Thx for your feedback. I will incorporate the detailed explanation and re-submit the patches.
Ibrahim El Rhezzali
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, August 26, 2019 11:04 PM, brian m. carlson <sandals@xxxxxxxxxxxxxxxxxxxx> wrote:
> On 2019-08-26 at 19:58:00, Ibrahim El wrote:
>
> > From: Ibrahim El Rhezzali ibrahim.el@xxxxx
> > 7e3e6c9e4 Added new signing interface API
> > Adding files for the new signing interface and also support drivers for the two existing GPG and GPGSM X.509 tools
>
> I'd like to see an explanation here why a new signing interface is
> necessary and we need to make a wholesale replacement of the existing
> one instead of making incremental changes.
>
> > diff --git a/signing-interface.c b/signing-interface.c
> > new file mode 100644
> > index 000000000..c744ef499
> > --- /dev/null
> > +++ b/signing-interface.c
> > @@ -0,0 +1,487 @@
> > +#include <sys/types.h>
> > +#include <unistd.h>
> > +#include "cache.h"
> > +#include "config.h"
> > +#include "run-command.h"
> > +#include "strbuf.h"
> > +#include "signing-interface.h"
> > +#include "signing-tool.h"
> > +#include "sigchain.h"
> > +#include "tempfile.h"
> > +
> > +extern const struct signing_tool openpgp_tool;
> > +extern const struct signing_tool x509_tool;
> > +
> > +static const struct signing_tool *signing_tools[SIGNATURE_TYPE_COUNT] = {
> >
> > - &openpgp_tool,
> > - &x509_tool,
> > +};
> >
>
> It looks like we've hard-coded only two tools here. I was under the
> impression this series was supposed to make signing pluggable with any
> tool, but that doesn't seem to be the case.
>
> > +size_t parse_signatures(const char *payload, size_t size,
> >
> > - struct signatures *sigs)
> >
> >
> >
> > +{
> >
> > - enum signature_type st;
> > - size_t first;
> > - size_t begin = 0;
> > - const struct signing_tool *tool;
> > - struct signature *psig = NULL;
> > -
> > - first = size;
> > - for (st = SIGNATURE_TYPE_FIRST; st < SIGNATURE_TYPE_LAST; st++) {
> > - tool = signing_tools[st];
> >
> >
> > -
> > - if (!tool || !tool->parse)
> >
> >
> > - BUG("signing tool %s undefined", signature_type_name(st));
> >
> >
>
> If this is supposed to make parsing generic, won't we have to add
> support for each individual tool in the codebase so tool->parse is
> defined? Having to do that would defeat the point of having a pluggable
> interface set up in the configuration.
>
> > - buf = xstrdup(var);
> > - t1 = strtok(buf, ".");
> > - t2 = strtok(NULL, ".");
> > - t3 = strtok(NULL, ".");
>
> I don't think we make a lot of use of strtok. Perhaps you'd like to use
> parse_config_key or another function in config.c?
>
> ----------------------------------------------------------------------------------------------------------------------------
>
> brian m. carlson: Houston, Texas, US
> OpenPGP: https://keybase.io/bk2204
