checksum verification in nALFS

Vassili Dzuba vassilidzuba at nerim.net
Fri Oct 11 15:13:34 PDT 2002


On Fri, 11 Oct 2002 21:45:30 +0000 (UTC)
haski at sezampro.yu (Neven Has) wrote:

> On Fri, Oct 11, 2002 at 11:11:12PM +0200, Vassili Dzuba wrote:
> > If we make the check out of <unpack>, we need to specify the archive,
> > so there is a little more text to write.
> > 
> > More seriously, if <unpack> contains a <reference>, we might not have
> > the archive available before the <unpack>.
> 
> Right, I forgot about <reference>. It's still new to me. :)
> 
> > We could maybe keep <checksum> within unpack if the user want to use
> > it there, and add an element <verify> that can occur in <alfs> and
> > <stage>, like :
> > 
> >   <verify>
> >      <checksum type="md5">&bash-md5;</checksum>
> >      <file>&packages_dir;/&bash-package;</file>
> >   </verify>
> 
> Hm, two elements for doing the same thing, can't say that I like that. :)
> 
> But what do you think about <unpack> without <destination> ?
> 
> If there is no <destination>, that means just "check the archive"
> (or do something else with it, in the future).
> 
> If there is <checksum> in it, check the sum. There could be even
> something else which would tell the program to check if the archive is
> complete, not only partially downloaded and stuff like that.
> 
> Now the name "unpack" wouldn't be that great anymore. So what about:
> 
> <archive>
>     <checksum type="md5">&bash-md5;</checksum>
>     <name>&bash-package;</name>
>     <reference>http://www.blah.com/&bash-package;</reference>
>     <destination>/usr/src</destination>
> </archive>
> 
> (lot of this would be optional, so it wouldn't be more complicated)
> 
> Maybe it wouldn't be that clear as <unpack> is, when it comes to
> unpacking the archive, but I think it's still pretty clear, thanks to
> <destination> (archive, destination... should be clear :).
> 
> I know this is another big, profile_breaker change (something for syntax
> 4.0, but hey, we already got used to that ;), but I actually like this
> solution. At least these 5 minutes. :) I might change my mind in another 5.

When do you plan to introduce this 4.0 version ?

> 
> And BTW, this would be more close to something we've been mentioning on
> the list before. Less script-like, and more XML-like. Or not. :)
> 

Well, XML is not inherently declarative, imho, and i think that <unpack>
is probably more intuitive for a newbie to ALFS.

If one considers that the checksum is a property of the file, which 
is probably reasonable, one could have a syntax like :

	<unpack>
		<archive>
			<checksum type="md5">&bash-md5;</checksum>
			<path>&packages_dir;/&bash-package;</path>
		</archive>
		<destination>&build_dir;</destination>
	</unpack>


or using attributes :

	<unpack>
		<archive checksum_type="md5" checksum_value="&bash-md5">
			&packages_dir;/&bash-package;
		</archive>
		<destination>&build_dir;</destination>
	</unpack>

But as some checksums can be quite large (e.g. gpg signatures), the attribute
is probably a bad idea.

We could also replace <checksum> by <digest>, which is the name used in the 
openssl documentation.

> 
> Neven
> 
> -- 
> Unsubscribe: send email to listar at linuxfromscratch.org
> and put 'unsubscribe alfs-discuss' in the subject header of the message
> 

Vassili
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe alfs-discuss' in the subject header of the message



More information about the alfs-discuss mailing list