X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=blobdiff_plain;f=infra%2Fdgit-repos-server;h=f2f30884854a83e2403b4142235f8fe4617ecd4c;hp=ab831364ddb8577284cc5cf3f4019f3d44fc2d27;hb=ba153eff996c278e4fb2db71dc038c97d56684af;hpb=fb73b55ade7687b65727b1146b860ea892425cc6

diff --git a/infra/dgit-repos-server b/infra/dgit-repos-server
index ab831364..f2f30884 100755
--- a/infra/dgit-repos-server
+++ b/infra/dgit-repos-server
@@ -632,11 +632,21 @@ sub checksuite () {
 }
 
 sub checktagnoreplay () {
+    # We need to prevent a replay attack using an earlier signed tag.
+    # We also want to archive in the history anything 
+    #
     # We check that the signed tag mentions the name and tag object id of
-    # (a) in the case of FRESHREPO all tags in the repo;
-    # (b) in the case of just NOFFCHECK all tags referring to
+    #
+    # (a) In the case of FRESHREPO all tags and refs/heads/heads in the
+    #     repo.  That is, effectively, all the things we are deleting.
+    #     This prevents any tag implying a FRESHREPO push being replayed
+    #     into a different state of the repo.
+    #
+    # (b) In the case of just NOFFCHECK all tags referring to
     #     the current head for the suite (there must be at least one).
-    # This prevents a replay attack using an earlier signed tag.
+    #     This guarantees that the 
+    #
+    # 
     return unless $policy & (FRESHREPO|NOFFCHECK);
 
     my $garbagerepo = "$dgitrepos/${package}_garbage";