[ https://issues.apache.org/jira/browse/JCR-4115?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15882660#comment-15882660 ]
Julian Reschke commented on JCR-4115: ------------------------------------- Test failure in {{DataStoreTest}}: {noformat} public void testDeleteRecordWithParentCollision() throws Exception { FileDataStore fds = new FileDataStore(); fds.init(testDir + "/fileDeleteCollision"); String c1 = "06b2f82fd81b2c20"; String c2 = "02c60cb75083ceef"; DataRecord d1 = fds.addRecord(IOUtils.toInputStream(c1)); DataRecord d2 = fds.addRecord(IOUtils.toInputStream(c2)); fds.deleteRecord(d1.getIdentifier()); DataRecord testRecord = fds.getRecordIfStored(d2.getIdentifier()); assertNotNull(testRecord); assertEquals(d2.getIdentifier(), testRecord.getIdentifier()); // Check the presence of the parent directory (relies on internal details of the FileDataStore) File parentDirD1 = new File( fds.getPath() + System.getProperty("file.separator") + d1.getIdentifier().toString().substring(0, 2)); assertTrue(parentDirD1.exists()); } {noformat} Maybe the test needs to be adjusted? > Don't use SHA-1 for new DataStore binaries (Jackrabbit) > ------------------------------------------------------- > > Key: JCR-4115 > URL: https://issues.apache.org/jira/browse/JCR-4115 > Project: Jackrabbit Content Repository > Issue Type: Improvement > Reporter: Thomas Mueller > Labels: candidate_jcr_2_10, candidate_jcr_2_12, > candidate_jcr_2_14, candidate_jcr_2_4, candidate_jcr_2_6, candidate_jcr_2_8 > Attachments: JCR-4115.patch > > > A collision for SHA-1 has been published. We still use SHA-1 for the > FileDataStore, and I believe the S3 DataStore right now. Given there is a > collision, we should switch to a stronger algorithm, for example SHA-256, for > new binaries. -- This message was sent by Atlassian JIRA (v6.3.15#6346)