On Sat, 2016-11-05 at 18:57 +0100, Philip Hands wrote: > > Ben Hutchings <firstname.lastname@example.org> writes: > > > On Sat, 2016-11-05 at 01:03 +0100, Philip Hands wrote: > > > Hi, > > > > > > First, apologies for the timing on this, real-life has eaten all my time > > > of late, and when I had some time to spare the InRelease split bug threw > > > a spanner in the works. > > > > > > Here are some patches that I've been failing to get into d-i for a > > > couple of releases -- it would be really nice to avoid making that 3 > > > releases. > > > > > > https://anonscm.debian.org/cgit/d-i/preseed.git/log/?h=pu/preseed-fetch-checksum > > > and > > > https://anonscm.debian.org/cgit/d-i/debian-installer-utils.git/log/?h=pu/preseed-fetch-checksum > > > > I have some review comments. > > > > I think fetch-url should delete the destination file if its checksum is > > incorrect. The destination might be used as a cache location and > > assumed to be valid at a later stage. > > Good point, although its not nearly as important in d-i as it might be > elsewhere, since the error is almost certainly going to terminate the > install. Maybe it will, maybe something will retry. > Also, deleting the file means that one loses the chance to diagnose what > happened. > > One could do the fetch to a temporary file, and then only move it into > place on success. That sounds like a good solution. [...] > > > P.S. I think this would be better if it were using SHA>=265, but > > > we're > > > > still on MD5SUM elsewhere in the code, so I guess that will need to > > > wait. > > > > I agree, MD5 should not be relied on for more than error detection. > > I presume now is the wrong moment to start changing all that though. Right. > The new incarnation is here: > > https://anonscm.debian.org/git/d-i/preseed.git/log/?h=pu/preseed-fetch-checksum2 Looks good to me. > I'll get on with testing... > > Thanks again for the feedback Ben. :-) You're welcome. Ben. -- Ben Hutchings The world is coming to an end. Please log off.
Description: This is a digitally signed message part