[PATCH 1/2] Verify source hashes with a fallback on md5

Pierre-Yves Chibon pingou at pingoured.fr
Tue Feb 10 13:59:41 UTC 2015 

On Tue, Feb 10, 2015 at 02:38:12PM +0100, Pavol Babincak wrote:
> Just for the record I'm not going to merge this one as we will work with
> different approach as outlined in buildsys mailing list
> https://lists.fedoraproject.org/pipermail/buildsys/2015-February/ (I haven't
> found the latest e-mail via web archive yet).

When you find the email could you send it back this way?
I'm curious about which approach you want to take.


Thanks,
Pierre

> 
> On 03/17/2014 01:05 PM, Mathieu Bridon wrote:
> >We are about to move away from md5 for hashes.
> >
> >However, at the time we move, some source tarballs might still exist
> >only with a md5 hash.
> >
> >This allows verifying these old archives by falling back on md5.
> >
> >We might want to just revert this commit eventually, when are confident
> >that md5 is completely gone (i.e that we have migrated the whole
> >lookaside cache to the new hash).
> >---
> >  src/fedpkg/__init__.py | 9 +++++++++
> >  1 file changed, 9 insertions(+)
> >
> >diff --git a/src/fedpkg/__init__.py b/src/fedpkg/__init__.py
> >index 910e448..55ce0e6 100644
> >--- a/src/fedpkg/__init__.py
> >+++ b/src/fedpkg/__init__.py
> >@@ -249,6 +249,15 @@ class Commands(pyrpkg.Commands):
> >      def build(self, *args, **kwargs):
> >          return(super(Commands, self).build(*args, **kwargs))
> >
> >+    def _verify_file(self, file, hash, hashtype):
> >+        valid = super(Commands, self)._verify_file(file, hash, hashtype)
> >+
> >+        if not valid:
> >+            # We're moving away from md5, so try falling back on md5 for some time
> >+            valid = super(Commands, self)._verify_file(file, hash, "md5")
> >+
> >+        return valid
> >+
> >      # New functionality
> >      def _create_curl(self):
> >          """Common curl setup options used for all requests to lookaside."""
> >
> 
> 
> -- 
> Pavol Babincak
> Release Engineering, Red Hat
> _______________________________________________
> rel-eng mailing list
> rel-eng at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/rel-eng

More information about the rel-eng mailing list