This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: cygport upload: patch for openssh 6.8p1
- From: Yaakov Selkowitz <yselkowitz at cygwin dot com>
- To: cygwin-apps at cygwin dot com
- Date: Fri, 29 May 2015 15:06:18 -0500
- Subject: Re: cygport upload: patch for openssh 6.8p1
- Authentication-results: sourceware.org; auth=none
- References: <f6v3mat5svral28cv16phn3ags040mjj3a at 4ax dot com>
On Sun, 2015-05-24 at 12:32 -0400, Andrew Schulman wrote:
> Since the latest update to openssh, ssh-keygen's output format for key
> fingerprints has changed. The default hash algorithm is now base64-encoded
> SHA256 instead of MD5, and the hash name precedes its value, like
>
> SHA256:lvRrjAXmEhzDp5kQqzelsei8s5hXJ+zLaqJ2yiGXmYc
>
> This breaks the current logic for detecting key fingerprints in cygport's
> lib/pkg_upload.cygpart. The attached patch fixes the problem. (You might know
> a more precise regex for the base64-encoded hash value than I do. I couldn't
> find any documentation of it anywhere, and just settled for
>
> SHA256:.{44}
There's another problem: this is new to 6.8; any out-of-date Cygwin
systems, or even current RHEL or Fedora 21 systems, won't have this, nor
do they support the -E flag which could be used to specify md5.
Any thoughts on a better regex or on keeping compatibility with other
systems?
--
Yaakov