GNU bug report logs - #35739
[w32] Bad signature from GNU ELPA for archive-contents

Previous Next

Package: emacs;

Reported by: Richard Copley <rcopley <at> gmail.com>

Date: Tue, 14 May 2019 21:27:02 UTC

Severity: normal

Fixed in version 26.3

Done: Stefan Monnier <monnier <at> iro.umontreal.ca>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Stefan Monnier <monnier <at> iro.umontreal.ca>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: rcopley <at> gmail.com, 35739 <at> debbugs.gnu.org, npostavs <at> gmail.com
Subject: bug#35739: Bad signature from GNU ELPA
Date: Wed, 22 May 2019 12:20:01 -0400

> I don't think I understand the change enough to say something
> intelligent here.  The commit explains, o some extent, why the
> original code failed, but it says nothing about the way the new code
> solves the problem without introducing new ones.

It solves the problem by refraining from decoding until we know
positively that it needs to happen.  In the patch I installed, I only
end up decoding the readme.txt descriptions.  Maybe there are other
places where decoding is needed, if so we'll need to fix those cases
I missed when we find them.

> I'm also mildly worried about the incompatible change in url-insert,
> which is a general-purpose function not limited to package.el and its
> signature verification.

Yes, this part should definitely not be in emacs-26.

Luckily, I think the rest of the change still solves our problem in
practice in Emacs-26 (the change in url-insert only affects the case
where the HTTP headers returned by the server specify a particular
"charset", which is not the case when downloading .tar and .el files
from elpa.gnu.org AFAICT).


        Stefan
This bug report was last modified 5 years and 358 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.