FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Pacman Development

 
 
LinkBack Thread Tools
 
Old 06-02-2008, 11:12 AM
Sebastian Nowicki
 
Default #10530: checksum verification does not work on BSD

On 02/06/2008, at 6:58 PM, Xavier wrote:

> On Mon, Jun 2, 2008 at 12:32 PM, Antonio Huete Jimeenz
> <ahuete.devel@gmail.com> wrote:
>> For the checksum verification it might be ok to use openssl since
>> it's in
>> base for almost all BSD system. But what about linux? You'll have
>> to install
>> it before using makepkg, and this means a dependency.
>>
>> In the case of CHOST usage, I haven't explained it fine. It's not
>> related to
>> this checksum issue. I'll try to explain it better in another
>> thread
>>
>
> openssl is in the base group of archlinux, so it is supposed to be
> installed on every system.
> But when you look at the number and the importance of the packages
> requiring it, it is fully justified :
> http://archlinux.org/packages/122/
> I can even hardly imagine a linux distro without it. Or am I mistaken?

It is an issue, but openssl is only 7mb, which should be an issue on
almost all systems, and on embedded systems where disk space may be
scarce, Archlinux probably wouldn't run anyway (afaik there's a
project for that purpose). As Xavier mentioned it's in core, so with a
typical install (installing everything in base), it should be
installed on the system.

> As far as I know md5sum program in BSD is /sbin/md5, so maybe
> there's something like that in MacOS.

From what I understand the BSD tools (md5, sha1, etc) all use cksum.
It uses completely different arguments than the Linux equivalent, so
it would be difficult to implement. I think openssl is the best
compromise.

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 11:28 AM
"Antonio Huete Jimenez"
 
Default #10530: checksum verification does not work on BSD

2008/6/2 Sebastian Nowicki <sebnow@gmail.com>:



On 02/06/2008, at 6:58 PM, Xavier wrote:



> On Mon, Jun 2, 2008 at 12:32 PM, Antonio Huete Jimeenz

> <ahuete.devel@gmail.com> wrote:

>> For the checksum verification it might be ok to use openssl since

>> it's in

>> base for almost all BSD system. But what about linux? You'll have

>> to install

>> it before using makepkg, and this means a dependency.

>>

>> In the case of CHOST usage, I haven't explained it fine. It's not

>> related to

>> this checksum issue. I'll try to explain it better in another

>> thread

>>

>

> openssl is in the base group of archlinux, so it is supposed to be

> installed on every system.

> But when you look at the number and the importance of the packages

> requiring it, it is fully justified :

> http://archlinux.org/packages/122/

> I can even hardly imagine a linux distro without it. Or am I mistaken?



It is an issue, but openssl is only 7mb, which should be an issue on

almost all systems, and on embedded systems where disk space may be

scarce, Archlinux probably wouldn't run anyway (afaik there's a

project for that purpose). As Xavier mentioned it's in core, so with a

typical install (installing everything in base), it should be

installed on the system.



> As far as I know md5sum program in BSD is /sbin/md5, so maybe

> there's something like that in MacOS.



*From what I understand the BSD tools (md5, sha1, etc) all use cksum.

It uses completely different arguments than the Linux equivalent, so

it would be difficult to implement. I think openssl is the best

compromise.


And there comes the idea I was talking about. I think that scripts should behave according to the operating from where they are running on. I'm doing some changes to scripts for doing so, but it will take me few days to have something useable.

I also think that every portable code should be welcome whenever it doesn't break anything in ArchLinux and made scripts runnable on other OSes.

What do you guys think?

Regards,
Antonio Huete





_______________________________________________

pacman-dev mailing list

pacman-dev@archlinux.org

http://archlinux.org/mailman/listinfo/pacman-dev



_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 11:42 AM
Allan McRae
 
Default #10530: checksum verification does not work on BSD

Antonio Huete Jimenez wrote:
>
> And there comes the idea I was talking about. I think that scripts
> should behave according to the operating from where they are running
> on. I'm doing some changes to scripts for doing so, but it will take
> me few days to have something useable.
> I also think that every portable code should be welcome whenever it
> doesn't break anything in ArchLinux and made scripts runnable on other
> OSes.
>
> What do you guys think?

Using openssl for this is optimal because it works the same on all
systems. Having code which detects operating system and uses specific
software in each case is ugly and should be avoided if at all possible.



_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 11:54 AM
"Antonio Huete Jimenez"
 
Default #10530: checksum verification does not work on BSD

2008/6/2 Allan McRae <mcrae_allan@hotmail.com>:

Antonio Huete Jimenez wrote:

>

> And there comes the idea I was talking about. I think that scripts

> should behave according to the operating from where they are running

> on. I'm doing some changes to scripts for doing so, but it will take

> me few days to have something useable.

> I also think that every portable code should be welcome whenever it

> doesn't break anything in ArchLinux and made scripts runnable on other

> OSes.

>

> What do you guys think?



Using openssl for this is optimal because it works the same on all

systems. *Having code which detects operating system and uses specific

software in each case is ugly and should be avoided if at all possible.



