From bc21d669c622770aa3b02afc24a5963863780dcb Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 23 Sep 2021 21:41:32 +0300 Subject: [PATCH] Explicitly mention that SPKI's hash is compared to --- gocheese.go | 4 ++-- gocheese.texi | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/gocheese.go b/gocheese.go index 6385416..ed7e55d 100644 --- a/gocheese.go +++ b/gocheese.go @@ -97,8 +97,8 @@ var ( norefreshURLPath = flag.String("norefresh", "/norefresh/", "Non-refreshing URL path") refreshURLPath = flag.String("refresh", "/simple/", "Auto-refreshing URL path") gpgUpdateURLPath = flag.String("gpgupdate", "/gpgupdate/", "GPG forceful refreshing URL path") - pypiURL = flag.String("pypi", "https://pypi.org/simple/", "Upstream PyPI URL") - pypiCertHash = flag.String("pypi-cert-hash", "", "Authenticate PyPI by its X.509 certificate's SHA256 hash") + pypiURL = flag.String("pypi", "https://pypi.org/simple/", "Upstream (PyPI) URL") + pypiCertHash = flag.String("pypi-cert-hash", "", "Authenticate upstream by its X.509 certificate's SPKI SHA256 hash") passwdPath = flag.String("passwd", "passwd", "Path to file with authenticators") logTimestamped = flag.Bool("log-timestamped", false, "Prepend timestmap to log messages") passwdCheck = flag.Bool("passwd-check", false, "Test the -passwd file for syntax errors and exit") diff --git a/gocheese.texi b/gocheese.texi index 8f4aecd..1e9682e 100644 --- a/gocheese.texi +++ b/gocheese.texi @@ -45,7 +45,7 @@ but nearly all the code was rewritten. It has huge differences: @item Integrity check of proxied packages: MD5, SHA256, SHA512, BLAKE2b-256 @item SHA256 checksums for stored packages @item Verifying of SHA256 checksum for uploaded packages -@item Ability to authenticate upstream PyPI with its X.509 certificate's hash +@item Ability to authenticate upstream PyPI by its X.509 certificate's SPKI hash @item Storing of uploaded GPG signatures @item Secure Argon2i (or SHA256) stored passwords hashing @item No YAML configuration, just command-line arguments -- 2.44.0