On Wed, 16 Feb 2005 14:06:55 +0000
Alistair Crooks <agc@pkgsrc.org> wrote:

> Following on from
> 
> 	http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
> 
> I've made some modifications to bsd.pkg.mk so that a number of digest
> algorithms can be specified for dist files and dist patches.  I have
> kept the digests of our included patch files to be simply sha1 for
> just now, since they are really meant to indicate whether a file has
> changed, and are not used to guarantee file integrity - in short, if
> someone can modify the patch file, they can modify the distinfo file
> holding its information.
> 
> I have extended the DIGEST_ALGORITHM definition (which is set by ?=
> in bsd.pkg.mk) to be a whitespace-separated list of algorithms which
> are used in "makedistinfo" to generate the distinfo files.

Really cool!