Re: [RFC] Enhance checksum support
On Sun, Jan 20, 2008 at 01:45:35PM +1000, Anthony Towns wrote:
> On Sat, Jan 19, 2008 at 06:15:45PM +0100, Frank Lichtenheld wrote:
> The advantage of having all that in one place means you can verify the
> hash properly with a simple script like:
Ok, I can see that.
> > So maybe keep the Checksums field and introduce a Contents field that
> > contains no checksums, but only the size and the name?
> > Checksums:
> > md5 4bf7ff17bd9ddf3846d9065b3c594fb4 foo
> > sha256 28ee6a10eb280ede4b19c1b975aff5533016a26de67ba9212d51ffaea020ce34 foo
>
> Having the hash as a parameter instead of in the field is a bit confusing
> but still easy to parse; having the size separated out makes things much
> more awkward though.
>
> By confusing, I mean things like:
>
> Checksums:
> sha1 a0a53d15d7dbc6a9cdfd1889ae30ba8b3dbf7d94 foo
> md5 4bf7ff17bd9ddf3846d9065b3c594fb4 bar
>
> become ambiguous -- is it an error, or are you meant to be using md5 to
> verify bar and sha1 to verify foo, along the lines of Tim's suggestion?
Hmm, I don't really see the problem. dpkg-source should always verify
the checksums it has. And at some point it could warn about cases where
is only has a weaker checksum like md5.
The whole thing honestly doesn't do much for security anyway until the gpg
support of dpkg-source is largely improved. For that I have no real concept yet,
though.
> It's also slightly harder to see what hashes are in use -- you can't just
> check the presence of a field, you have to grep the contents of the field.
>
> For comparison, the Release files use the format:
>
> MD5Sum:
> {md5} {size} {path}
> SHA1:
> {sha1} {size} {path}
> SHA256:
> {sha256} {size} {path}
OK, in the end only two points are important to me:
1) Each file should be able to have several checksums specified
2) I really don't like having more than one checksum per line since
that greatly increases the margin for errors and confusion IMHO.
Since both our proposal match these criteria I have no problem
implementing yours instead. And you are indeed correct that it
makes the information easier to read from simple-minded scripts
(for the small price of including redundant information).
I will prepare a patch to implement your proposal as well and give
people one more chance to issue their opinion before merging one
of them.
Gruesse,
--
Frank Lichtenheld <djpig@debian.org>
www: http://www.djpig.de/
Reply to: