[Git][reproducible-builds/diffoscope][master] 2 commits: Validate checksums for files referenced in .changes files using SHA256 over...

Mon May 18 14:42:44 UTC 2020


Chris Lamb pushed to branch master at Reproducible Builds / diffoscope


Commits:
8f6c249f by Chris Lamb at 2020-05-18T15:32:28+01:00
Validate checksums for files referenced in .changes files using SHA256 over SHA1. (Re: reproducible-builds/diffoscope#124)

- - - - -
2eb16bf2 by Chris Lamb at 2020-05-18T15:36:03+01:00
Move to using SHA256 in "Too much input for diff" output. (Re: reproducible-builds/diffoscope#124)

- - - - -


3 changed files:

- diffoscope/comparators/debian.py
- diffoscope/diff.py
- diffoscope/feeders.py


Changes:

=====================================
diffoscope/comparators/debian.py
=====================================
@@ -177,7 +177,7 @@ class DotChangesFile(DebControlFile):
         changes = Changes(filename=file.path)
 
         try:
-            changes.validate(check_signature=False)
+            changes.validate("sha256", check_signature=False)
         except FileNotFoundError:
             return False
 


=====================================
diffoscope/diff.py
=====================================
@@ -295,7 +295,7 @@ def make_feeder_from_raw_reader(in_file, filter=None):
         line_count = 0
 
         if max_lines < float("inf"):
-            h = hashlib.sha1()
+            h = hashlib.sha256()
 
         for buf in in_file:
             line_count += 1
@@ -308,7 +308,7 @@ def make_feeder_from_raw_reader(in_file, filter=None):
 
         if h and line_count >= max_lines:
             out_file.write(
-                "[ Too much input for diff (SHA1: {}) ]\n".format(
+                "[ Too much input for diff (SHA: {}) ]\n".format(
                     h.hexdigest()
                 ).encode('utf-8')
             )
@@ -397,8 +397,8 @@ def diffinput_truncate(s, sz):
     if len(s) > sz:
         s = s[
             :sz
-        ] + "[ ... truncated by diffoscope; len: {}, SHA1: {} ... ]".format(
-            len(s[sz:]), hashlib.sha1(s[sz:].encode('utf-8')).hexdigest()
+        ] + "[ ... truncated by diffoscope; len: {}, SHA: {} ... ]".format(
+            len(s[sz:]), hashlib.sha256(s[sz:].encode('utf-8')).hexdigest()
         )
     return s
 


=====================================
diffoscope/feeders.py
=====================================
@@ -41,7 +41,7 @@ def from_raw_reader(in_file, filter=None):
         # display a nicer message.
         h = None
         if max_lines < float('inf'):
-            h = hashlib.sha1()
+            h = hashlib.sha256()
 
         for buf in in_file:
             line_count += 1
@@ -61,7 +61,7 @@ def from_raw_reader(in_file, filter=None):
 
         if h is not None and line_count >= max_lines:
             out_file.write(
-                "[ Too much input for diff (SHA1: {}) ]\n".format(
+                "[ Too much input for diff (SHA256: {}) ]\n".format(
                     h.hexdigest()
                 ).encode('utf-8')
             )



View it on GitLab: https://salsa.debian.org/reproducible-builds/diffoscope/-/compare/90b6c1e5155e00049ed6c3fa5f9868fb1eccb770...2eb16bf278f4eac2927a9a358d06c10de877bb43

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/diffoscope/-/compare/90b6c1e5155e00049ed6c3fa5f9868fb1eccb770...2eb16bf278f4eac2927a9a358d06c10de877bb43
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20200518/57d9a63c/attachment.htm>
