On Mon, Dec 02, 2002 at 10:28:19AM -0500, Perry E. Metzger wrote:
> 
> Bang Jun-Young <junyoung@netbsd.org> writes:
> > > No. Thor is absolutely correct. There is no advantage to an MD5
> > > checksum of the file over any random function yielding 128 bits if you
> > > do not check the hash later on. There is no need for a hash.
> > 
> > How about this one:
> > 
> > 	upper 32 bits = CRC32 | lower 32 bits = ELF hash to a date string
> > 				generated from ctime() when prebinding is
> > 				performed.
> > 	---------------------------------------------------------------
> > 	= 16+1 byte string in .cksum section
> > 
> > With this method we can get both validity check and uniqueness.
> 
> If you *really* want to do a check that depends on the file itself so
> it can be verified later, you should stick with MD5 or SHA. If you
> just want a unique identifier, random numbers are more than
> sufficient.

(sigh) The idea of using MD5 to verify binary seems to be wrong. From now
on, any string found in .cksum section will be used as identifier only.

BTW, what to use to generate identifier is not an important issue. There
are so many ways to generate unique identifier anyway. What I'd *really*
like to know is whether ld.elf_so/RelCache works fine on other people's
machines. Who will be the first one to tell me if he succeeded or not...

Jun-Young

-- 
Bang Jun-Young <junyoung@netbsd.org>