Steven Chamberlain <ste...@pyro.eu.org> (2017-02-27): > The attached patch tries to bump the soname to 5. This makes the diff > much larger, but the code changes are the same.
Thanks. Some comments below. > I think libdebian-installer-extra nowadays gets a soname bump at the > same time as libdebian-installer (whereas in the past it was possible > to set a different soname for each). Probably fine to bump both at once. > (If we really wanted, we could maybe avoid the ABI bump: no library > functions are being added/removed, only the name and meaning of a struct > member (a pointer, which remains the same length). The > dynamically-sized buffer it points to, would change from storing an MD5 > to a SHA256 hash, and would only cause a regression where something is > still trying to validate MD5). Given the number of reverse dependencies, I doubt this is worth abusing md5 storage for sha256 things. Bumping the ABI seems reasonable to me, even if that's effectively starting a mini-transition from a release point of view. FWIW, out of all d-i packages, only anna seems to be accessing the ->md5sum member. > + [ Steven Chamberlain ] > + * Parse SHA256 fields instead of MD5Sum fields in Packages files. > + * Parse SHA256 fields instead of (no longer existing) SHA1 fields in > + Release files. > + * In structs di_release and di_package, add new sha256 member and > + remove the md5sum member (a backward-incompatible change, this will > + force reverse-dependencies to stop using MD5 for verification) > + (Closes: #856212). > + * Bump soname as advised by Bastian Blank. > + > -- Samuel Thibault <sthiba...@debian.org> Tue, 31 Jan 2017 11:09:16 +0100 > > libdebian-installer (0.108) unstable; urgency=medium > diff --git a/debian/control b/debian/control > index 0949fd9..f53f55c 100644 > --- a/debian/control > +++ b/debian/control > @@ -8,7 +8,7 @@ Standards-Version: 3.9.6 > Vcs-Browser: https://anonscm.debian.org/cgit/d-i/libdebian-installer.git > Vcs-Git: https://anonscm.debian.org/git/d-i/libdebian-installer.git > > -Package: libdebian-installer4 > +Package: libdebian-installer5 > Architecture: any > Multi-Arch: same > Pre-Depends: ${misc:Pre-Depends} > @@ -19,10 +19,10 @@ Description: Library of common debian-installer functions > working on debian-installer or building your own install system based > on debian-installer, then you probably don't need this library. > > -Package: libdebian-installer4-dev > +Package: libdebian-installer5-dev Please don't! We're not going to support multiple libfooN-dev at the same time. If it were to be renamed, this should become for an unversioned libdebian-installer-dev. And now is definitely not the time for such a thing. And of course, this would make packages unbuildable anyway, given libdebian-installer4-dev appears in Build-Depends for a bunch of packages. > Section: libdevel > Architecture: any > -Depends: ${misc:Depends}, libdebian-installer4 (= ${binary:Version}), > libdebian-installer-extra4 (= ${binary:Version}) > +Depends: ${misc:Depends}, libdebian-installer5 (= ${binary:Version}), > libdebian-installer-extra5 (= ${binary:Version}) > Conflicts: libdebian-installer-dev > Provides: libdebian-installer-dev > Description: Library of common debian-installer functions > @@ -33,7 +33,7 @@ Description: Library of common debian-installer functions > . > This package contains files needed to do libdebian-installer development. > > -Package: libdebian-installer4-udeb > +Package: libdebian-installer5-udeb > Package-Type: udeb > Section: debian-installer > Architecture: any > @@ -44,22 +44,22 @@ Description: Library of common debian-installer functions > working on debian-installer or building your own install