From: "Konstantin Ryabitsev" <konstantin@linuxfoundation.org>
To: tools@linux.kernel.org
Subject: b4: DKIM verification available
Date: Fri, 20 Nov 2020 17:17:31 -0500 [thread overview]
Message-ID: <20201120221731.ktof3h4yejunkc4a@chatter.i7.local> (raw)
[-- Attachment #1: Type: text/plain, Size: 1846 bytes --]
Hi, all:
I'm gearing up for b4 0.6.0, which adds a handful of new features around
attestation. Specifically, it enables DKIM verification if the required
library is available. It used to be a futile exercise due to almost
every mailing list breaking it in terrible ways, but vger now properly
preserves headers so that DKIM signatures verify nearly all the time.
Older mailman still not so much, though.
Here's an example:
-----
b4 am -o/tmp -t 20201120131708.3237864-1-kpsingh@chromium.org
Looking up https://lore.kernel.org/r/20201120131708.3237864-1-kpsingh%40chromium.org
Grabbing thread from lore.kernel.org/bpf
Analyzing 6 messages in the thread
---
Writing /tmp/20201120_kpsingh_ima_implement_ima_inode_hash.mbx
✓ [PATCH bpf-next 1/3] ima: Implement ima_inode_hash
✓ [PATCH bpf-next 2/3] bpf: Add a BPF helper for getting the IMA hash of an inode
✓ [PATCH bpf-next 3/3] bpf: Update LSM selftests for bpf_ima_inode_hash
+ Acked-by: Yonghong Song <yhs@fb.com>
---
✓ Attestation-by: DKIM/chromium.org (From: kpsingh@chromium.org)
---
Total patches: 3
---
Link: https://lore.kernel.org/r/20201120131708.3237864-1-kpsingh@chromium.org
Base: not found
git am /tmp/20201120_kpsingh_ima_implement_ima_inode_hash.mbx
-----
If you want to try it out, just grab the latest master. You will need to
install dkimpy and dnspython either from your distro (I found the
necessary versions in debian-unstable as python3-dkim and
python3-dnspython), or from pypi:
pip install --user dkimpy dnspython
If you find this feature annoying or if it's making things unstable, you
can turn it off by setting the following in your ~/.gitconfig:
[b4]
attestation-check-dkim = no
If b4 doesn't find dkimpy or dnspython, it won't run the checks anyway.
Best regards,
-K
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 235 bytes --]
reply other threads:[~2020-11-20 22:17 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201120221731.ktof3h4yejunkc4a@chatter.i7.local \
--to=konstantin@linuxfoundation.org \
--cc=tools@linux.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).