<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.30.3">
</HEAD>
<BODY>
Le mercredi 29 décembre 2010 à 14:11 +0100, Jonas Smedegaard a écrit :
<BLOCKQUOTE TYPE=CITE>
<PRE>
On Wed, Dec 29, 2010 at 10:23:35AM +0100, Rémi Thebault wrote:
>
>
>> >I don't get this. Do you expect a cdbs script to unpack the waf file
>> >(I don't know the format, but it is probably not so hard) and to
>> >checksum each file inside ?
>>
>> Nah, not checksum each file separately - unless it turns out that it
>> is indeed helpful to track the contained files individually.
>>
>> For now I "just" suggest to unpack the blob when failing, and
>> emitting a message to first check those files, then delete them and
>> then apply the magic checksum.
>>
>
>
>If I understand well:
>1. If no safetybelt, we checksum the waf file with debian/waf.sha1sum
>2. If the checksum fail, we unpack waf and display a relevant mesg like
> "waf checksum failed, check the content in debian/wafunpacked and
>do `sha1sum ./waf > debian/waf.sha1sum`"
>3. adding "rm -rf debian/wafunpacked" in clean target (could depend on
>the safety belt)
>
>Is this correct ?
I guess you mean _unless_ no safetybelt at 1).
Here's a proposed pseudo-code:
If not safetybelt-off; then
do-checksum
mesg checksum
if checksum-match-fail (including no stored checksum at all); then
unpack-waf
error "waf checksum failed. inspect unpacked waf, and if ok
store above calculated checksum as debian/waf.sha1sum
and remove the unpacked files"
else
warning "WARNING: waf file is executed without prior inspection!
this might be unsafe - you have been warned...!"
I.e. a little more than your summary, but not much. does that look
sane?
</PRE>
</BLOCKQUOTE>
OK I will work this way.<BR>
<BR>
Rémi
</BODY>
</HTML>