Date: Thu, 26 Aug 2004 15:53:34 -0400 From: Chuck Swiger <cswiger@mac.com> To: freebsd-security@freebsd.org Cc: eikemeier@fillmore-labs.com Subject: Re: Report of collision-generation with MD5 Message-ID: <412E3FBE.8080708@mac.com> In-Reply-To: <293AF1C6-F73B-11D8-91E7-00039312D914@fillmore-labs.com> References: <293AF1C6-F73B-11D8-91E7-00039312D914@fillmore-labs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Oliver Eikemeier wrote: > Mohacsi Janos wrote: >> I would also opt for having (by default) additional hash algorithms. [ ... ] >> The most easiest way would be to define a knob like >> PREFERED_HASH that would list the algorithms that system would prefer, >> and REQUIRED_HASH that would be required to checked: >> - makesum should generate all the PREFERED_HASH >> - fetch should fail if any of the REQUIRED_HASH failed makesum ought to generate all of the available hashes, otherwise what happens if someone sets REQUIRED_HASH to a hash that wasn't PREFERED? > devel/portmk supports generation of multiple hashes, although it will > just verify the first of the sufficient ones. the problem is to test > this stuff before 5.3. I installed and activated devel/portmk on a 4.10 system. I think I found the variable to control which algorithms are used, but: 48-sec# cd /usr/ports/astro/accrete 49-sec# env VALID_ALGORITHMS='MD5 SHA1 RMD160' make makesum 50-sec# cat distinfo MD5 (accrete-1.0.tar.gz) = a8586ec1682cb9545ea380d78a8e83d1 SIZE (accrete-1.0.tar.gz) = 17212 ...? -- -Chuck PS: Can I vote for a "make distinfo" target, either as an alias of "make makesum", or as dependency between the distinfo file and the actual distribution files from /usr/ports/distfiles?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?412E3FBE.8080708>