Re: python nosignatures/digests in rpm 4.4.1?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 3/9/06, seth vidal <skvidal@xxxxxxxxxxxxxx> wrote:
> On Thu, 2006-03-09 at 13:29 -0500, Matthew Miller wrote:
> > On Thu, Mar 09, 2006 at 01:18:10PM -0500, Jeff Johnson wrote:
> > > > > >And it appears that the flag I want is simply
> > > > > >rpm._RPMVSF_NOPAYLOAD. (And it
> > > > > >can be set only the once.)
> > > > > Add --stats to see what time various operations take. If NOPAYLOAD is
> > > > > affecting,
> > > > > then you have *lots* of packages with old header+payload signatures.
> > > > I was testing on the Fedora Core 3 updates area -- does that count as "old"?
> > > No, packages produced by rpm-4.0.4 or earlier count as "old".
> > > Hmmm, actually are most of the packages you are checking not signed?
> >
> > They are all signed by Red Hat / Fedora keys, which _aren't_ imported on
> > this system.
> >

If all signed, then a header sha1 or header dsa signature should have
been preferred
over a header+payload digest check (what I think is happening).

Of course when you start turning various signatures/digests off, sooner or later
rpm falls back to the *very* expensive header+payload md5 digest check.

> > > I'm trying to understand why NEEDPAYLOAD has any effect whatsoever.
> > > NEEDPAYLOAD prevents verifying header+payload digest or signature,
> > > leaves the file descriptor positioned at beginning of payload, ready for
> > > unpacking.
> > > The flag was never intended for the purpose that you are using it for.
> >
> > Or that Seth is using it for. :)
>
> I reserve the right to be incorrect. ;)

My only concern is logic that uses NEEDPAYLOAD incorrectly when there
are more direct ways to accomplish disabling.

If I were you, I'd just do
    ts.setVSFlags(-1)
which will disable everything always (the argument is a bit field of disablers).

Turning off NEEDPAYLOAD hurts nothing if all the other functionality
is disabled as well, and -1 accomplishes that without fussing about
which bits do what.

Turn on a specific functionality by doing, say.
    ts.setVSFlags(-1 ^ rpm.RPMVSF_NOMD5)

A bit awkward, but almost all flags in rpm are disablers that end up being used
programatically in a doubly negated context like the XOR above, i.e.
    I want nothing except not nomd5 verfication.

73 de Jeff

_______________________________________________
Rpm-list mailing list
Rpm-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/rpm-list
[Index of Archives]     [RPM Ecosystem]     [Linux Kernel]     [Red Hat Install]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Red Hat]     [Gimp]     [Yosemite News]     [IETF Discussion]

  Powered by Linux