[Yum-devel] [PATCH] Check all checksums for repomd, from metalink, validation.
James Antill
james at and.org
Mon Sep 13 14:51:32 UTC 2010
---
yum/yumRepo.py | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/yum/yumRepo.py b/yum/yumRepo.py
index b501d61..4016ce5 100644
--- a/yum/yumRepo.py
+++ b/yum/yumRepo.py
@@ -1119,6 +1119,7 @@ class YumRepository(Repository, config.RepoConf):
if repoXML.length != repomd.size:
return False
+ done = False
for checksum in repoXML.checksums:
if checksum not in repomd.chksums:
continue
@@ -1126,11 +1127,11 @@ class YumRepository(Repository, config.RepoConf):
if repoXML.checksums[checksum] != repomd.chksums[checksum]:
return False
- # If we don't trust the checksum, then don't generate it in
- # repoMDObject().
- return True
+ # All checksums should be trusted, but if we have more than one
+ # then we might as well check them all ... paranoia is good.
+ done = True
- return False
+ return done
def _checkRepoMetalink(self, repoXML=None, metalink_data=None):
""" Check the repomd.xml against the metalink data, if we have it. """
--
1.7.2
More information about the Yum-devel
mailing list