tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Reasons for having SHA512?

On Tue, Sep 6, 2011 at 3:29 PM, Joerg Sonnenberger
<> wrote:
> On Tue, Sep 06, 2011 at 11:25:31AM +0300, Aleksey Cheusov wrote:
>> I'd like to commit the ttached patch. Objections?
> I don't exactly see the point and this adds a highly
> volatile item that
> is pretty much irrelevant most of the time.

After building an update plan
"nih install" does the following:
1) Checks if binaries to be installed/updated are
   present in $CACHEDIR directory
2) For present binaries it checks their checksums and compare
   them with SHA512.txt downloaded from ftp:// together
   with pkg_summary(5) by "nih refresh" in order to (re)download
   broken binaries (e.g. partially downloaded).
3) If checksums for all packages from update plan
   match SHA512, nih starts an installation.

This is why I need checks.

As I said earlier SHA512 file is useless. pkg_summary(5)
has good enough format for keeping checksums for packages.
If we add CKSUM to pkg_summary(5),
all required information about all packages in
the repository can be stored in *single* file.
This is the goal.

Home | Main Index | Thread Index | Old Index