tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Add SHA512 digests to package metadata

Right now, we use MD5 sums only to verify that individual files in
package metadata have not been modified. Whilst this is not the end of
the world, it needs to be fixed. It also needs to be fixed fairly
sharpish. Diffs at:

The diffs add SHA512 digests to the existing MD5 ones. I'd like to get
this in fairly sharpish, so the focus of this change is to add the
digest, not to fix the code structure; that will be done at a later
date. Also for a later date is to consolidate our use of digest code,
to modularise all of this, to add SHA3-512, and various other basic
things that we've been lagging on.

Opinions, please?


% pkg_admin check ssam
Checked 2 files from 1 package.
% cat /usr/pkg/.dbdir/ssam-1.9nb1/+CONTENTS
@cwd /usr/pkg
@name ssam-1.9nb1
@blddep libutf-3.0
@pkgdep libutf>=3.0
@blddep digest-20121220
@comment $NetBSD: PLIST,v 1.2 2009/06/12 19:09:36 rillig Exp $
@comment MD5:3833190bcba2cbdfc163615b43caf4b5
@comment SHA512:b98b9bd31f640a6f71249ea7be36d32396971664854b8aadb8022733ca595a2aff9f78f92a5b7e0f0298f86902de2226bf4b4788294888d6cfb71c7f5742f962
@comment MD5:2f6ecc60cd4a5c22279751efa4e5a457
@comment SHA512:7b264056cd2e0e6085a6da9ab57e1217aa015b7f324b3d5888a7c39e5a6666474901b5f3c043d1335df13f3bde6569b745e2770e809b051ed6260b3c00b9fb07
@cwd /usr/pkg
% pkg_info -V

Home | Main Index | Thread Index | Old Index