[elbe-devel] [PATCH 1/2] elbepack: drop md5 handling
Thomas Weißschuh
thomas.weissschuh at linutronix.de
Mon Jun 17 12:42:46 CEST 2024
MD5 checksum are optional nowadays in Debian (-security doesn't provide
them anymore) and shouldn't be used in any case.
elbe already contains sha256 handling which can be used instead.
Signed-off-by: Thomas Weißschuh <thomas.weissschuh at linutronix.de>
---
elbepack/aptpkgutils.py | 16 ----------------
elbepack/dump.py | 13 +++----------
elbepack/elbexml.py | 4 ----
elbepack/repomanager.py | 4 ++--
elbepack/schema/dbsfed.xsd | 7 -------
newsfragments/+md5.feature.rst | 1 +
6 files changed, 6 insertions(+), 39 deletions(-)
diff --git a/elbepack/aptpkgutils.py b/elbepack/aptpkgutils.py
index fdfecec36958..8d9ca062a2b6 100644
--- a/elbepack/aptpkgutils.py
+++ b/elbepack/aptpkgutils.py
@@ -27,15 +27,6 @@ statestring = {
}
-def apt_pkg_md5(pkg):
- hashes = pkg._records.hashes
- for i in range(len(hashes)):
- h = str(hashes[i])
- if h.startswith('MD5'):
- return h.split(':')[1]
- return ''
-
-
def apt_pkg_sha256(pkg):
hashes = pkg._records.hashes
for i in range(len(hashes)):
@@ -197,7 +188,6 @@ class PackageBase:
def __init__(self, name,
installed_version, candidate_version,
- installed_md5, candidate_md5,
installed_sha256, candidate_sha256,
installed_prio, candidate_prio,
state, is_auto_installed, origin, architecture):
@@ -205,8 +195,6 @@ class PackageBase:
self.name = name
self.installed_version = installed_version
self.candidate_version = candidate_version
- self.installed_md5 = installed_md5
- self.candidate_md5 = candidate_md5
self.installed_sha256 = installed_sha256
self.candidate_sha256 = candidate_sha256
self.installed_prio = installed_prio
@@ -234,8 +222,6 @@ class APTPackage(PackageBase):
iver = pkg.installed and pkg.installed.version
cver = pkg.candidate and pkg.candidate.version
- imd5 = pkg.installed and apt_pkg_md5(pkg.installed)
- cmd5 = pkg.candidate and apt_pkg_md5(pkg.candidate)
isha256 = pkg.installed and apt_pkg_sha256(pkg.installed)
csha256 = pkg.candidate and apt_pkg_sha256(pkg.candidate)
iprio = pkg.installed and pkg.installed.priority
@@ -258,7 +244,6 @@ class APTPackage(PackageBase):
PackageBase.__init__(self, pkg.name,
iver, cver,
- imd5, cmd5,
isha256, csha256,
iprio, cprio,
pkgstate(pkg), pkg.is_auto_installed,
@@ -269,7 +254,6 @@ class XMLPackage(PackageBase):
def __init__(self, node, arch):
PackageBase.__init__(self, node.et.text,
node.et.get('version'), None,
- node.et.get('md5'), None,
node.et.get('sha256'), None,
node.et.get('prio'), None,
INSTALLED, node.et.get('auto') == 'true',
diff --git a/elbepack/dump.py b/elbepack/dump.py
index 1c0a4ea84428..9f7d03e6efda 100644
--- a/elbepack/dump.py
+++ b/elbepack/dump.py
@@ -122,7 +122,6 @@ def check_full_pkgs(pkgs, fullpkgs, cache):
for p in fullpkgs:
name = p.et.text
ver = p.et.get('version')
- md5 = p.et.get('md5')
sha256 = p.et.get('sha256')
pindex[name] = p
@@ -145,19 +144,13 @@ def check_full_pkgs(pkgs, fullpkgs, cache):
errors += 1
continue
- if md5:
- if pkg.installed_md5 != md5:
- validation.error("Package '%s' md5 %s does not match installed md5 %s",
- name, md5, pkg.installed_md5)
- errors += 1
-
if sha256:
if pkg.installed_sha256 != sha256:
validation.error("Package '%s' sha256 %s does not match installed sha256 %s",
name, sha256, pkg.installed_sha256)
errors += 1
- if not md5 and not sha256:
+ else:
validation.error("Package '%s' has no hash setup in package list.",
name)
errors += 1
@@ -306,9 +299,9 @@ def elbe_report(xml, buildenv, cache, targetfs):
p.name,
p.installed_version,
p.is_auto_installed,
- p.installed_md5)
+ p.installed_sha256)
if xml.has('target/pkgversionlist'):
- f.write(f'{p.name} {p.installed_version} {p.installed_md5}\n')
+ f.write(f'{p.name} {p.installed_version} {p.installed_sha256}\n')
if xml.has('target/pkgversionlist'):
f.close()
diff --git a/elbepack/elbexml.py b/elbepack/elbexml.py
index 11c2b3f7e44f..89e0577e1ab9 100644
--- a/elbepack/elbexml.py
+++ b/elbepack/elbexml.py
@@ -387,14 +387,10 @@ class ElbeXML:
pak.et.tail = '\n'
if aptpkg.installed_version is not None:
pak.et.set('version', aptpkg.installed_version)
- if aptpkg.installed_md5:
- pak.et.set('md5', aptpkg.installed_md5)
pak.et.set('sha256', aptpkg.installed_sha256)
pak.et.set('prio', aptpkg.installed_prio)
else:
pak.et.set('version', aptpkg.candidate_version)
- if aptpkg.candidate_md5:
- pak.et.set('md5', aptpkg.candidate_md5)
pak.et.set('sha256', aptpkg.candidate_sha256)
pak.et.set('prio', aptpkg.candidate_prio)
diff --git a/elbepack/repomanager.py b/elbepack/repomanager.py
index ddaa19cd4477..0c29841097d2 100644
--- a/elbepack/repomanager.py
+++ b/elbepack/repomanager.py
@@ -208,7 +208,7 @@ class RepoBase:
if force and pkgname is not None:
# Including deb did not work.
# Maybe we have the same Version with a
- # different md5 already.
+ # different checksum already.
#
# Try remove, and add again.
self.removedeb(pkgname, components)
@@ -308,7 +308,7 @@ class RepoBase:
if force:
# Including dsc did not work.
# Maybe we have the same Version with a
- # different md5 already.
+ # different checksum already.
#
# Try remove, and add again.
self.removesrc(path)
diff --git a/elbepack/schema/dbsfed.xsd b/elbepack/schema/dbsfed.xsd
index e6a3a5fe5ae2..6e5a35d6c5fa 100644
--- a/elbepack/schema/dbsfed.xsd
+++ b/elbepack/schema/dbsfed.xsd
@@ -2972,13 +2972,6 @@ SPDX-FileCopyrightText: Linutronix GmbH
</documentation>
</annotation>
</attribute>
- <attribute name="md5" type="string" use="optional">
- <annotation>
- <documentation>
- md5 sum of the package.
- </documentation>
- </annotation>
- </attribute>
<attribute name="sha256" type="string" use="optional">
<annotation>
<documentation>
diff --git a/newsfragments/+md5.feature.rst b/newsfragments/+md5.feature.rst
new file mode 100644
index 000000000000..dbcc76831ff2
--- /dev/null
+++ b/newsfragments/+md5.feature.rst
@@ -0,0 +1 @@
+Drop all md5 handling. Use the existing SHA256 handling instead.
--
2.45.2
More information about the elbe-devel
mailing list