1 |
On Tue, 7 Apr 2020 20:27:49 -0700 |
2 |
Matt Turner <mattst88@g.o> wrote: |
3 |
|
4 |
> BLAKE2 is good and fast. Pentoo is using BLAKE2. There's no need for a |
5 |
> second digest. |
6 |
> |
7 |
> Signed-off-by: Matt Turner <mattst88@g.o> |
8 |
> --- |
9 |
> examples/livecd-stage2_template.spec | 8 ++++---- |
10 |
> targets/support/create-iso.sh | 27 +++++++-------------------- |
11 |
> 2 files changed, 11 insertions(+), 24 deletions(-) |
12 |
> |
13 |
> diff --git a/examples/livecd-stage2_template.spec |
14 |
> b/examples/livecd-stage2_template.spec index 7398c972..4cb94d40 100644 |
15 |
> --- a/examples/livecd-stage2_template.spec |
16 |
> +++ b/examples/livecd-stage2_template.spec |
17 |
> @@ -316,11 +316,11 @@ boot/kernel/gentoo/packages: |
18 |
> # boot/kernel/gentoo/console: tty0 ttyS0 |
19 |
> boot/kernel/gentoo/console: |
20 |
> |
21 |
> -# This feature will make sha512, blake2, or both checksums for every |
22 |
> file in the iso (including files provided by livecd/overlay -# These |
23 |
> checksums can be verified at boot using the genkernel option "verify" |
24 |
> added to the kernel line. -# Currently this feature will generate |
25 |
> both checksums if livecd/verify is defined to *any* value other than |
26 |
> "blake2" or "sha512" +# Enables the generation of a isoroot_b2sums |
27 |
> file containing a BLAKE2 digest of +# each file in the ISO. When |
28 |
> 'livecd/bootargs' contains 'verify' this feature +# will be used to |
29 |
> verify the contents of the ISO at boot time. # No checksums are |
30 |
> generated if this is left commented. -#livecd/verify: sha512 |
31 |
> +#livecd/verify: blake2 # This feature controls the depclean run |
32 |
> after fsscript and before unmerge. # The default is unset, and will |
33 |
> run emerge --depclean --with-bdeps=n which results diff --git |
34 |
> a/targets/support/create-iso.sh b/targets/support/create-iso.sh index |
35 |
> 9b10b7cf..b0e4d15e 100755 --- a/targets/support/create-iso.sh |
36 |
> +++ b/targets/support/create-iso.sh |
37 |
> @@ -94,30 +94,17 @@ else |
38 |
> mkisofs_zisofs_opts="" |
39 |
> fi |
40 |
> |
41 |
> -#we want to create a checksum for every file on the iso so we can |
42 |
> verify it -#from genkernel during boot. Here we make a function to |
43 |
> create the sha512sums, and blake2sums +# Generate list of checksums |
44 |
> that genkernel can use to verify the contents of +# the ISO |
45 |
> isoroot_checksum() { |
46 |
> - echo "Creating checksums for all files included in the iso, |
47 |
> please wait..." |
48 |
> - if [ -z "${1}" ] || [ "${1}" = "sha512" ]; then |
49 |
> - find "${clst_target_path}" -type f ! -name |
50 |
> 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' |
51 |
> -exec sha512sum {} + > "${clst_target_path}"/isoroot_checksums |
52 |
> - ${clst_sed} -i "s#${clst_target_path}/\?##" |
53 |
> "${clst_target_path}"/isoroot_checksums |
54 |
> - fi |
55 |
> - if [ -z "${1}" ] || [ "${1}" = "blake2" ]; then |
56 |
> - find "${clst_target_path}" -type f ! -name |
57 |
> 'isoroot_checksums' ! -name 'isolinux.bin' ! -name 'isoroot_b2sums' |
58 |
> -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
59 |
> - ${clst_sed} -i "s#${clst_target_path}/\?##" |
60 |
> "${clst_target_path}"/isoroot_b2sums |
61 |
> - fi |
62 |
> + echo ">> Creating checksums for all files included in the |
63 |
> ISO" |
64 |
> + find "${clst_target_path}" -type f ! -name 'isoroot_b2sums' |
65 |
> -exec b2sum {} + > "${clst_target_path}"/isoroot_b2sums |
66 |
> + ${clst_sed} -i "s#${clst_target_path}/\?##" |
67 |
> "${clst_target_path}"/isoroot_b2sums } |
68 |
> |
69 |
> run_mkisofs() { |
70 |
> - if [ -n "${clst_livecd_verify}" ]; then |
71 |
> - if [ "${clst_livecd_verify}" = "sha512" ]; then |
72 |
> - isoroot_checksum sha512 |
73 |
> - elif [ "${clst_livecd_verify}" = "blake2" ]; then |
74 |
> - isoroot_checksum blake2 |
75 |
> - else |
76 |
> - isoroot_checksum |
77 |
> - fi |
78 |
> - fi |
79 |
> + [ -n "${clst_livecd_verify}" ] && isoroot_checksum |
80 |
> + |
81 |
> echo "Running \"mkisofs ${@}\"" |
82 |
> mkisofs "${@}" || die "Cannot make ISO image" |
83 |
> } |
84 |
|
85 |
I know I've been out of touch for almost the last year, but why remove |
86 |
sha512? the current code it is optional for either of the two or both. |
87 |
|
88 |
What is gentoo now supplying primarily? |
89 |
|
90 |
If any change is to be made, I think it should be made as a plugin so |
91 |
the base code doesn't need to be changed as things change to the |
92 |
checksum of the day... |