Bug 490696
Summary: | mirrormanager does not supply SHA-256 in metalink files | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Miloslav Trmač <mitr> |
Component: | mirrormanager | Assignee: | Matt Domsch <matt_domsch> |
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | rawhide | CC: | anthonybryan, james.antill, jonstanley, matt_domsch |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-05-08 21:27:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 461972 |
Description
Miloslav Trmač
2009-03-17 17:03:38 UTC
yep. I started looking into this, and need to know which sha-256 python algorithm I can use on python 2.4 (RHEL5) please. This will require corresponding changes in yum. Oh, on RHEL-5 ... you need python-hashlib from EPEL to get anything other than md5 or sha1. So probably better stick to sha1 there. python-hashlib is probably the best option - the program will naturally use the standard Python library on newer systems.
You can also use M2Crypto:
>>> d = M2Crypto.EVP.MessageDigest('sha256')
>>> d.update('abc')
>>> d.final()
'\xbax\x16\xbf\x8f\x01\xcf\xeaAA@\xde]\xae"#\xb0\x03a\xa3\x96\x17z\x9c\xb4\x10\xffa\xf2\x00\x15\xad'
AFAICS yum already supports SHA-256 in metalinks (YumRepository._checkRepoXMLMetalink), but I didn't test it.
Unfortunately, our Fedora Infrastructure servers are running RHEL5, which is where the MM code to generate SHA* values will be running. Looks like EPEL 5 contains python-crypto, which has a SHA256 implementation. ah, python-hashlib is in the fi-repo now. skvidal noted on his blog that smooge may be adding it to EPEL but it's not there at the moment. hashlib it is. dgilmore put it into epel, it's in epel-testing now. whee. mirrormanager-1.2.11, built in plague so will hit epel-testing soon, now returns sha256 and sha512 when available. This is built and in production. |