| 13 Dec 2018 |
 Tovok7 | sorry, missing context | 13:52:21 |
 Nico Alt | _hc: Yes, they're randomly different.
The MR you linked just changed them from hardcoded values to randomly generated. | 13:56:26 |
| Tovok7 | the java9+ keystore issue? | 13:57:58 |
| Nico Alt | _hc: When you say a fdroid repo normally has the same password for both store and key, I think it's safe to do the same for repo by repomaker. | 13:57:59 |
| Nico Alt | Tovok7: Exactly. | 13:58:05 |
| Tovok7 | thanks! | 13:58:17 |
| Tovok7 | and the issue is different password for store and key? | 13:58:24 |
| Nico Alt | Tovok7: But we found out that this issue isn't related to the java version, but rather to the type of keystore. | 13:58:44 |
| Nico Alt | Tovok7: Yes. In repomaker we use different passwords for store and key, but the (default) keystore type in flatpak doesn't support that. | 13:59:29 |
| Tovok7 | wow, who would have thought that... | 14:00:10 |
| Nico Alt | The keystore type used in flatpak is PKCS12. | 14:00:16 |
| Tovok7 | and that's because of the java version? | 14:00:31 |
| Nico Alt | I don't think so. It's rather just a default that differs from the defaults on Debian, Ubuntu, Arch and all the other OSes we've used so far with Repomaker. | 14:01:24 |
| Tovok7 | did you try changing this default? might be easiest... | 14:01:53 |
| Nico Alt | Tovok7: Do you agree that it's safe to use the same password for store and key in repomaker? | 14:02:23 |
| Tovok7 | I am not so much concerned about using the same passwort in the future, but rather how to do that in a backwards compatible way that doesn't break people's existing installations (if there are any) | 14:03:16 |
| Nico Alt | Tovok7: I could do that, but we could also just stick to fdroidserver's behavior of using the same password. Could potentially save us some headache in the future. | 14:03:23 |
| Nico Alt | Tovok7: That's a valid point. To keep it backwards compatible, I would not drop the two fields for key_pass and key_store_pass but rather just generate only one for both from now on. | 14:05:43 |
| Tovok7 | so generate one and store it twice on those different fields. | 14:06:26 |
| Nico Alt | I would change this code to the following: https://gitlab.com/fdroid/repomaker/blob/44372f48afdef9d25d16fccd9b82272fbcee9621/repomaker/models/repository.py#L142 | 14:06:44 |
| Nico Alt | Tovok7: Exactly. | 14:06:47 |
| Tovok7 | yeah if that's easier than changing they keystore format in flatpack... | 14:06:45 |
| Nico Alt | self.key_store_pass = common.genpassword() self.key_pass = self.key_store_pass
| 14:07:47 |
| Tovok7 | maybe add some comments to this place explaining why both are using the same password | 14:07:45 |
| Nico Alt | Will do. | 14:08:04 |
| Tovok7 | thanks for working through all these hoops you encounter along the way.! | 14:08:28 |
| Nico Alt | Thank you for answering my questions! | 14:09:32 |
| Nico Alt | izzy_: Was is this Friday when you needed to finish the article? | 14:12:01 |
| Tovok7 | Btw. I would like to remind people that there's a working Docker setup for people that want to host a repomaker instance somehwere | 14:16:27 |
| Tovok7 | the flatpack and deb package are mainly meant for local single user deployments | 14:16:48 |
