From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 107846 invoked by alias); 29 May 2015 20:06:19 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 107834 invoked by uid 89); 29 May 2015 20:06:18 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,SPF_HELO_PASS autolearn=no version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Fri, 29 May 2015 20:06:18 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (Postfix) with ESMTPS id E692119CBDB for ; Fri, 29 May 2015 20:06:16 +0000 (UTC) Received: from YAAKOV04.redhat.com ([10.10.116.23]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t4TK6EBs005237 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 29 May 2015 16:06:16 -0400 Message-ID: <1432929978.7892.19.camel@cygwin.com> Subject: Re: cygport upload: patch for openssh 6.8p1 From: Yaakov Selkowitz To: cygwin-apps@cygwin.com Date: Fri, 29 May 2015 20:06:00 -0000 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2015-05/txt/msg00079.txt.bz2 On Sun, 2015-05-24 at 12:32 -0400, Andrew Schulman wrote: > Since the latest update to openssh, ssh-keygen's output format for key > fingerprints has changed. The default hash algorithm is now base64-encoded > SHA256 instead of MD5, and the hash name precedes its value, like > > SHA256:lvRrjAXmEhzDp5kQqzelsei8s5hXJ+zLaqJ2yiGXmYc > > This breaks the current logic for detecting key fingerprints in cygport's > lib/pkg_upload.cygpart. The attached patch fixes the problem. (You might know > a more precise regex for the base64-encoded hash value than I do. I couldn't > find any documentation of it anywhere, and just settled for > > SHA256:.{44} There's another problem: this is new to 6.8; any out-of-date Cygwin systems, or even current RHEL or Fedora 21 systems, won't have this, nor do they support the -E flag which could be used to specify md5. Any thoughts on a better regex or on keeping compatibility with other systems? -- Yaakov