Re: [Monotone-devel] Re: Rosterify and certificate keys

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Re: Rosterify and certificate keys

From:	Bruce Stephens
Subject:	Re: [Monotone-devel] Re: Rosterify and certificate keys
Date:	Tue, 18 Apr 2006 13:18:12 +0100
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux)

Nathaniel Smith <address@hidden> writes:

[...]

> I'd certainly accept patches to do things like output a mapping
> between old and new ids (to do... whatever it is you wanted to do
> with it, I guess?), or replacing rids in certs with the new name.

Well, here's a patch that kind of does the first, I think.  (Well,
except for actually writing the mapping, anyway.)  

I was attempting to write out a script that would allow people to
generate new certs, but it seems more fiddly than I'd hoped, since the
values might well be binary.  So maybe just writing out a mapping,
together with some sample scripts would be better?

(No tests, documentation, or optionality included, so obviously it's
not even remotely ready for real use yet.  I hope it shows anyone
who's interested how easy it would be to produce a mapping during
rosterfy.)

# 
# old_revision [c1cf93d16900fe511c4a91d2360916126e6999d1]
# 
# patch "revision.cc"
#  from [1c42e4092e1024cc29777a04dda9404262954df7]
#    to [cf7853dc8757870367427ee67f031a8d770190fa]
# 
============================================================
--- revision.cc 1c42e4092e1024cc29777a04dda9404262954df7
+++ revision.cc cf7853dc8757870367427ee67f031a8d770190fa
@@ -16,6 +16,7 @@
 #include <iterator>
 #include <functional>
 #include <list>
+#include <fstream>
 
 #include <boost/lexical_cast.hpp>
 #include <boost/dynamic_bitset.hpp>
@@ -1400,6 +1401,16 @@
     require_password(key, app);
   }
 
+  // record all the certs
+  std::vector<revision< cert > > all_certs;
+  app.db.get_revision_certs(all_certs);
+  std::map<rsa_keypair_id, std::vector<revision< cert > > > key_certs;
+  for (std::vector<revision< cert > >::const_iterator i = all_certs.begin();
+       i != all_certs.end(); ++i) 
+    {
+      key_certs[i->inner().key].push_back(*i);
+    }
+
   // cross-check that we're getting everything
   // in fact the code in this function is wrong, because if a revision has no
   // parents and no children (it is a root revision, and no children have been
@@ -1409,6 +1420,8 @@
   std::set<revision_id> all_rev_ids;
   app.db.get_revision_ids(all_rev_ids);
 
+  std::set<revision_id> old_revs;
+    
   app.db.get_revision_ancestry(existing_graph);
   for (std::multimap<revision_id, revision_id>::const_iterator i = 
existing_graph.begin();
        i != existing_graph.end(); ++i)
@@ -1423,6 +1436,9 @@
           u64 child_node = graph.add_node_for_oldstyle_revision(i->second);
           all_rev_ids.erase(i->second);
           graph.add_node_ancestry(child_node, parent_node);
+
+          old_revs.insert(i->first);
+          old_revs.insert(i->second);
         }
     }
 
@@ -1434,6 +1450,46 @@
 
   global_sanity.set_relaxed(false);
   graph.rebuild_ancestry();
+
+  std::map<revision_id, revision_id> old_to_new;
+  
+  for (std::set<revision_id>::const_iterator i = old_revs.begin();
+       i != old_revs.end(); ++i) 
+    {
+      const revision_id new_rev = 
graph.node_to_new_rev[graph.old_rev_to_node[*i]];
+      old_to_new.insert(std::make_pair(*i, new_rev));
+    }
+
+  std::ofstream certs_file("certs.script");
+  int keynum = 0;
+  for (std::map<rsa_keypair_id, std::vector<revision< cert > > 
>::const_iterator i = key_certs.begin();
+       i != key_certs.end(); ++i, ++keynum)
+    {
+      certs_file << "key" << keynum << "=\"" << i->first() << "\"" << 
std::endl;
+    }
+  keynum = 0;
+  for (std::map<rsa_keypair_id, std::vector<revision< cert > > 
>::const_iterator i = key_certs.begin();
+       i != key_certs.end(); ++i, ++keynum)
+    {
+      certs_file << std::endl 
+                 << "# Certs for key" << keynum << ", " << i->first() << 
std::endl;
+      for (std::vector<revision< cert > >::const_iterator j = 
i->second.begin();
+           j != i->second.end(); ++j)
+        {
+          const cert c = j->inner();
+          cert_value tv;    
+          decode_base64(c.value, tv);
+          std::string value = tv();
+          
+          certs_file << "cat > value.file <<CERT_EOF" << std::endl;
+          certs_file << value << std::endl << "CERT_EOF" << std::endl;
+          certs_file << "mtn cert --key=$key" << keynum << " "
+                     << old_to_new[c.ident] << " " << c.name() 
+                     << " $(<value.file)" << std::endl;
+        }
+    }
+  certs_file.close();
+  
 }

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-devel] Re: Rosterify and certificate keys, (continued)
- Re: [Monotone-devel] Rosterify and certificate keys, Richard Levitte - VMS Whacker, 2006/04/10
  - Re: [Monotone-devel] Rosterify and certificate keys, Joel Crisp, 2006/04/10
    - Re: [Monotone-devel] Rosterify and certificate keys, Richard Levitte - VMS Whacker, 2006/04/10
    - Re: [Monotone-devel] Rosterify and certificate keys, Joel Crisp, 2006/04/10
    - [Monotone-devel] Re: Rosterify and certificate keys, Wim Oudshoorn, 2006/04/11
    - Re: [Monotone-devel] Re: Rosterify and certificate keys, Richard Levitte - VMS Whacker, 2006/04/11
    - Re: [Monotone-devel] Re: Rosterify and certificate keys, Timothy Brownawell, 2006/04/11
    - Re: [Monotone-devel] Re: Rosterify and certificate keys, Wim Oudshoorn, 2006/04/12
    - Re: [Monotone-devel] Re: Rosterify and certificate keys, Nathaniel Smith, 2006/04/12

Prev by Date: [Monotone-devel] interesting conversation on policy versioning
Next by Date: [Monotone-devel] Re: About the maintainance of monotone
Previous by thread: Re: [Monotone-devel] Re: Rosterify and certificate keys
Next by thread: [Monotone-devel] Re: Rosterify and certificate keys
Index(es):
- Date
- Thread