sha1 and rmd160
Daniel
nefar at otherware.org
Fri Apr 6 06:16:12 PDT 2012
I got a message about this too in my latest port (pidgin)
I typically just use whatever I get when doing port -d and copy and paste
the checksum from there. Since I did that and still got a suggestion to
change the hash, can this output be modified to reflect what's
wanted/needed as hashes?
On Fri, Apr 6, 2012 at 5:58 AM, Arno Hautala <arno at alum.wpi.edu> wrote:
> On 2012-04-06, Blair Zajac <blair at orcaware.com> wrote:
> > On 4/5/12 9:53 PM, Arno Hautala wrote:
> >>
> >> Also, I think md5 in Portfiles is deprecated. The preferred hashes are
> >> rmd160 and sha256.
> >
> > If upstream provides a md5, I like to use it, as it makes double checking
> > the
> > port easier.
>
> MacPorts is trying to phase out usage of md5 as it's considered
> cryptographically broken. In this case, it'd be fine for you to use
> the md5 to verify the checksum, but I still think the Portfile should
> contain rmd160 and/or sha256. I'm aware of the ... "oddity" (?) and
> extra effort of using different hashes at different stages, but I
> presume that at some point md5 support will be removed from MacPorts.
> You might as well start using the preferred hashes now, if only to get
> used to a workflow that will be required in the future.
>
> At least, that's my take on things.
>
> --
> arno s hautala /-| arno at alum.wpi.edu
>
> pgp b2c9d448
> _______________________________________________
> macports-dev mailing list
> macports-dev at lists.macosforge.org
> http://lists.macosforge.org/mailman/listinfo.cgi/macports-dev
>
--
"America was founded by men who understood that the threat of domestic
tyranny is as great as any threat from abroad. If we want to be worthy of
their legacy, we must resist the rush toward ever-increasing state control
of our society. Otherwise, our own government will become a greater threat
to our freedoms than any foreign terrorist."
- Ron Paul, Texas Straight Talk, May 31, 2004
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-dev/attachments/20120406/9f2b856c/attachment.html>
More information about the macports-dev
mailing list