On Sat, 2009-08-29 at 10:11 -0500, Timothy Brownawell wrote: > Hmm. If you migrate a database containing key f...@bar.com (1234...) and > certs signed by key f...@bar.com (abcd...), the upgrade logic will attach > them to that (wrong) key because it assumes your db is consistent.
> So we > need a command that will try to reassign any invalid certs to the > correct key, and maybe optionally delete them if it doesn't have that > key (so you'll be able to get a good copy, with the key, during your > next pull). This is done now, 'db fix_certs'. There's also a test for it, and a script tests/db_fix_certs/generate-db.sh that demonstrates one way to get mismatched certs into a 0.44 db (and was used to generate the db that the test uses). > We probably also want to drop certs with bad signatures (ie, > attached to the wrong key) during netsync, so they don't spread. This is also done. -- Timothy Free public monotone hosting: http://mtn-host.prjek.net _______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/monotone-devel
