[gnutls-help] Windows binaries security/checksum

Marcus Hoffmann m.hoffmann at cartelsol.com
Tue Aug 29 12:39:35 CEST 2017


Hey Nikos,

On 29.08.2017 11:35, Nikos Mavrogiannopoulos wrote:
> On Mon, 2017-08-28 at 12:11 -0700, Gregory Sloop wrote:
>> Nikos...
>>
>> Is it possible to generate checksums for the Windows binaries so we
>> can verify downloads have not been tampered with?
>> [This seems like the easiest/least-hassle option I can think of.]
>> SHA-256 I suppose?
>> I'd probably want checksums anyway - but with a non secure FTP it
>> worries me quite a lot more...
> 
> Hi,
>  I'd like to stop distributing these binaries on ftp and switch to
> linking directly to the binaries generated during the CI run. For
> example:
> 
> https://gitlab.com/gnutls/gnutls/builds/artifacts/gnutls_3_6_0_1/download?job=MinGW64/DLLs
> https://gitlab.com/gnutls/gnutls/builds/artifacts/gnutls_3_6_0_1/download?job=MinGW32/DLLs

You can use a name: entry in the .gitlab-ci.yml to have a more specific
name for the archive than artifacts.zip

Here is a list of variables which are useful for specifying the name:
https://docs.gitlab.com/ee/ci/variables/

We use
name:
"${CI_PROJECT_NAME}_${CI_JOB_NAME}_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHA}"

but that might be a bit verbose.


[...]
> 
> regards,
> Nikos

Best wishes,
Marcus



More information about the Gnutls-help mailing list