Hi Linus, (added the Debian reproducible builds lists to cc:)
On Fri, Mar 18, 2016 at 11:36:56AM +0100, Linus Nordberg wrote: > Do once (per host you're going to submit from): > > alias curl-tor='curl -A "" -x socks4a://127.0.0.1:9050/' that has an result I understand… > curl-tor -O https://www.ct.nordu.net/gaol.ct.nordu.net.pem > curl-tor -O https://www.ct.nordu.net/gaol.ct.nordu.net.pem.asc > gpg --verify gaol.ct.nordu.net.pem.asc but this is rather incomplete or meaningless? ;-) Or I don't see the point as that certificate aint used anywhere? > Do once per .buildinfo file: > > printf "{\"blob\": \"$(cat file | base64)\"}" | \ > curl-tor --data @- \ > http://mvkhztpvqcxpdbn3.onion/open/gaol/v1/add-blob ok, seems easy enough. So I just did: printf "{\"test-h01ger\": \"$(cat /etc/motd | base64)\"}" | curl -A "" \ -x socks4a://127.0.0.1:9050/ --data @- \ http://mvkhztpvqcxpdbn3.onion/open/gaol/v1/add-blob Did the log receive that? If so, it's trivial to send them all to your log… > NOTE0: If the size of your submissions (after base64 encoding) exceeds > ~2MB they will fail. ok, that's fine. currently the biggest .buildinfo file we have (gcc-5-cross-ports_7_amd64.buildinfo) is 120K which transforms into 162k base64 encoded. > NOTE1: All data may disappear at any time (but i'll try hard to avoid > that). ok, noted. > NOTE2: The format for submitted data might change, most likely adding a > requirement for a "sig" field with a signature over "blob" ok, please just tell us. > NOTE3: you might want to put something in "blob" that makes it easy for > you to select your entries from the log I guess the filename of the .buildinfo file will do. What if I reuse the "blob" value? -- cheers, Holger
signature.asc
Description: Digital signature
_______________________________________________ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds