checksum verification in nALFS

Vassili Dzuba vassilidzuba at nerim.net
Sun Oct 13 11:29:00 PDT 2002


On Sat, 12 Oct 2002 16:10:17 +0000 (UTC)
jason at tommyk.com ("Jason Gurtz") wrote:

> 
> 
> > <archive>
> > 	<check></check>
> > 	<unpack></unpack>
> > </archive>
> 
> <snip>
> 
> > Anyway, we really need more opinions on this. It would help. :)
> 
> I'm undecided on what my opinon whould be on the destination issue, but
> I thought I'd mention one thing.  On lfs-security there's been quite
> abit of talk the last few days on checking package validaty via pgp
> signatures.  It seems to me that method will only get more popular as
> time goes on, so this use should probably also be considered in this
> addition to the syntax.  The rough syntax shown above appears like it
> would work in that context by simply inserting a 2nd <check /> above the
> first to check the gpg sig.
> 
> Given that profiles can download and install things at will, signed and
> checksum'ed profiles might not be so bad a consideration in the future
> as well.
> 
> Anyway...
> 
> Cheers,
> 
> ~Jason
> 
> -- 
> 
> -- 
> Unsubscribe: send email to listar at linuxfromscratch.org
> and put 'unsubscribe alfs-discuss' in the subject header of the message
> 

Even without the <reference>, I think that we should still perform by default
the validation of the checksum in (or very near to) the <unpack>.

Let's assume that a get a new BLFS profile and that i want to update 
only one or two packages. I can load it into nALFS, choose interactively
the package i want to build, and type 's', 'c'.
But if the validation of the checksum is performed at the beginning 
of the profile, it will not be done here.

Of course, we can consider that the checksum is a declarative element, 
put it at the beginning at the document.
The syntax could then be :

    <alfs version="3.0">

        <digest type="md5">
             <path>&packages_dir;/&bash_package;</path>
             <value>&bash_md5</value>
        </digest>

        ....
            <unpack>
                 <archive>&packages_dir;/&bash_package;</path>
                 <destination>&build_dir</destination>
            </unpack>
     ...
     </alfs>


Then, the behaviour of the program would be :

- when processing the <digest>, if the file exists it checks it, 
  and stops after displaying an error message if the digest value doesn't match.
  if the digest value matches, nALFS stores that fact in some internal variable.
  This would offre an up-front checking of all the archives for the user 
  processing the whole profile.

- when processing <unpack>, it retrieve the corresponding digest in the XML tree.
  if the checksum has already been checked it unpacks it, but if the digest has not
  already been checked (either because the user asked only the build of a package,
  or because the archive has not been alreafy downloded), it checks it now.

Of course the price is a more complicated behaviour of nALFS where an action
associated with an element must search the tree, but i think it is probably
acceptable.

Moreover, that would not break the current syntax.

What do you think ?


Vassili
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe alfs-discuss' in the subject header of the message



More information about the alfs-discuss mailing list