[tor-bugs] #30480 [Applications/rbm]: rbm should check that a signed tag object contains the expected tag name
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu May 16 10:52:41 UTC 2019
#30480: rbm should check that a signed tag object contains the expected tag name
-----------------------------------+------------------------------
Reporter: boklm | Owner: boklm
Type: task | Status: needs_review
Priority: Medium | Milestone:
Component: Applications/rbm | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201905R | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------------+------------------------------
Changes (by boklm):
* status: new => needs_review
* keywords: => TorBrowserTeam201905R
Comment:
There is a patch for review in branch `bug_30480`:
https://gitweb.torproject.org/user/boklm/rbm.git/commit/?h=bug_30480&id=6e60b0bd52a8e85c6f85eb531737258be914fc2d
To check that it is working correctly, you can use the branch
`test_bug_30480` from my tor-browser-build repo:
https://gitweb.torproject.org/user/boklm/tor-browser-
build.git/commit/?h=test_bug_30480&id=d406833d7b39c63a2808ea66b99dec9bca460fc8
My tor-browser-build repo includes 4 tags:
* test_bug_30480-t1 is a correct signed tag
* test_bug_30480-t2 is a copy of test_bug_30480-t1, so its name is
incorrect
* test_bug_30480-t3 is a correct signed tag. However it also includes the
line `tag test_bug_30480-t4` in the commit message (which should be
ignored).
* test_bug_30480-t4 is a copy of test_bug_30480-t3, so its name is
incorrect (but the correct name is included in the commit message)
Which can be tested with:
{{{
./rbm/rbm tar bug_30480 --target t1
./rbm/rbm tar bug_30480 --target t2
./rbm/rbm tar bug_30480 --target t3
./rbm/rbm tar bug_30480 --target t4
}}}
With the rbm patch, t2 and t4 are now failing, but do not fail without the
patch.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30480#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list