508331 – yum repodata xml should use sha256 for file checksums

Bug 508331 - yum repodata xml should use sha256 for file checksums

Summary: yum repodata xml should use sha256 for file checksums

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Spacewalk
Classification:	Community
Component:	Server
Sub Component:
Version:	0.6
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Pradeep Kilambi
QA Contact:	Red Hat Satellite QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	space06 sha256-feature
TreeView+	depends on / blocked

Reported:	2009-06-26 16:11 UTC by Pradeep Kilambi
Modified:	2009-09-10 12:06 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-09-10 12:06:28 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pradeep Kilambi 2009-06-26 16:11:10 UTC

We need to use sha256 in the yum repo data xml when generating the cache files on server. primarily repomd.xml is of interest here.

Comment 2 Pradeep Kilambi 2009-07-13 23:40:37 UTC

commit 3f09640a40cab644e93253ea1c977544ed98e3bc
Author: Pradeep Kilambi <pkilambi>
Date:   Mon Jul 13 19:35:32 2009 -0400

sha256 supported repomd.xml generated from spacewalk:

<?xml version="1.0" encoding="UTF-8"?>
<repomd xmlns="http://linux.duke.edu/metadata/repo"><data type="primary"><locati
on href="repodata/primary.xml.gz"/><checksum type="sha256">d1f2698ed0d38c0b0a42d
be5614bc542a1f592b179e86cdfe85c05ab716a03a2</checksum><open-checksum type="sha25
6">49c0832e6936df583a33dc71aefb7e0960b9ecfd55ccc428b510f1bb55dfb61e</open-checks
um><timestamp>1247516878</timestamp></data><data type="filelists"><location href
="repodata/filelists.xml.gz"/><checksum type="sha256">d04c229589a15349a57e0b8ffb
c7f729f31e9763648b6f4b06f6b124e7c69f91</checksum><open-checksum type="sha256">e9
29db50df95e95919a9ae56da401fba7903f6c78bbafae83f20195c34531dd8</open-checksum><t
imestamp>1247516878</timestamp></data><data type="other"><location href="repodat
a/other.xml.gz"/><checksum type="sha256">5a6bbeebb7ed42a5dacc35ae4bac37950151e05
05b716e0c114f0c3264f2d7e3</checksum><open-checksum type="sha256">3eedef933e3316a
5a4f39f435f312e964a6836c423fbecfa15b2660f477b29f7</open-checksum><timestamp>1247
516878</timestamp></data><data type="updateinfo"><location href="repodata/update
info.xml.gz"/><checksum type="sha256">bc585d8448695bd64938fff60869ab96e9cce5591b
8a33e5a190dcb3cd744308</checksum><open-checksum type="sha256">d78acb0717421dbec9
4d229c5e081b0458e6e68d655bf6fdb4ec8c48e766b170</open-checksum><timestamp>1247516
878</timestamp></data><data type="group"><location href="repodata/comps.xml"/><c
hecksum type="sha256">ea9ba2a56284e4293d6b4e9207702486cd567f0872b4e20e988cf29651
b2bebe</checksum><timestamp>1170970882000</timestamp></data></repomd>

sha1 supported repomd.xml:

<?xml version="1.0" encoding="UTF-8"?>
<repomd xmlns="http://linux.duke.edu/metadata/repo"><data type="primary"><locati
on href="repodata/primary.xml.gz"/><checksum type="sha">63dbb3e6a7790151eae9afe4
4c9d3c8197e01ef0</checksum><open-checksum type="sha">19ee623c39585cbcf410873f2a6
9a2b5bbc1174d</open-checksum><timestamp>1246682333</timestamp></data><data type=
"filelists"><location href="repodata/filelists.xml.gz"/><checksum type="sha">416
8ef8dc80dd807666ae71c8470eeafc7be368a</checksum><open-checksum type="sha">6d32e0
35d211a0bb16a98688edd63a121f38f2a8</open-checksum><timestamp>1246682333</timesta
mp></data><data type="other"><location href="repodata/other.xml.gz"/><checksum t
ype="sha">9ee6548cb761ffe87f7ef3de470980acbce54375</checksum><open-checksum type
="sha">b476102ff3f4cf5a27bc532f2589fdf0593fe127</open-checksum><timestamp>124668
2333</timestamp></data><data type="updateinfo"><location href="repodata/updatein
fo.xml.gz"/><checksum type="sha">9174d64148fd3aacb6976b7b25bd80657af0f9ba</check
sum><open-checksum type="sha">9bed7d0ed29ee41be86cbd6baa729a5a9c4c567d</open-che
cksum><timestamp>1246682333</timestamp></data><data type="group"><location href=
"repodata/comps.xml"/><checksum type="sha">466b6043495925806b31c55316a819e79a358
d0d</checksum><timestamp>1170970882000</timestamp></data></repomd>

Comment 3 Pradeep Kilambi 2009-07-27 21:53:00 UTC

Also following commits impact this bug,

commit a39bf26b3a479712458f103c7e05bc58c49458e9
Author: Pradeep Kilambi <pkilambi>
Date:   Thu Jul 23 14:30:00 2009 -0400

     Sha256 support for channel creation:
    
    - Added the ablility for user to specify a yum repository checksum type at the channel creation time.
    
    - Added a new table lookup table called rhnChecksumType
    
    - Added a new column to rhnChannel checksum_type_id
    
    - Channel creation sets the checksum_type_id and stores it for further lookup for repo generation to pick the user specified checksum.
    
    - Edit channel page should reset the checksum_type_id value and trigger the repo generation with new checksum type.


commit fcc54a505d9cea73147598e638c7461c8b0e58d0
Author: Pradeep Kilambi <pkilambi>
Date:   Mon Jul 27 17:18:09 2009 -0400

     Adding a new create channel api using checksumtype as a params.
    
    - The old create method calls the new one with default as sha1.
    
    - Updated the api version
    
    - Added unit tests for new call

Comment 4 Miroslav Suchý 2009-09-10 12:06:28 UTC

Spacewalk 0.6 released

Note You need to log in before you can comment on or make changes to this bug.