From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6801915806C for ; Sun, 13 Jul 2025 04:19:53 +0000 (UTC) Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (No client certificate requested) (Authenticated sender: relay-lists.gentoo.org@gentoo.org) by smtp.gentoo.org (Postfix) with ESMTPSA id 48910341F0F for ; Sun, 13 Jul 2025 04:19:53 +0000 (UTC) Received: from bobolink.gentoo.org (localhost [127.0.0.1]) by bobolink.gentoo.org (Postfix) with ESMTP id 3E42711036B; Sun, 13 Jul 2025 04:19:52 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bobolink.gentoo.org (Postfix) with ESMTPS id 3289B11036B for ; Sun, 13 Jul 2025 04:19:52 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id ACE96341EFF for ; Sun, 13 Jul 2025 04:19:51 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 4AF421851 for ; Sun, 13 Jul 2025 04:19:50 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1752380336.3a59775ecf291b53cfb6de07af9d55dc71685a6e.sam@gentoo> Subject: [gentoo-commits] proj/portage:master commit in: bin/ X-VCS-Repository: proj/portage X-VCS-Files: bin/emerge-webrsync X-VCS-Directories: bin/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: 3a59775ecf291b53cfb6de07af9d55dc71685a6e X-VCS-Branch: master Date: Sun, 13 Jul 2025 04:19:50 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 2437c88e-8724-41e9-adc3-b4a12798acb4 X-Archives-Hash: 3bfef476deb93f73e5986052952061c8 commit: 3a59775ecf291b53cfb6de07af9d55dc71685a6e Author: Kerin Millar plushkava net> AuthorDate: Fri Jul 4 14:32:00 2025 +0000 Commit: Sam James gentoo org> CommitDate: Sun Jul 13 04:18:56 2025 +0000 URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=3a59775e emerge-webrsync: move snapshot freshness check to a distinct function Presently, the do_snapshot() function composes an array of snapshot tarballs and an array of mirrors before iterating over the cross product of both, stopping after encountering a tarball that can be fetched and validated. There are three modes of validation, which are as follows. - verifying against the published MD5 checksum - verifying with gemato or gpg(1) - verifying that the timestamp falls within an acceptable time range The latter mode of verification is sufficiently complex as to merit its own function. Make it so by introducing the is_snapshot_fresh() function and calling it from do_snapshot(). Signed-off-by: Kerin Millar plushkava.net> Signed-off-by: Sam James gentoo.org> bin/emerge-webrsync | 65 ++++++++++++++++++++++++++++------------------------- 1 file changed, 34 insertions(+), 31 deletions(-) diff --git a/bin/emerge-webrsync b/bin/emerge-webrsync index e704d04bf0..60b5a3fa96 100755 --- a/bin/emerge-webrsync +++ b/bin/emerge-webrsync @@ -467,7 +467,7 @@ sync_local() { do_snapshot() { local ignore_timestamp=$1 date=$2 - local {repo,snapshot}_timestamp have_files signature unixtime digest mirror file + local have_files signature digest mirror file local -a tarballs mirrors local -A suffix_by @@ -506,36 +506,9 @@ do_snapshot() { && have_files=1 fi - # - # If timestamp is invalid - # we want to try and retrieve - # from a different mirror - # - if (( have_files )); then - einfo "Getting snapshot timestamp ..." - - if ! snapshot_timestamp=$(get_snapshot_timestamp "${DISTDIR}/${file}"); then - die "couldn't determine the timestamp of snapshot ${file@Q}" - fi - if [[ ${ignore_timestamp} == 0 ]]; then - if ! repo_timestamp=$(get_repository_timestamp); then - die "couldn't determine the timestamp of repo ${repo_location@Q}" - fi - if (( snapshot_timestamp < repo_timestamp )); then - ewarn "Repository (age) is newer than fetched snapshot" - have_files=0 - fi - else - # Check that this snapshot is of the age it claims to be. - unixtime=$(get_unixtime_by_date "${date}") - if (( snapshot_timestamp < unixtime - || snapshot_timestamp > unixtime + 2 * 86400 )) - then - ewarn "Snapshot timestamp is not within acceptable period!" - have_files=0 - fi - fi - fi + (( have_files )) \ + && ! is_snapshot_fresh "${DISTDIR}/${file}" "${ignore_timestamp}" \ + && have_files=0 if (( have_files )); then break 2 @@ -554,6 +527,36 @@ do_snapshot() { fi } +is_snapshot_fresh() { + local file=$1 ignore_timestamp=$2 + local snapshot_timestamp repo_timestamp unixtime date + + einfo "Getting snapshot timestamp ..." + + if ! snapshot_timestamp=$(get_snapshot_timestamp "${file}"); then + die "couldn't determine the timestamp of snapshot ${file@Q}" + fi + if (( ! ignore_timestamp )); then + if ! repo_timestamp=$(get_repository_timestamp); then + die "couldn't determine the timestamp of repo ${repo_location@Q}" + fi + if (( snapshot_timestamp < repo_timestamp )); then + ewarn "Repository (age) is newer than fetched snapshot" + return 1 + fi + else + # Check that this snapshot is of the age it claims to be. + date=${file##*-} date=${date%%.*} + unixtime=$(get_unixtime_by_date "${date}") + if (( snapshot_timestamp < unixtime + || snapshot_timestamp > unixtime + 2 * 86400 )) + then + ewarn "Snapshot timestamp is not within acceptable period!" + return 1 + fi + fi +} + do_latest_snapshot() { local timestamp_{difference,problem} snapshot_{date,unixtime} approx_snapshot_time existing_timestamp start_{hour,time} local min_time_diff attempts TZ=UTC