[prev in list] [next in list] [prev in thread] [next in thread]
List: netbsd-tech-security
Subject: Re: Using multiple digest algorithms in pkgsrc
From: Juan RP <juan () xtraeme ! nopcode ! org>
Date: 2005-02-16 14:55:02
Message-ID: 20050216155502.50d7b73e.juan () xtraeme ! nopcode ! org
[Download RAW message or body]
On Wed, 16 Feb 2005 14:06:55 +0000
Alistair Crooks <agc@pkgsrc.org> wrote:
> Following on from
>
> http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
>
> I've made some modifications to bsd.pkg.mk so that a number of digest
> algorithms can be specified for dist files and dist patches. I have
> kept the digests of our included patch files to be simply sha1 for
> just now, since they are really meant to indicate whether a file has
> changed, and are not used to guarantee file integrity - in short, if
> someone can modify the patch file, they can modify the distinfo file
> holding its information.
>
> I have extended the DIGEST_ALGORITHM definition (which is set by ?=
> in bsd.pkg.mk) to be a whitespace-separated list of algorithms which
> are used in "makedistinfo" to generate the distinfo files.
Really cool!
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic