From: Mark Hatle <mark.hatle@windriver.com>
To: <openembedded-core@lists.openembedded.org>
Subject: Re: opkg and gpg signed ipk packages
Date: Tue, 19 May 2015 09:23:39 -0500 [thread overview]
Message-ID: <555B476B.9040400@windriver.com> (raw)
In-Reply-To: <CAP9ODKoZrbZdx5xuGZASmUL_1X6uoXpu_Hnz4+3RX58AMEn0NQ@mail.gmail.com>
On 5/19/15 7:01 AM, Otavio Salvador wrote:
> On Tue, May 19, 2015 at 8:47 AM, Sona Sarmadi <sona.sarmadi@enea.com> wrote:
>>
>>>> I'm guessing you would want something like this in your custom distro
>>>> config (or local.conf if you must):
>>>>
>>>> PACKAGECONFIG_append_pn-opkg = " sha256"
>>>> PACKAGECONFIG_append_pn-opkg-native = " sha256"
>>>
>>
>> Thanks a lot guys for your help, this is now working :)
>> There is support for sha256 in opkg but not in the opkg-utils.
>> opkg-utils (opkg.py) just uses md5 as default option. I changed
>>
>> opkg.py:
>> ........
>> # compute the MD5.
>> if not self.fn:
>> self.md5 = 'Unknown'
>> else:
>> f = open(self.fn, "rb")
>> sum = hashlib.md5()
>> to
>> sum = hashlib.sha256()
>>
>> and now I get checksum sha256 in the "Packages" file:
>>
>> SHA256Sum: 6be1fb5b9dab3de5848fd578d515d05adc5c6cd3b0009f8c1b13ab1250cee594
>>
>> Do you think this patch would be of interest for someone?
>
> Yes but it would be good to make it choosable at distro level.
I agree.. and RPM(5) has the ability to switch the default checksum from MD5 to
others as well. So a global distro setting would make sense. (I don't know how
the deb package manager is configured.)
Let me know if we come up with a distribution level switch (or if we just want
to make the policy be sha256, as it's definitely better then MD5) and I can help
make the RPM configuration change as well.
--Mark
next prev parent reply other threads:[~2015-05-19 14:23 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <3230301C09DEF9499B442BBE162C5E48258ED362@sestoex09.enea.se>
[not found] ` <20150507200911.GA19158@bang.betafive.co.uk>
[not found] ` <3230301C09DEF9499B442BBE162C5E48258EEECD@sestoex09.enea.se>
[not found] ` <20150508162311.GA20977@bang.betafive.co.uk>
2015-05-13 20:20 ` opkg and gpg signed ipk packages Sona Sarmadi
2015-05-14 8:49 ` Paul Eggleton
2015-05-14 14:15 ` Sona Sarmadi
2015-05-19 11:47 ` Sona Sarmadi
2015-05-19 11:56 ` Gary Thomas
2015-05-19 12:01 ` Otavio Salvador
2015-05-19 14:23 ` Mark Hatle [this message]
2015-05-20 10:44 ` Sona Sarmadi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=555B476B.9040400@windriver.com \
--to=mark.hatle@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox