[Yum-devel] [PATCH 2/2] Fix md5 == abort() code path, only generate/trust sha2+ for metalink=>repomd

Seth Vidal skvidal at fedoraproject.org
Tue Dec 8 17:53:37 UTC 2009



On Tue, 8 Dec 2009, James Antill wrote:

> On Tue, 2009-12-08 at 11:24 -0500, Seth Vidal wrote:
>>
>> On Mon, 7 Dec 2009, James Antill wrote:
>>
>>> ---
>>> yum/metalink.py     |    1 +
>>> yum/repoMDObject.py |    5 +++--
>>> yum/yumRepo.py      |   12 +++---------
>>> 3 files changed, 7 insertions(+), 11 deletions(-)
>>>
>>> diff --git a/yum/metalink.py b/yum/metalink.py
>>> index c7f5f83..24da633 100755
>>> --- a/yum/metalink.py
>>> +++ b/yum/metalink.py
>>> @@ -55,6 +55,7 @@ class MetaLinkFile:
>>>     """ Parse the file metadata out of a metalink file. """
>>>
>>>     def __init__(self, elem):
>>> +        # We aren't "using" any of these, just storing them.
>>>         chksums = set(["md5", 'sha1', 'sha256', 'sha512'])
>>>
>>>         for celem in elem:
>>> diff --git a/yum/repoMDObject.py b/yum/repoMDObject.py
>>> index 9f70f1d..2931816 100755
>>> --- a/yum/repoMDObject.py
>>> +++ b/yum/repoMDObject.py
>>> @@ -94,8 +94,9 @@ class RepoMD:
>>>         else:
>>>             # srcfile is a file object
>>>             infile = srcfile
>>> -
>>> -        infile = AutoFileChecksums(infile, ['md5', 'sha1', 'sha256'],
>>> +
>>> +        # We trust any of these to mean the repomd.xml is valid.
>>> +        infile = AutoFileChecksums(infile, ['sha256', 'sha512'],
>>>                                    ignore_missing=True)
>>>         parser = iterparse(infile)
>>>
>>> diff --git a/yum/yumRepo.py b/yum/yumRepo.py
>>> index 765a595..b97f05a 100644
>>> --- a/yum/yumRepo.py
>>> +++ b/yum/yumRepo.py
>>> @@ -1145,22 +1145,16 @@ class YumRepository(Repository, config.RepoConf):
>>>         if repoXML.length != repomd.size:
>>>             return False
>>>
>>> -        #  MirrorManager isn't generating sha256 yet, and we should probably
>>> -        # not require all of the checksums we produce.
>>> -        done = set()
>>>         for checksum in repoXML.checksums:
>>>             if checksum not in repomd.chksums:
>>>                 continue
>>>
>>>             if repoXML.checksums[checksum] != repomd.chksums[checksum]:
>>>                 return False
>>> -            done.add(checksum)
>>>
>>> -        #  Only allow approved checksums, might want to not "approve" of
>>> -        # sha1/md5
>>> -        for checksum in ('sha512', 'sha256', 'sha1', 'md5'):
>>> -            if checksum in done:
>>> -                return True
>>> +            #  If we don't trust the checksum, then don't generate it in
>>> +            # repoMDObject().
>>> +            return True
>>>
>>>         return False
>>
>> Not tested this yet - but does this implicitly mean we need to do a:
>> Requires: python-hashlib if we want that version to be usable on python
>> 2.4?
>
> Yeh, we could keep 'sha1' to make it happy but I'm not sure people will
> like just trusting 'sha1'.
> Or we could hide the raise() somehow, so you could still use it on
> 2.4.x without hashlib (but you won't have checksums for metalink to
> check against).

I'm okay with this change since you're the guy who has to deal with 
python 2.4 using distros most of the time.

-sv



More information about the Yum-devel mailing list