Subject: DIGEST_ALGORITHMS (was Re: CVS commit: pkgsrc/mk)
To: Alistair G. Crooks <>
From: Jeremy C. Reed <>
List: tech-pkg
Date: 02/22/2005 13:11:30
On Tue, 22 Feb 2005, Alistair G. Crooks wrote:

> Patchfiles will still use simply SHA1, since we are trying to detect a
> binary "has this file changed", rather than proect against tampering.
> In short, if someone can modify the patch file, they can modify the
> distinfo file holding its digest information. This value is set in the
> new PATCH_DIGEST_ALGORITHM definition.

I didn't look to closely, but is PATCH_DIGEST_ALGORITHM or
DIGEST_ALGORITHMS used for PATCHFILES? (I think your new multiple
DIGEST_ALGORITHMS should be used for remotely retrieved PATCHFILES.)

 Jeremy C. Reed

 	  	 	 open source, Unix, *BSD, Linux training