Deltarpm *not* ready for new RPM checksums (was Re: Ready for new RPM version?)

[Michael Schroeder]

On Mon, Mar 09, 2009 at 08:46:16PM +0200, Jonathan Dieter wrote:
> Yeah, just ran into some difficulty putting this together.  My original
> plan was to modify deltarpm to be able to read sha256 checksums while
> sticking with md5 checksums in the deltarpm (to maintain compatibility
> in rpm-only deltarpms).
> 
> The problem is that the sequence is generated from the sha256 checksums,
> and there's no elegant way (at least as far as I can see) to get md5
> checksums for the files in the rpm without completely regenerating them.

My plan was to just modify the expandseq() function so that it
uses sha256 if the checksums stored in the rpm header look like
sha256.

I don't think we have any problems with rpm-only deltarpms, as
they don't use file checksums at all.

I think we should stay with the overall md5 sum in the sequence
to ensure compatibility. This is not a security issue, it's just
used to check if the deltarpm can be applied or not.

Cheers,
  Michael.

-- 
Michael Schroeder                                   mls at suse.de
SUSE LINUX Products GmbH, GF Markus Rex, HRB 16746 AG Nuernberg
main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);}