#5846: move away from md5 for look-aside cache
Fedora Release Engineering
rel-eng at fedoraproject.org
Thu Feb 13 10:06:09 UTC 2014
#5846: move away from md5 for look-aside cache
-------------------+-----------------------
Reporter: till | Owner: rel-eng@…
Type: task | Status: new
Milestone: | Component: other
Resolution: | Keywords:
Blocked By: | Blocking:
-------------------+-----------------------
Comment (by bochecha):
So, I've been attaching quite a few patches here, and I can't find a way
to mark some as obsolete, so here are the details.
First, these patches can be totally ignored, as I found tmz's suggestion
comment 8 would be better than what I had done:
* 0001-lookaside-Add-a-new-fallback-hash.patch
* 0001-lookaside-Adapt-to-the-rpkg-change.patch
* 0002-lookaside-Use-sha256-instead-of-md5-by-default.patch
Then, 0001-lookaside-Determine-which-hash-function-was-used.patch is a
patch to apply to rpkg, which implements the following:
* when verifying a source file, determine the hash used from the length of
the hashed string
* nothing changes when uploading: the hash used is the one set in the
configuration file
Finally, 0001-lookaside-Support-more-than-just-md5sum.patch is for the
upload.cgi script on the lookaside server, so that when a file is
uploaded, we don't assume the hash is md5, but determine it from the
length of the hashed string.
One note though: the patch for the lookaside drops compatibility with
older versions of Python which didn't have the hashlib module.
Those versions didn't have hash functions other than md5 and sha1, so it
wouldn't have been possible to deal with sha256 or sha512.
I was assured that our lookaside runs on EL 6 though, which has a recent
enough Python, and it's the system I tested these changes on.
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/5846#comment:14>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
More information about the rel-eng
mailing list