Bug 477030 - Support sha256sums checksumming for repo metadata and packages
Support sha256sums checksumming for repo metadata and packages
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: yum (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Seth Vidal
Fedora Extras Quality Assurance
:
Depends On: 477029
Blocks: fedora-sha2 477043 480791
  Show dependency treegraph
 
Reported: 2008-12-18 14:01 EST by James Bowes
Modified: 2014-01-21 18:07 EST (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-01-26 11:35:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description James Bowes 2008-12-18 14:01:32 EST
+++ This bug was initially created as a clone of Bug #477029 +++

We should support sha256 for checksums on both repodata files, and on the rpms themselves.

Along with createrepo support, we'll also need yum to be able to understand them.
Comment 1 James Antill 2008-12-18 15:01:33 EST
 sha256 _package_ checksums require a repodata .sqlite format change, the .xml already contains the type ... but that info. isn't carried over to the .sqlite files. Internally as soon as we have that type info. it's "easy" to do a sha256 instead of a sha1.

 Of course noone has checked what will happen with older yum's (and other clients) when/if we start generating multiple checksum XML elements with different types.

 _file_ checksums arre gotten directly from the rpmdb or .rpm files, so the major change needs to happen there.
Comment 2 James Antill 2009-01-20 11:22:10 EST
"""sha256 _package_ checksums require a repodata .sqlite format change"""

 We think we have a workaround for this, it'll probably confuse older yum (and non-yum) clients ... but, it's better than a format change.
Comment 3 Miloslav Trmač 2009-01-20 11:30:38 EST
Can you explain why format change should be necessary, please?

AFAICS createrepo-0.9.6 already contains the "checksum_type" column in the "packages" table.
Comment 4 seth vidal 2009-01-26 11:35:49 EST
the format does not need to be changed. I just checked in the necessary changes to createrepo and yum.
in both cases they are minor changes and will not impact backward compatibility of the metadata format.

So - older versions of yum will work with the sha256 metadata. Provided, of course, that the version of python they are using knows about sha256 checksums :)

yum:
http://yum.baseurl.org/gitweb?p=yum.git;a=commitdiff;h=e40f8234756b021206d60ef81600e58d38b63489

createrepo:
http://createrepo.baseurl.org/gitweb?p=createrepo.git;a=commitdiff;h=3b43f1280d94776689816cf96c6cc8135726b240

Thanks

Note You need to log in before you can comment on or make changes to this bug.