[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: announce-gen and OpenPGP key servers
From: |
Simon Josefsson |
Subject: |
Re: announce-gen and OpenPGP key servers |
Date: |
Tue, 03 Aug 2021 17:40:23 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) |
Jim Meyering <jim@meyering.net> writes:
> Feel free to make the script generate a full fingerprint and even
> (though it feels a little like giving up) add a checksum or two.
I think checksums still serve a purpose.
Many announcement e-mails are OpenPGP signed (and sometimes with a
different key than the release tarballs, thus creating another way to
verify tarballs).
Checksums also makes it harder to replace the tarball on the server with
a fake (or, after a key compromise, a genuine) signature.
I don't think it is a either-or situation, but rather a
belt-and-suspender case. Ideally, people downloading a release should
verify both the signature (to know it comes from a trusted origin) and
checksum (to know it is the intended release, in case multiple signed
versions co-exists).
The patches below make the maintainer-makefile announcements contain
SHA1 and B64(SHA256) checksums by default. The MD5 checksums are
dropped; they are completely insecure now. The B64(SHA256) output is
inspired by OpenSSH which started this practice with release 6.5 in 2014
and still today prints similar outputs, see:
https://www.openssh.com/txt/release-6.5
https://www.openssh.com/txt/release-8.6
Unfortunately, 'sha256sum' can't verify these outputs, but I recall
earlier discussions around 'sha256sum --base64' so I will resume work on
that.
We could opt to simply use the "standard" sha256sum output instead, if
people here don't like the base64 output format.
/Simon
From 4adae938b8dbe01750698109bcbf5f1c9eb045b1 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Tue, 3 Aug 2021 17:15:16 +0200
Subject: [PATCH 1/2] announce-gen: Print SHA1/B64(SHA256) instead of MD5/SHA1.
* build-aux/announce-gen (%digest_classes): Removed.
(usage): Doc fix.
(print_checksums): Instead of MD5/SHA1, print SHA1 and
B64(SHA256), inspired by OpenSSH announcements.
---
ChangeLog | 8 ++++++++
build-aux/announce-gen | 33 +++++++++++----------------------
2 files changed, 19 insertions(+), 22 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 06f139a54..079a5b71c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2021-08-03 Simon Josefsson <simon@josefsson.org>
+
+ announce-gen: Print SHA1/B64(SHA256) instead of MD5/SHA1.
+ * build-aux/announce-gen (%digest_classes): Removed.
+ (usage): Doc fix.
+ (print_checksums): Instead of MD5/SHA1, print SHA1 and
+ B64(SHA256), inspired by OpenSSH announcements.
+
2021-08-02 Paul Eggert <eggert@cs.ucla.edu>
manywarnings: enable some malloc warnings
diff --git a/build-aux/announce-gen b/build-aux/announce-gen
index daa478c8e..b07cbd742 100755
--- a/build-aux/announce-gen
+++ b/build-aux/announce-gen
@@ -35,7 +35,7 @@
eval 'exec perl -wSx "$0" "$@"'
if 0;
-my $VERSION = '2021-04-11 8:42'; # UTC
+my $VERSION = '2021-08-03 15:13'; # UTC
# The definition above must lie within the first 8 lines in order
# for the Emacs time-stamp write hook (at end) to update it.
# If you change this file with Emacs, please let the write hook
@@ -51,12 +51,6 @@ use POSIX qw(strftime);
my %valid_release_types = map {$_ => 1} qw (alpha beta stable);
my @archive_suffixes = qw (tar.gz tar.bz2 tar.lz tar.lzma tar.xz);
-my %digest_classes =
- (
- 'md5' => (eval { require Digest::MD5; } and 'Digest::MD5'),
- 'sha1' => ((eval { require Digest::SHA; } and 'Digest::SHA')
- or (eval { require Digest::SHA1; } and 'Digest::SHA1'))
- );
my $srcdir = '.';
sub usage ($)
@@ -96,7 +90,7 @@ The following are optional:
VERSION is the result of running git describe
in the gnulib source directory.
required if gnulib is in TOOL_LIST.
- --no-print-checksums do not emit MD5 or SHA1 checksums
+ --no-print-checksums do not emit SHA1 or SHA256 checksums
--archive-suffix=SUF add SUF to the list of archive suffixes
--mail-headers=HEADERS a space-separated list of mail headers, e.g.,
To: x\@example.com Cc:
y-announce\@example.com,...
@@ -163,7 +157,7 @@ sub print_locations ($\@\%@)
=item C<print_checksums (@file)
-Print the MD5 and SHA1 signature section for each C<@file>.
+Print the SHA1 and SHA256 signature section for each C<@file>.
=cut
@@ -171,23 +165,18 @@ sub print_checksums (@)
{
my (@file) = @_;
- print "Here are the MD5 and SHA1 checksums:\n";
+ print "Here are the SHA1 and SHA256 checksums:\n";
print "\n";
- foreach my $meth (qw (md5 sha1))
+ use Digest::file qw(digest_file_hex digest_file_base64);
+
+ foreach my $f (@file)
{
- my $class = $digest_classes{$meth} or next;
- foreach my $f (@file)
- {
- open IN, '<', $f
- or die "$ME: $f: cannot open for reading: $!\n";
- binmode IN;
- my $dig = $class->new->addfile(*IN)->hexdigest;
- close IN;
- print "$dig $f\n";
- }
+ print digest_file_hex($f, "SHA-1"), " $f\n";
+ print digest_file_base64($f, "SHA-256"), " $f\n";
}
- print "\n";
+ print "\nPlease note that the SHA256 checksum is base64 encoded and not\n";
+ print "hexadecimal (which is the default for most checksum tools).\n\n";
}
=item C<print_news_deltas ($news_file, $prev_version, $curr_version)
--
2.30.2
From 3ace7783656f3e38b6db4e44881959116e581a2b Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Tue, 3 Aug 2021 17:16:42 +0200
Subject: [PATCH 2/2] maintainer-makefile: Print checksums by default.
* top/maint.mk (announcement): Drop --no-print-checksums.
---
ChangeLog | 3 +++
top/maint.mk | 1 -
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index 079a5b71c..cb65d202b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,9 @@
(print_checksums): Instead of MD5/SHA1, print SHA1 and
B64(SHA256), inspired by OpenSSH announcements.
+ maintainer-makefile: Print checksums by default.
+ * top/maint.mk (announcement): Drop --no-print-checksums.
+
2021-08-02 Paul Eggert <eggert@cs.ucla.edu>
manywarnings: enable some malloc warnings
diff --git a/top/maint.mk b/top/maint.mk
index 044254bdc..6a3ea9606 100644
--- a/top/maint.mk
+++ b/top/maint.mk
@@ -1426,7 +1426,6 @@ announcement: NEWS ChangeLog $(rel-files)
--bootstrap-tools=$(bootstrap-tools) \
$$(case ,$(bootstrap-tools), in (*,gnulib,*) \
echo --gnulib-version=$(gnulib-version);; esac) \
- --no-print-checksums \
$(addprefix --url-dir=, $(url_dir_list))
.PHONY: release-commit
--
2.30.2
signature.asc
Description: PGP signature