Subject: Re: muhah
To: Trevor Johnson <trevor@jpj.net>
From: Alistair Crooks <agc@pkgsrc.org>
List: tech-pkg
Date: 03/27/2001 10:00:41
On Mon, Mar 26, 2001 at 12:41:55PM -0500, Trevor Johnson wrote:
> > > So? They aren't MD5 hashes. :-)
> > >
> > > As I understand it, the *BSD md5(1) program set prior art for how md5
> > > hashes look. It's a shame that openssl didn't follow the same format. But
> > > then openssl went off and added sha1 and r{,ipe}md160 support. Why does it
> > > make sense to not follow their lead? At least in how we name the hashes..
> > > (RIPEMD160 vs RMD160).
> > >
> > > And since the support for these hashes hasn't been in md5/cksum(1) for a
> > > week, changing it shouldn't be too big a deal.
> >
> > Because there were/are about 3000 files in pkgsrc which have
> > information stored in the output format of md5(1) - all of the
> > files/md5 and files/patch-sum files. I made the output of digest(1)
> > compatible with that, so that I wouldn't have to add yet more logic to
> > bsd.pkg.mk to work out whether I was dealing with an md5-style
> > checksum, or an openssl-style checksum.
>
> If you would look at the patch I sent the other day, you will notice that
> it doesn't change the output for MD5 hashes. Therefore it does not create
> the need for such logic.
If you'd just care to look in bsd.pkg.mk around the area where (a) it
generates the checksums, (b) it generates the checksums for the
patches, (c) where it calculates the checksums with FAILOVER_FETCH set
when fetching the distfiles, (d) where it calculates the checksums
without FAILOVER_FETCH set when fetching the distfiles, and (e) where
it calculates the checksums for each individual patch, you'll soon see
the need for such logic.
Regards,
Alistair
PS. As a hint, think how it was done previously with md5(1). Then think
how it's done now with digest(1).