Bug 602762 - linux platform discovery now gets sha256, not md5
linux platform discovery now gets sha256, not md5
Status: CLOSED CURRENTRELEASE
Product: RHQ Project
Classification: Other
Component: Plugins (Show other bugs)
3.0.0
All All
low Severity low (vote)
: ---
: ---
Assigned To: John Mazzitelli
Mike Foley
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-06-10 13:23 EDT by John Mazzitelli
Modified: 2013-09-02 03:27 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-09-02 03:27:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description John Mazzitelli 2010-06-10 13:23:43 EDT
Description of problem:

rpm now returns a SHA256, even though it is being asked to return MD5 (see %{FILEMD5S} in the below command)

rpm -q --qf "%{NAME}\n%{FILEMD5S}\n" quota-3.17-6.fc11.x86_64
quota
8e78d332e521bc6c3b1d93ece3b2ec4f116cba07bf9922fa38594ad0d9ebcafe

This is bad because our linux platform plugin component uses that command to give us MD5 and we set the package version MD5 to that value. Real MD5s are 32 chars long, this is 64 (we assume its a SHA256). This blows up on server when we try to insert it into the database since the column is only 32chars wide.

Need to fix plugin component to set MD5 or SHA256 accordingly:

Here's the code fix:

@@ -173,3 +173,7 @@ public class RpmPackageDiscoveryDelegate {
                 packageDetails.setFileName(fileName);
-                packageDetails.setMD5(md5);
+                if (md5.length() <= 32) {
+                    packageDetails.setMD5(md5);
+                } else {
+                    packageDetails.setSHA256(md5); // md5's can only be 32 chars, anything more and we assume its a SHA256
+                }
                 packageDetails.setFileSize(fileSize);
Comment 1 John Mazzitelli 2010-06-10 16:33:05 EDT
we need to wrap that new if statement in:

if (!md5.startsWith("00000000000000000000000000000000")) {
   ...
}

in other words, if rpm returns their "empty md5" token, we don't set SHA or MD5 in the package version since we don't know it.
Comment 2 John Mazzitelli 2010-08-24 14:10:26 EDT
commit 0f34ac2c5509187eb3d991ff4e21c47b60f539da and 83d0bd01759ddc48af69697273f08bbf361bb7a4 implemented this.  Done back in June 2010.

how to test:

1) make sure you are on RHEL or Fedora (anything with rpm really)
2) Run this command (note: if you don't have "quota 3.17" installed, just pick any package you do have installed):
      rpm -q --qf "%{NAME}\n%{FILEMD5S}\n" quota-3.17-6.fc11.x86_64
3) if the hashcode that is output is longer than 32 chars, then rpm is returning SHA256 and not MD5 and thus this bug would have been triggered
4) import your platform and wait until the package information is discovered and uploaded to the server (should take no more than several minutes, though I forget how long to wait). I think you need to enable package discovery, so don't forget to do that (go to the plugin configuration and enable package discovery)
5) Go to the platform's summary tab and see that you have discovered packages. If you do, this bug is fixed.
Comment 3 Heiko W. Rupp 2013-09-02 03:27:08 EDT
Bulk closing of issues that were VERIFIED, had no target release and where the status changed more than a year ago.

Note You need to log in before you can comment on or make changes to this bug.