[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: python nosignatures/digests in rpm 4.4.1?

From: "Jeff Johnson" <n3npq jbj gmail com>
To: "RPM Package Manager" <rpm-list redhat com>
Subject: Re: python nosignatures/digests in rpm 4.4.1?
Date: Thu, 9 Mar 2006 14:09:02 -0500

On 3/9/06, seth vidal <skvidal linux duke edu> wrote:
> On Thu, 2006-03-09 at 13:29 -0500, Matthew Miller wrote:
> > On Thu, Mar 09, 2006 at 01:18:10PM -0500, Jeff Johnson wrote:
> > > > > >And it appears that the flag I want is simply
> > > > > >rpm._RPMVSF_NOPAYLOAD. (And it
> > > > > >can be set only the once.)
> > > > > Add --stats to see what time various operations take. If NOPAYLOAD is
> > > > > affecting,
> > > > > then you have *lots* of packages with old header+payload signatures.
> > > > I was testing on the Fedora Core 3 updates area -- does that count as "old"?
> > > No, packages produced by rpm-4.0.4 or earlier count as "old".
> > > Hmmm, actually are most of the packages you are checking not signed?
> >
> > They are all signed by Red Hat / Fedora keys, which _aren't_ imported on
> > this system.
> >

If all signed, then a header sha1 or header dsa signature should have
been preferred
over a header+payload digest check (what I think is happening).

Of course when you start turning various signatures/digests off, sooner or later
rpm falls back to the *very* expensive header+payload md5 digest check.

> > > I'm trying to understand why NEEDPAYLOAD has any effect whatsoever.
> > > NEEDPAYLOAD prevents verifying header+payload digest or signature,
> > > leaves the file descriptor positioned at beginning of payload, ready for
> > > unpacking.
> > > The flag was never intended for the purpose that you are using it for.
> >
> > Or that Seth is using it for. :)
>
> I reserve the right to be incorrect. ;)

My only concern is logic that uses NEEDPAYLOAD incorrectly when there
are more direct ways to accomplish disabling.

If I were you, I'd just do
    ts.setVSFlags(-1)
which will disable everything always (the argument is a bit field of disablers).

Turning off NEEDPAYLOAD hurts nothing if all the other functionality
is disabled as well, and -1 accomplishes that without fussing about
which bits do what.

Turn on a specific functionality by doing, say.
    ts.setVSFlags(-1 ^ rpm.RPMVSF_NOMD5)

A bit awkward, but almost all flags in rpm are disablers that end up being used
programatically in a doubly negated context like the XOR above, i.e.
    I want nothing except not nomd5 verfication.

73 de Jeff

References:
- python nosignatures/digests in rpm 4.4.1?
  - From: Matthew Miller
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: seth vidal
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: Matthew Miller
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: seth vidal
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: Matthew Miller
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: Jeff Johnson
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: Matthew Miller
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: Jeff Johnson
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: Matthew Miller
- Re: python nosignatures/digests in rpm 4.4.1?
  - From: seth vidal

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]