[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] Manifest2 hashes, take n+1-th: 3 hashes for the tie-breaker case
From:       Allan Wegan <allanwegan () allanwegan ! de>
Date:       2017-10-24 21:33:39
Message-ID: 64bba51d-5ba1-c1cc-44e7-68df468669e7 () allanwegan ! de
[Download RAW message or body]

[Attachment #2 (multipart/mixed)]


>> That is currently the case with portage, but not an inevitable
>> consequence of having 3 hash functions in the Manifest. Portage could
>> be made to check only one or two of them (even by default), giving
>> the tie-breaking ability to those who need it, and speeding up things
>> for those who don't.
> No, it can't. The specification (GLEP 59) requires it to check all
> hashes.

Of course it can: The code of the specification just has to be changed
before changing the code of portage. The question is not whether it is
possible to make portage skip hash verification - but whether it is a
good idea to make it do that...

I would not mind as long as the default is to always check all the
hashes and the option to disable it is properly named (like
"--disable-hash-verification" or something similar) and documented.



--=20
Allan Wegan
<http://www.allanwegan.de/>
Jabber: allanwegan@ffnord.net
 OTR-Fingerprint: E4DCAA40 4859428E B3912896 F2498604 8CAA126F
Jabber: allanwegan@jabber.ccc.de
 OTR-Fingerprint: A1AAA1B9 C067F988 4A424D33 98343469 29164587
ICQ: 209459114
 OTR-Fingerprint: 71DE5B5E 67D6D758 A93BF1CE 7DA06625 205AC6EC


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]