Closed doktornotor closed 7 months ago
fichtner
commented
7 months ago The checksums are for download integrity. It would probably be more useful to have signatures for the files? But to be honest „decompress broken“ is really uncommon and people don’t expect to check for it? 🤨
doktornotor
commented
7 months ago It would probably be more useful to have signatures for the files?
Signatures for the uncompressed files? Well, TBH I never used these signatures. I simply do not remember the syntax.
But to be honest „decompress broken“ is really uncommon and people don’t expect to check for it?
Well, normally the tool would check for CRC errors. Then, I recall this unfortunate bzip2 bug: https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931278
There things happen even with widely used tools. 🤷♂️
fichtner
commented
7 months ago Fair enough. I've moved the generated signatures in the release set away from the bz2 to the actual uncompressed files since they were already generated. I don't want to overload the (easily modifiable) checksum file. Not sure if OpenSSL 3 made verification using Base64 encoding possible now in a single step, but worth investigating.
Rationale: You should be able to check the sanity of the unpacked image as well, in case you use some weird broken unpacking tool. Reference: https://forum.opnsense.org/index.php?topic=37074.0
Note: This patch is completely untested, really do not have the time for testing ATM.