From 21af79860403f9120d2c0412a95ec97d06368e11 Mon Sep 17 00:00:00 2001 From: Allan McRae Date: Thu, 23 Jan 2020 12:14:14 +1000 Subject: makepkg: add CRC checksums and set these to be the default Checksums arrays should be filled with values provided by upstream. We currently have md5 set as an unsecure default, and are constantly asked to change it to sha2. However, just changing the default to a stronger checksum gives the user the impression that "makepkg -g" checksums are perfect. Instead, change the default checksum to a CRC, to make it clear that any checksum generated purely by "makepkg -g" is not ideal. Signed-off-by: Allan McRae --- scripts/libmakepkg/util/schema.sh.in | 2 +- scripts/makepkg.sh.in | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'scripts') diff --git a/scripts/libmakepkg/util/schema.sh.in b/scripts/libmakepkg/util/schema.sh.in index b2f119cf..02bfdb86 100644 --- a/scripts/libmakepkg/util/schema.sh.in +++ b/scripts/libmakepkg/util/schema.sh.in @@ -26,7 +26,7 @@ LIBRARY=${LIBRARY:-'@libmakepkgdir@'} source "$LIBRARY/util/util.sh" -known_hash_algos=({md5,sha{1,224,256,384,512},b2}) +known_hash_algos=({ck,md5,sha{1,224,256,384,512},b2}) pkgbuild_schema_arrays=(arch backup checkdepends conflicts depends groups license makedepends noextract optdepends options diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index a6de7823..7fa791e1 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1195,8 +1195,8 @@ unset "${known_hash_algos[@]/%/sums}" unset -f pkgver prepare build check package "${!package_@}" unset "${!makedepends_@}" "${!depends_@}" "${!source_@}" "${!checkdepends_@}" unset "${!optdepends_@}" "${!conflicts_@}" "${!provides_@}" "${!replaces_@}" -unset "${!md5sums_@}" "${!sha1sums_@}" "${!sha224sums_@}" "${!sha256sums_@}" -unset "${!sha384sums_@}" "${!sha512sums_@}" "${!b2sums_@}" +unset "${!cksums_@}" "${!md5sums_@}" "${!sha1sums_@}" "${!sha224sums_@}" +unset "${!sha256sums_@}" "${!sha384sums_@}" "${!sha512sums_@}" "${!b2sums_@}" BUILDFILE=${BUILDFILE:-$BUILDSCRIPT} if [[ ! -f $BUILDFILE ]]; then -- cgit v1.2.3-54-g00ecf