| 1 |
On Tue, 7 Apr 2020 20:27:49 -0700 |
| 2 |
Matt Turner <mattst88@g.o> wrote: |
| 3 |
|
| 4 |
> BLAKE2 is good and fast. Pentoo is using BLAKE2. There's no need for a |
| 5 |
> second digest. |
| 6 |
> |
| 7 |
> Signed-off-by: Matt Turner <mattst88@g.o> |
| 8 |
> --- |
| 9 |
> examples/livecd-stage2_template.spec | 8 ++++---- |
| 10 |
> targets/support/create-iso.sh | 27 +++++++-------------------- |
| 11 |
> 2 files changed, 11 insertions(+), 24 deletions(-) |
| 12 |
> |
| 13 |
> diff --git a/examples/livecd-stage2_template.spec |
| 14 |
> b/examples/livecd-stage2_template.spec index 7398c972..4cb94d40 100644 |
| 15 |
> --- a/examples/livecd-stage2_template.spec |
| 16 |
> +++ b/examples/livecd-stage2_template.spec |
| 17 |
> @@ -316,11 +316,11 @@ boot/kernel/gentoo/packages: |
| 18 |
> # boot/kernel/gentoo/console: tty0 ttyS0 |
| 19 |
> boot/kernel/gentoo/console: |
| 20 |
> |
| 21 |
> -# This feature will make sha512, blake2, or both checksums for every |
| 22 |
> file in the iso (including files provided by livecd/overlay -# These |
| 23 |
> checksums can be verified at boot using the genkernel option "verify" |
| 24 |
> added to the kernel line. -# Currently this feature will generate |
| 25 |
> both checksums if livecd/verify is defined to *any* value other than |
| 26 |
> "blake2" or "sha512" +# Enables the generation of a isoroot_b2sums |
| 27 |
> file containing a BLAKE2 digest of +# each file in the ISO. When |
| 28 |
> 'livecd/bootargs' contains 'verify' this feature +# will be used to |
| 29 |
> verify the contents of the ISO at boot time. # No checksums are |
| 30 |
> generated if this is left commented. -#livecd/verify: sha512 |
| 31 |
> +#livecd/verify: blake2 # This feature controls the depclean run |
| 32 |
> after fsscript and before unmerge. # The default is unset, and will |
| 33 |
> run emerge --depclean --with-bdeps=n which results diff --git |
| 34 |
> a/targets/support/create-iso.sh b/targets/support/create-iso.sh index |
| 35 |
> 9b10b7cf..b0e4d15e 100755 --- a/targets/support/create-iso.sh |
| 36 |
> +++ b/targets/support/create-iso.sh |
| 37 |
> @@ -94,30 +94,17 @@ else |
| 38 |
> mkisofs_zisofs_opts="" |
| 39 |
> fi |
| 40 |
> |
| 41 |
> -#we want to create a checksum for every file on the iso so we can |
| 42 |
> verify it -#from genkernel during boot. Here we make a function to |
| 43 |
> create the sha512sums, and blake2sums +# Generate list of checksums |
| 44 |
> that genkernel can use to verify the contents of +# the ISO |
| 45 |
> isoroot_checksum() { |
| 46 |
> - echo "Creating checksums for all files included in the iso, |
| 47 |
> please wait..." |
| 48 |
> - if [ -z "${1}" ] || [ "${1}" = "sha512" ]; then |
| 49 |
> - find "${clst_target_path}" -type f ! -name |
| 50 |
> 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' |
| 51 |
> -exec sha512sum {} + > "${clst_target_path}"/isoroot_checksums |
| 52 |
> - ${clst_sed} -i "s#${clst_target_path}/\?##" |
| 53 |
> "${clst_target_path}"/isoroot_checksums |
| 54 |
> - fi |
| 55 |
> - if [ -z "${1}" ] || [ "${1}" = "blake2" ]; then |
| 56 |
> - find "${clst_target_path}" -type f ! -name |
| 57 |
> 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' |
| 58 |
> -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
| 59 |
> - ${clst_sed} -i "s#${clst_target_path}/\?##" |
| 60 |
> "${clst_target_path}"/isoroot_b2sums |
| 61 |
> - fi |
| 62 |
> + echo ">> Creating checksums for all files included in the |
| 63 |
> ISO" |
| 64 |
> + find "${clst_target_path}" -type f ! -name 'isoroot_b2sums' |
| 65 |
> -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
| 66 |
> + ${clst_sed} -i "s#${clst_target_path}/\?##" |
| 67 |
> "${clst_target_path}"/isoroot_b2sums } |
| 68 |
> |
| 69 |
> run_mkisofs() { |
| 70 |
> - if [ -n "${clst_livecd_verify}" ]; then |
| 71 |
> - if [ "${clst_livecd_verify}" = "sha512" ]; then |
| 72 |
> - isoroot_checksum sha512 |
| 73 |
> - elif [ "${clst_livecd_verify}" = "blake2" ]; then |
| 74 |
> - isoroot_checksum blake2 |
| 75 |
> - else |
| 76 |
> - isoroot_checksum |
| 77 |
> - fi |
| 78 |
> - fi |
| 79 |
> + [ -n "${clst_livecd_verify}" ] && isoroot_checksum |
| 80 |
> + |
| 81 |
> echo "Running \"mkisofs ${@}\"" |
| 82 |
> mkisofs "${@}" || die "Cannot make ISO image" |
| 83 |
> } |
| 84 |
|
| 85 |
I know I've been out of touch for almost the last year, but why remove |
| 86 |
sha512? the current code it is optional for either of the two or both. |
| 87 |
|
| 88 |
What is gentoo now supplying primarily? |
| 89 |
|
| 90 |
If any change is to be made, I think it should be made as a plugin so |
| 91 |
the base code doesn't need to be changed as things change to the |
| 92 |
checksum of the day... |
Archives