svn commit: r335402 - head/sbin/veriexecctl
Simon J. Gerraty
sjg at juniper.net
Wed Jun 20 15:35:10 UTC 2018
Cy Schubert <Cy.Schubert at cschubert.com> wrote:
> > The signing of manifests is external. The veriexecctl tool is I assume
> > a straight copy of what's in NetBSD (I've not looked at it in at least a
> > decade).
>
> If this is correct, should it not be imported into the vendor branches
> first?
>
> What are the criteria to import through the vendor branches v.s. direct
> import into HEAD? Do I fail to understand a missing piece of
> information or is there an inconsistency?
AFAIK the key is whether there is an upstream project that will be
tracked, which is not the case here.
The ctl tool is the only bit that bears any relationship to the NetBSD
code - because we never used it.
Once I commit the loader stuff, we can replace the above with something
more useful - can leverage the same library to verify manifest
signatures.
More information about the svn-src-head
mailing list