system based > on debian-installer, then you probably don't need this library. > > -Package: libdebian-installer-extra4 > +Package: libdebian-installer-extra5 > Architecture: any > Multi-Arch: same > -Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer4 (= > ${binary:Version}) > +Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer5 (= > ${binary:Version}) > Description: Library of some extra debian-installer functions > This library is used by debian-installer to perform common functions > such as logging messages and executing commands. If you aren't > working on debian-installer or building your own install system based > on debian-installer, then you probably don't need this library. > > -Package: libdebian-installer-extra4-udeb > +Package: libdebian-installer-extra5-udeb > Package-Type: udeb > Section: debian-installer > Architecture: any > -Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer4-udeb (= > ${binary:Version}) > -Provides: libdebian-installer-extra4 > +Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer5-udeb (= > ${binary:Version}) > +Provides: libdebian-installer-extra5 > Description: Library of some extra debian-installer functions > This library is used by debian-installer to perform common functions > such as logging messages and executing commands. If you aren't > diff --git a/debian/libdebian-installer-extra4-udeb.dirs > b/debian/libdebian-installer-extra4-udeb.dirs > deleted file mode 100644 > index a65b417..0000000 > --- a/debian/libdebian-installer-extra4-udeb.dirs > +++ /dev/null > @@ -1 +0,0 @@ > -lib > diff --git a/debian/libdebian-installer-extra4.install > b/debian/libdebian-installer-extra4.install > deleted file mode 100644 > index 44ad198..0000000 > --- a/debian/libdebian-installer-extra4.install > +++ /dev/null > @@ -1 +0,0 @@ > -usr/lib/*/libdebian-installer-extra.so.* > diff --git a/debian/libdebian-installer-extra4.shlibs.local > b/debian/libdebian-installer-extra4.shlibs.local > deleted file mode 100644 > index 6e76754..0000000 > --- a/debian/libdebian-installer-extra4.shlibs.local > +++ /dev/null > @@ -1 +0,0 @@ > -libdebian-installer 4 > diff --git a/debian/libdebian-installer4-dev.install > b/debian/libdebian-installer4-dev.install > deleted file mode 100644 > index 0bea7ad..0000000 > --- a/debian/libdebian-installer4-dev.install > +++ /dev/null > @@ -1,5 +0,0 @@ > -usr/include > -usr/lib/*/*.a > -usr/lib/*/*.so > -usr/lib/*/pkgconfig > -usr/share/doc/libdebian-installer4-dev/* > diff --git a/debian/libdebian-installer4-udeb.dirs > b/debian/libdebian-installer4-udeb.dirs > deleted file mode 100644 > index a65b417..0000000 > --- a/debian/libdebian-installer4-udeb.dirs > +++ /dev/null > @@ -1 +0,0 @@ > -lib > diff --git a/debian/libdebian-installer4.install > b/debian/libdebian-installer4.install > deleted file mode 100644 > index 289fbef..0000000 > --- a/debian/libdebian-installer4.install > +++ /dev/null > @@ -1 +0,0 @@ > -usr/lib/*/libdebian-installer.so.* Seems like some git status/git add might have went missing, since files are deleted instead of being renamed into their '5' counterparts? > diff --git a/debian/rules b/debian/rules > index 11b0963..b084adc 100755 > --- a/debian/rules > +++ b/debian/rules > @@ -26,16 +26,16 @@ override_dh_auto_build: > $(MAKE) -C build/doc doc > > override_dh_install: > - install > $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer.so.4 > $(CURDIR)/debian/libdebian-installer4-udeb/lib > - install > $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer-extra.so.4 > $(CURDIR)/debian/libdebian-installer-extra4-udeb/lib > + install > $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer.so.5 > $(CURDIR)/debian/libdebian-installer5-udeb/lib > + install > $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer-extra.so.5 > $(CURDIR)/debian/libdebian-installer-extra5-udeb/lib > dh_install --sourcedir=debian/tmp > > override_dh_makeshlibs: > - dh_makeshlibs -plibdebian-installer4 -V \ > - --add-udeb=libdebian-installer4-udeb > - dh_makeshlibs -plibdebian-installer-extra4 -V \ > - --add-udeb=libdebian-installer-extra4-udeb > + dh_makeshlibs -plibdebian-installer5 -V \ > + --add-udeb=libdebian-installer5-udeb > + dh_makeshlibs -plibdebian-installer-extra5 -V \ > + --add-udeb=libdebian-installer-extra5-udeb > > override_dh_shlibdeps: > - dh_shlibdeps -N libdebian-installer-extra4 -N > libdebian-installer-extra4-udeb > - dh_shlibdeps -p libdebian-installer-extra4 -p > libdebian-installer-extra4-udeb -- > -L$(CURDIR)/debian/libdebian-installer-extra4.shlibs.local > + dh_shlibdeps -N libdebian-installer-extra5 -N > libdebian-installer-extra5-udeb > + dh_shlibdeps -p libdebian-installer-extra5 -p > libdebian-installer-extra5-udeb -- > -L$(CURDIR)/debian/libdebian-installer-extra5.shlibs.local > diff --git a/include/debian-installer/package.h > b/include/debian-installer/package.h > index 72d7444..e1f699d 100644 > --- a/include/debian-installer/package.h > +++ b/include/debian-installer/package.h > @@ -112,7 +112,7 @@ struct di_package > di_slist depends; /**< Any different > dependency types */ > char *filename; /**< Filename field > */ > size_t size; /**< Size field */ > - char *md5sum; /**< MD5Sum field */ > + char *sha256; /**< SHA256 field */ > char *short_description; /**< Description > field, first part*/ > char *description; /**< Description > field, second part */ > unsigned int resolver; /**< @internal */ > diff --git a/include/debian-installer/package_internal.h > b/include/debian-installer/package_internal.h > index f6357d1..d410ce2 100644 > --- a/include/debian-installer/package_internal.h > +++ b/include/debian-installer/package_internal.h > @@ -52,7 +52,7 @@ const di_parser_fieldinfo > internal_di_package_parser_field_enhances, > internal_di_package_parser_field_filename, > internal_di_package_parser_field_size, > - internal_di_package_parser_field_md5sum, > + internal_di_package_parser_field_sha256, > internal_di_package_parser_field_description; > > /** > diff --git a/include/debian-installer/release.h > b/include/debian-installer/release.h > index 223a4f8..8e3c572 100644 > --- a/include/debian-installer/release.h > +++ b/include/debian-installer/release.h > @@ -40,7 +40,7 @@ struct di_release > char *origin; /**< Origin field */ > char *suite; /**< Suite field */ > char *codename; /**< Codename field */ > - di_hash_table *md5sum; /**< checksum fields, > includes di_release_file */ > + di_hash_table *sha256; /**< checksum fields, > includes di_release_file */ > di_mem_chunk *release_file_mem_chunk; /**< @internal */ > }; So md5sum goes away from the di_release struct… > > @@ -55,7 +55,7 @@ struct di_release_file > di_rstring key; /**< @internal */ > }; > unsigned int size; /**< size */ > - char *sum[2]; /**< checksums, currently > md5 and sha1 */ > + char *sum[2]; /**< checksums, currently > md5 and sha256 */ … but is kept in the di_release_file one? > }; > > di_release *di_release_alloc (void); > diff --git a/src/package.c b/src/package.c > index 653b5dd..82c7653 100644 > --- a/src/package.c > +++ b/src/package.c > @@ -38,7 +38,7 @@ void di_package_destroy (di_package *package) > di_free (package->architecture); > di_free (package->version); > di_free (package->filename); > - di_free (package->md5sum); > + di_free (package->sha256); > di_free (package->short_description); > di_free (package->description); > > diff --git a/src/package_parser.c