[Libguestfs] [PATCH 2/2] v2v: ova: support SHA256 hashes in manifest
Richard W.M. Jones
rjones at redhat.com
Thu Sep 29 15:45:21 UTC 2016
On Thu, Sep 29, 2016 at 03:56:36PM +0200, Pino Toscano wrote:
> On Thursday, 29 September 2016 14:59:31 CEST Tomáš Golembiovský wrote:
> > The OVF standard allows the use of SHA256 hashes in the manifest file.
> > Adding support for this.
> >
> > Signed-off-by: Tomáš Golembiovský <tgolembi at redhat.com>
> > ---
>
> Maybe it would be a better idea to move the Checksums module from
> virt-builder to e.g. mllib, making it slightly more generic in error
> reporting, add SHA1 support to it, and use it in this case as well.
>
> > v2v/input_ova.ml | 21 ++++++++++++---------
> > 1 file changed, 12 insertions(+), 9 deletions(-)
> >
> > diff --git a/v2v/input_ova.ml b/v2v/input_ova.ml
> > index 513fe30..5420c85 100644
> > --- a/v2v/input_ova.ml
> > +++ b/v2v/input_ova.ml
> > @@ -133,7 +133,7 @@ object
> >
> > (* Read any .mf (manifest) files and verify sha1. *)
> > let mf = find_files exploded ".mf" in
> > - let rex = Str.regexp "SHA1(\\(.*\\))= \\([0-9a-fA-F]+\\)\r?" in
> > + let rex = Str.regexp "SHA\\(1\\|256\\)(\\(.*\\))= \\([0-9a-fA-F]+\\)\r?" in
>
> For example, with the above suggestion, catching the whole checksum
> type in regex and passing it to a new Checksums.from_string function
> could allow to support any checksum type that Checksums knows about.
As long as this is safe with untrusted input (from the OVA file),
I agree.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
More information about the Libguestfs
mailing list