[Buildd-tools-devel] Bug#270439: Bug #270439: failed or aborted downloads aren't resumed or even checked for completeness

[Kilian Krause]

Roger,

thanks for getting back to me after so long. 

> The attached patch adds proper checking to downloaded sources.  This
> applies to current CVS, or sbuild 0.42 and other recent versions.

Ok.


> The first hunk takes care of verifying already downloaded sources.  If
> this fails, it downloads them again.  This fixes the main issue.

Good.


> The second hunk verifies /all/ sources prior to a build.  This has the
> effect of requiring all .dsc files to verify and be signed.
> Currently, we do allow unsigned .dsc files.

Yes... 

> The second hunk changes the behaviour of sbuild, but does make it more
> secure.

> Comments?

Well, actually I'd say the second behaviour should be the correct new
default. It should be having a switch though to enable and disable it,
allowing admins requiring unsigned sources (e.g. from their local
archive) to retain their current behaviour. Probably the package should
either ask through po-debconf whether it's to be enabled system-wide or
just left disabled and left to the individual user to overwrite that
default.

-- 
Best regards,
 Kilian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20060313/4b293ff9/attachment-0001.pgp