b/src/package_parser.c > index 6d6a5e7..de80d7e 100644 > --- a/src/package_parser.c > +++ b/src/package_parser.c > @@ -180,13 +180,13 @@ const di_parser_fieldinfo > di_parser_write_int, > offsetof (di_package, size) > ), > - internal_di_package_parser_field_md5sum = > + internal_di_package_parser_field_sha256 = > DI_PARSER_FIELDINFO > ( > - "MD5sum", > + "SHA256", > di_parser_read_string, > di_parser_write_string, > - offsetof (di_package, md5sum) > + offsetof (di_package, sha256) > ), > internal_di_package_parser_field_description = > DI_PARSER_FIELDINFO > @@ -217,7 +217,7 @@ const di_parser_fieldinfo *di_package_parser_fieldinfo[] = > &internal_di_package_parser_field_enhances, > &internal_di_package_parser_field_filename, > &internal_di_package_parser_field_size, > - &internal_di_package_parser_field_md5sum, > + &internal_di_package_parser_field_sha256, > &internal_di_package_parser_field_description, > NULL > }; > diff --git a/src/packages_parser.c b/src/packages_parser.c > index ac5c06b..30d66ba 100644 > --- a/src/packages_parser.c > +++ b/src/packages_parser.c > @@ -65,7 +65,7 @@ const di_parser_fieldinfo *di_packages_parser_fieldinfo[] = > &internal_di_package_parser_field_enhances, > &internal_di_package_parser_field_filename, > &internal_di_package_parser_field_size, > - &internal_di_package_parser_field_md5sum, > + &internal_di_package_parser_field_sha256, > &internal_di_package_parser_field_description, > NULL > }; > @@ -109,7 +109,7 @@ const di_parser_fieldinfo > *di_packages_minimal_parser_fieldinfo[] = > &internal_di_package_parser_field_depends, > &internal_di_package_parser_field_pre_depends, > &internal_di_package_parser_field_filename, > - &internal_di_package_parser_field_md5sum, > + &internal_di_package_parser_field_sha256, > &internal_di_package_parser_field_size, > NULL > }; > diff --git a/src/release.c b/src/release.c > index 7cc7cbf..7aff0d7 100644 > --- a/src/release.c > +++ b/src/release.c > @@ -69,10 +69,10 @@ const di_parser_fieldinfo > NULL, > 0 > ) Same as release.h here, keeping md5sum? > - internal_di_release_parser_field_sha1 = > + internal_di_release_parser_field_sha256 = > DI_PARSER_FIELDINFO > ( > - "SHA1", > + "SHA256", > di_release_parser_read_file, > NULL, > 1 > @@ -87,7 +87,7 @@ const di_parser_fieldinfo *di_release_parser_fieldinfo[] = > &internal_di_release_parser_field_suite, > &internal_di_release_parser_field_codename, > &internal_di_release_parser_field_md5sum, > - &internal_di_release_parser_field_sha1, > + &internal_di_release_parser_field_sha256, Same question, keeping md5sum? > NULL > }; > > @@ -110,7 +110,7 @@ di_release *di_release_alloc (void) > di_release *ret; > > ret = di_new0 (di_release, 1); > - ret->md5sum = di_hash_table_new_full (di_rstring_hash, di_rstring_equal, > NULL, internal_di_release_file_destroy_func); > + ret->sha256 = di_hash_table_new_full (di_rstring_hash, di_rstring_equal, > NULL, internal_di_release_file_destroy_func); > ret->release_file_mem_chunk = di_mem_chunk_new (sizeof (di_release_file), > 4096); > > return ret; > @@ -124,7 +124,7 @@ void di_release_free (di_release *release) > di_free (release->origin); > di_free (release->suite); > di_free (release->codename); > - di_hash_table_destroy (release->md5sum); > + di_hash_table_destroy (release->sha256); > di_mem_chunk_destroy (release->release_file_mem_chunk); > di_free (release); > } > @@ -169,7 +169,7 @@ void di_release_parser_read_file (data, fip, > field_modifier, value, user_data) > int ret; > size_t buf_size; > di_release *release = *data; > - di_hash_table *table = release->md5sum; > + di_hash_table *table = release->sha256; > > while (1) > { KiBi.
signature.asc
Description: Digital signature
