From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Stefan Kangas Newsgroups: gmane.emacs.devel Subject: Re: scratch/package-security bcde5f8 2/2: Support expiration of metadata by package archives Date: Wed, 25 Nov 2020 21:24:23 -0500 Message-ID: References: <20201121234313.32698.75403@vcs0.savannah.gnu.org> <20201121234315.1991F209DE@vcs0.savannah.gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="36424"; mail-complaints-to="usenet@ciao.gmane.io" To: Stefan Monnier , emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu Nov 26 03:25:12 2020 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1ki6y7-0009JF-Lf for ged-emacs-devel@m.gmane-mx.org; Thu, 26 Nov 2020 03:25:11 +0100 Original-Received: from localhost ([::1]:57382 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ki6y6-0004ZG-O0 for ged-emacs-devel@m.gmane-mx.org; Wed, 25 Nov 2020 21:25:10 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:39344) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ki6xP-00048u-5u for emacs-devel@gnu.org; Wed, 25 Nov 2020 21:24:27 -0500 Original-Received: from mail-ej1-f50.google.com ([209.85.218.50]:41057) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ki6xN-0000Kw-Bm for emacs-devel@gnu.org; Wed, 25 Nov 2020 21:24:26 -0500 Original-Received: by mail-ej1-f50.google.com with SMTP id gj5so622767ejb.8 for ; Wed, 25 Nov 2020 18:24:25 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to; bh=IzW1oDRdu4tsxl/q5AmubFG6bWEFdDD5QQaHwawOn/s=; b=dBJqyHGU0mdc6bDng6s7A2HURyN17pIzchPF4NKfQyHTyvLzvnjmY0gxyYMktBT5Vt MX+nRrHlLwRduNSupJrvg8nEimjLEJToQgj2bNUUYTg+5h1CYLCS/0Hb4aIMzYLxpO7K h4l60p+f6yWTZ/w2Lk0TTnxfk9WylTkY1Km+Ey/oXJcm3VbOWEdQ95hepjnSe3kgxw7w P0fryl6srlL1tXD0Opar3ssvpOxbpDzvOmg2TVcfWMcKlqrdL1LQFvq+EpnkRady7D3l kmpgavm51cTHszVFnIDYkjrEk8rgEu69/mBilz6chB8XOuJGC4JXKBF1K6F7zYtkrP3Z MgXA== X-Gm-Message-State: AOAM5307HG6ie0v1xOKDZDTBMhBurBn4d6Z5EZGOGUJ8dmDARKsHT+IM rEIZVpqmslOSwD+spjmH01cSENb29d5i+S7LvJk= X-Google-Smtp-Source: ABdhPJyKsMxkBi81Z4emEsken4nqhLO4mhYgKhEMtvUvmZuiHcJncHW/lYzfO1z9J6YEeSoanwFkdeOjuSdXW3V6IxM= X-Received: by 2002:a17:906:1918:: with SMTP id a24mr765699eje.432.1606357463870; Wed, 25 Nov 2020 18:24:23 -0800 (PST) Original-Received: from 753933720722 named unknown by gmailapi.google.com with HTTPREST; Wed, 25 Nov 2020 21:24:23 -0500 In-Reply-To: Received-SPF: pass client-ip=209.85.218.50; envelope-from=stefankangas@gmail.com; helo=mail-ej1-f50.google.com X-Spam_score_int: -13 X-Spam_score: -1.4 X-Spam_bar: - X-Spam_report: (-1.4 / 5.0 requ) BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:259818 Archived-At: Stefan Monnier writes: >> @@ -449,6 +458,7 @@ synchronously." >> (define-error 'bad-size "Package size mismatch" 'package-error) >> (define-error 'bad-signature "Failed to verify signature" 'package-error) >> (define-error 'bad-checksum "Failed to verify checksum" 'package-error) >> +(define-error 'bad-timestamp "Failed to verify timestamp" 'package-error) > > Hmm, these errors should all have a `package-` prefix. Agreed. But I was worried that changing it would break some third-party packages. Do we have a way to work around that? Or do you think this is not something we need to worry all that much about? [...] > Hmm... I think you forgot the `error` in this > `condition-case-unless-debug` (i.e. the way you wrote it, it will catch > all `lwarn` errors). Indeed, thanks. I'll fix it. >> +(defun package--parse-valid-until-from-buffer (name) >> + "Find and return \"Valid-Until\" header for archive NAME." >> + (package--parse-header-from-buffer "Valid-Until" name)) > > It would be easier for the ELPA archives is to use a "validity duration" > header, since it could then be constant. FWIW, I feel like the current way is more human readable: I immediately know the exact time and date when it will expire. Also, we don't need to have a number like "7" where it is not immediately clear if it means hours, weeks or days, and we don't need to write a parser for "7 days", "1 week", etc. but can just reuse existing well-tested parsers. But of course you can just reply that you would rather just immediately know how long it is until these files normally expire without having to calculate it. So I guess we can go around in circles about this. Hmm. ( BTW, the name and semantics of this field is based on APT: https://wiki.debian.org/DebianRepository/Format#Date.2C_Valid-Until ) > Other that that, LGTM, Thanks for reviewing.