[OpenWrt-Devel] SHA256 hashes for packages
Heinrich Schuchardt
xypron.glpk at gmx.de
Thu Jan 5 17:28:21 EST 2017
Hello Hannu,
why should a variable be called MD5 if it holds an SHA256 hash? That
does not make any sense.
Could you, please, point me to the thread on the openwrt or lede list
that discussed this weird idea.
Abusing the MD5 variable with SHA256 hashes will break compatibility
with older openwrt releases.
If you want an SHA256 hash, please, use an SHA256 variable.
This was already pointed out in
https://bugs.lede-project.org/index.php?do=details&task_id=326&order=id&sort=asc&order2=summary&sort2=desc
Anyway it is safer to use multiple hashes.
Best regards
Heinrich Schuchardt
On 01/05/2017 11:05 PM, Hannu Nyman wrote:
> Could you please update the PR a bit and replace the MD5 hash with a
> SHA256 hash.
>
> (Leave the variable name as it is now, but replace the hash itself with
> the longer SHA256 hash.)
>
> Same goes for other packages that you maintaining. MD5 is being phased
> out, so please use SHA256 when issuing updates as PRs.
>
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list