
> : This has been in the queue for 8 months. The original OpenBSD code has
> : existed for several years. You can have it if you want it, but I'm not
> : going to have it bikeshedded to death, or into pkg_info or pkg_version or
> : pkg_anythingelse. The functions are not related: this program signs a
> : a package and checks the signature on a package is valid; pkg_info and
> : pkg_version do other things.
> :
> : Try to stay on track here, people. This is not an attempt to write a new
> : package delivery mechanism, it's just a simple tool to verify you got what
> : you asked for.
>
> I agree 100%. I've taken a look at the code that wes has done and it
> looks good (modulo the crypto stuff).
>
> However, you could easily add an option to pkg_add that will call
> this program...
Mmmm, yes, pkg_add --verify or something like that? I'd have it actually
run the pkg_check executable so we don't mix the crypto code into the pkg_add
executable, for those who build FreeBSD without the crypto support.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A4F7171.4D5786AB>