Up to [local] / src / usr.bin / signify
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: OPENBSD_7_5_BASE
Revision 1.19 / (download) - annotate - [select for diffs], Sat Apr 29 10:08:18 2023 UTC (13 months, 1 week ago) by espie
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.18: +5 -1 lines
Diff to previous 1.18 (colored)
as noticed by sdk@, a package with an exact numbers of 64K chunks would produce a spurious error (so 1 chance in 2^26) It's like read/write: we need to recognize 0 as EOF and not try to checksum a non-existing block. while there, also make sure that we got all the signed blocks at EOF before exit(0) Note that none of those two bugs affect the actual security of signed packages: the basic assertion that only signed data gets written through the pipe is still 100% valid ! but it's a good idea to not emit spurious messages for valid files, and also to recognize truncated files ! okay tb@ (thanks a lot)