Deltarpm *not* ready for new RPM checksums (was Re: Ready for new RPM version?)
Seth Vidal
skvidal at fedoraproject.org
Tue Mar 10 17:57:21 UTC 2009
On Tue, 10 Mar 2009, Jonathan Dieter wrote:
> On Tue, 2009-03-10 at 19:41 +0200, Jonathan Dieter wrote:
>> Ok, I've been trying this, but how can we tell if the sequence is sha256
>> or md5 if we're *just* given the sequence (i.e. applydeltarpm -c -s
>> audit-libs-1.7.12-1.fc11-04548395de7d18795d88b32ea98897e90140 where it's
>> a sha256 sequence)?
>
> Ok, I've got it. We just check against md5 first, then sha256 if md5
> doesn't match. It's not elegant, but it should work fine, especially
> since we're only checking for verification, *not* security.
>
why not just check the length of the checksum? md5 checksums are always
going to be SHORTER than sha256.
Seems like a length check is lighter-weight.
-sv
More information about the fedora-devel-list
mailing list