On Mon, 2010-09-13 at 23:05 -0400, seth vidal wrote: > On Mon, 2010-09-13 at 10:51 -0400, James Antill wrote: > > --- > > yum/yumRepo.py | 9 +++++---- > > 1 files changed, 5 insertions(+), 4 deletions(-) > > > > diff --git a/yum/yumRepo.py b/yum/yumRepo.py > > index b501d61..4016ce5 100644 > > --- a/yum/yumRepo.py > > +++ b/yum/yumRepo.py > > @@ -1119,6 +1119,7 @@ class YumRepository(Repository, config.RepoConf): > > if repoXML.length != repomd.size: > > return False > > > > + done = False > > for checksum in repoXML.checksums: > > if checksum not in repomd.chksums: > > continue > > @@ -1126,11 +1127,11 @@ class YumRepository(Repository, config.RepoConf): > > if repoXML.checksums[checksum] != repomd.chksums[checksum]: > > return False > > > > - # If we don't trust the checksum, then don't generate it in > > - # repoMDObject(). > > - return True > > + # All checksums should be trusted, but if we have more than > > one > > + # then we might as well check them all ... paranoia is good. > > + done = True > > > > - return False > > + return done > > > > def _checkRepoMetalink(self, repoXML=None, metalink_data=None): > > """ Check the repomd.xml against the metalink data, if we have it. > > """ > > > How often do we have more than one?
All the time, atm. we get: md5, sha1, sha256, sha512 ... but we ignore md5 and sha1 due to openssl calling abort() in FIPS mode (should be fixed at some point). _______________________________________________ Yum-devel mailing list Yum-devel@lists.baseurl.org http://lists.baseurl.org/mailman/listinfo/yum-devel
