Re: [Monotone-devel] Re: version 1.14 fails "make check"

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Re: version 1.14 fails "make check"

From:	Richard Levitte - VMS Whacker
Subject:	Re: [Monotone-devel] Re: version 1.14 fails "make check"
Date:	Mon, 16 Aug 2004 09:47:54 +0200 (CEST)

In message <address@hidden> on 15 Aug 2004 15:20:06 +0200, Peter Simons 
<address@hidden> said:

simons> Richard Levitte writes:
simons> 
simons>  >> In _my_ case, the current branch is important. I want to
simons>  >> say: In branch "foo" we'll trust key "bar".
simons> 
simons>  > The thing is, as I understand it, is that the "current"
simons>  > branch is only an attribute of your working directory,
simons>  > and has absolutely nothing to do with the contents of the
simons>  > database.
simons> 
simons> Yes, you are right. But that doesn't really affect my use
simons> case. I want to say: In branch "foo" we'll trust key "bar".
simons> Period. And that's not possible with the current model,
simons> unless I have a monotonerc file per branch. But I want a
simons> global one.

I don't understand why that is not possible.  You need the following:

 1. the branch name
 2. the key that signed the branch cert
 3. the list of <branch,key> trust tupples.

You get 1 and 2 from the branch cert.  You keep 3 as a local table or
a set of local tables in get_manifest_cert_trust.  In my example (kept
below), I had a table for the branch "foo", mostly because I don't
know the Lua language well enough to make a proper tupple table, yet.
I see nothing that stops the function from existing in a global
monotonerc...

simons>  >   function get_manifest_cert_trust (signers, id, name, val)
simons>  >     local foo_trusted_signers = { "address@hidden", ... }
simons> 
simons>  >     local t_foo = intersection(signers, foo_trusted_signers)
simons>  >     if t_foo ~= nil
simons>  >     then
simons>  >       if name == "branch" and val == "foo" and table.getn(t_foo) >= 1
simons>  >       then
simons>  >         return true
simons>  >       end
simons>  >     end
simons> 
simons>  >     return false
simons>  >   end
simons> 
simons> I am not certain what this code does, actually. Won't this
simons> leave any other certificate (say, ancestor) untrusted?

Correct.  The following should behave a little better:

  function get_manifest_cert_trust (signers, id, name, val)
    local foo_trusted_signers = { "address@hidden", ... }

    if name == "branch" and val == "foo"
    then
      local t_foo = intersection(signers, foo_trusted_signers)
      if t_foo ~= nil and table.getn(t_foo) >= 1
      then
        return true
      end
      return false
    end

    return true
  end

This function will return true for all certs that aren't a branch cert
for the branch "foo", or for branch certs for the branch "foo" where
the signing key matches at least one of the trusted signers for
"foo".  It will return false for all others (i.e. branch certs for the
branch "foo" where the signers didn't match any of the trusted
signers).

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte                         address@hidden
                                        http://richard.levitte.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-devel] Re: Re: version 1.14 fails "make check", (continued)

Prev by Date: [Monotone-devel] Some little statements
Next by Date: [Monotone-devel] Re: Update replacing deleted files
Previous by thread: [Monotone-devel] Re: version 1.14 fails "make check"
Next by thread: [Monotone-devel] Re: version 1.14 fails "make check"
Index(es):
- Date
- Thread