And how do you plan to do OS specific checks and/or configurations for portability?
*





_______________________________________________

pacman-dev mailing list

pacman-dev@archlinux.org

http://archlinux.org/mailman/listinfo/pacman-dev



_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 12:03 PM
Xavier
 
Default #10530: checksum verification does not work on BSD

On Mon, Jun 2, 2008 at 1:54 PM, Antonio Huete Jimenez
<ahuete.devel@gmail.com> wrote:
>
> 2008/6/2 Allan McRae <mcrae_allan@hotmail.com>:
>>
>> Using openssl for this is optimal because it works the same on all
>> systems. Having code which detects operating system and uses specific
>> software in each case is ugly and should be avoided if at all possible.
>>
> And how do you plan to do OS specific checks and/or configurations for
> portability?
>

And which part exactly you don't understand in "should be avoided if
at all possible" ?

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 12:07 PM
"Dan McGee"
 
Default #10530: checksum verification does not work on BSD

On Mon, Jun 2, 2008 at 6:12 AM, Sebastian Nowicki <sebnow@gmail.com> wrote:
>
> On 02/06/2008, at 6:58 PM, Xavier wrote:
>
>> On Mon, Jun 2, 2008 at 12:32 PM, Antonio Huete Jimeenz
>> <ahuete.devel@gmail.com> wrote:
>>> For the checksum verification it might be ok to use openssl since
>>> it's in
>>> base for almost all BSD system. But what about linux? You'll have
>>> to install
>>> it before using makepkg, and this means a dependency.
>>>
>>> In the case of CHOST usage, I haven't explained it fine. It's not
>>> related to
>>> this checksum issue. I'll try to explain it better in another
>>> thread
>>>
>>
>> openssl is in the base group of archlinux, so it is supposed to be
>> installed on every system.
>> But when you look at the number and the importance of the packages
>> requiring it, it is fully justified :
>> http://archlinux.org/packages/122/
>> I can even hardly imagine a linux distro without it. Or am I mistaken?
>
> It is an issue, but openssl is only 7mb, which should be an issue on
> almost all systems, and on embedded systems where disk space may be
> scarce, Archlinux probably wouldn't run anyway (afaik there's a
> project for that purpose). As Xavier mentioned it's in core, so with a
> typical install (installing everything in base), it should be
> installed on the system.

2 points:
1. openssl as we've no found out does not have a loss in
functionality, it can do all of the algorithms we need.
2. It doesn't even need to be installed on every system, just every
system used *to build packages*. However, I would highly doubt you can
find a system in the wild that doesn't have openssl installed.

Since we have no loss in portability or functionality with openssl, I
say lets go for it. Be sure to adjust the comments at the top of
makepkg where it lists programs needed to run so we can keep that up
to date.

-Dan

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-02-2008, 03:40 PM
Xavier
 
Default #10530: checksum verification does not work on BSD

On Mon, Jun 2, 2008 at 11:36 AM, Sebastian Nowicki <sebnow@gmail.com> wrote:
>
> Yes, it does seem like a good solution. I just need to test Dan's fix
> to the spaces problem. As I mentioned on the bug tracker I was unable
> to get makepkg to look for filenames with spaces when using something
> like source=('foo bar'), it instead looks for 'foo' and 'bar'. I have
> no idea why it does this, so I'll look into it, but I have two exams
> this week and then I'll be in the US for a week, so I don't really
> have time to play with it.
>
>

Sorry, I don't have time to write a patch, but you just need to add
some quotes for the source array.
Try replacing every line which looks like this :
for netfile in ${source[@]}; do
to this :
for netfile in "${source[@]}"; do

Just do a grep for source[ or something.

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 
Old 06-06-2008, 04:21 AM
"Dan McGee"
 
Default #10530: checksum verification does not work on BSD

On Mon, Jun 2, 2008 at 10:40 AM, Xavier <shiningxc@gmail.com> wrote:
> On Mon, Jun 2, 2008 at 11:36 AM, Sebastian Nowicki <sebnow@gmail.com> wrote:
>>
>> Yes, it does seem like a good solution. I just need to test Dan's fix
>> to the spaces problem. As I mentioned on the bug tracker I was unable
>> to get makepkg to look for filenames with spaces when using something
>> like source=('foo bar'), it instead looks for 'foo' and 'bar'. I have
>> no idea why it does this, so I'll look into it, but I have two exams
>> this week and then I'll be in the US for a week, so I don't really
>> have time to play with it.
>>
>>
>
> Sorry, I don't have time to write a patch, but you just need to add
> some quotes for the source array.
> Try replacing every line which looks like this :
> for netfile in ${source[@]}; do
> to this :
> for netfile in "${source[@]}"; do
>
> Just do a grep for source[ or something.

Ping, or anyone have time to put the patch(es) together for this? I
think this is something we should get fixed pre-3.2. As I said above,
I'm fine with switching exclusively to openssl usage.

-Dan

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev
 

Thread Tools




All times are GMT. The time now is 01:38 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org