tech-pkg: DIGEST_ALGORITHMS (was Re: CVS commit: pkgsrc/mk)

Subject: DIGEST_ALGORITHMS (was Re: CVS commit: pkgsrc/mk)
To: Alistair G. Crooks <agc@netbsd.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-pkg
Date: 02/22/2005 13:11:30

On Tue, 22 Feb 2005, Alistair G. Crooks wrote:

> Patchfiles will still use simply SHA1, since we are trying to detect a
> binary "has this file changed", rather than proect against tampering.
> In short, if someone can modify the patch file, they can modify the
> distinfo file holding its digest information. This value is set in the
> new PATCH_DIGEST_ALGORITHM definition.

I didn't look to closely, but is PATCH_DIGEST_ALGORITHM or
DIGEST_ALGORITHMS used for PATCHFILES? (I think your new multiple
DIGEST_ALGORITHMS should be used for remotely retrieved PATCHFILES.)

 Jeremy C. Reed

 	  	 	 open source, Unix, *BSD, Linux training
	  	 	 http://www.pugetsoundtechnology.com/