Add SHA256 support #157
Merged
Add SHA256 support #157
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Please let me know how I can help you to get this into master and a released version of redline. |
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Jul 21, 2021
This adds support for Sha256 header signature in our RPMs by updating the dependency to the readline library to a version we have patched until the provided PR (craigwblake/redline#157) got merged and released by the redline folks. This work is related to elastic#58257
breskeby
added a commit
to elastic/elasticsearch
that referenced
this pull request
Jul 22, 2021
This adds support for Sha256 header signature in our RPMs by updating the dependency to the readline library to a version we have patched until the provided PR (craigwblake/redline#157) got merged and released by the redline folks. This work is related to #58257
This adds a payload sha256 digest and updates the file digests to be sha256 based.
ywangd
pushed a commit
to ywangd/elasticsearch
that referenced
this pull request
Jul 30, 2021
This adds support for Sha256 header signature in our RPMs by updating the dependency to the readline library to a version we have patched until the provided PR (craigwblake/redline#157) got merged and released by the redline folks. This work is related to elastic#58257
pawelziel
approved these changes
Aug 2, 2021
|
Hi @breskeby, thank you for the contribution. I will make some time to review this in the next day or two. |
|
@craigwblake thanks for merging. Do you have plans for a release containing those this PR soonish? |
|
In progress, should be out by tomorrow. |
|
https://github.com/craigwblake/redline/releases/tag/redline-1.2.10 Should be available in central now as well. |
breskeby
added a commit
to breskeby/gradle-ospackage-plugin
that referenced
this pull request
Aug 12, 2021
The latest redline release added support for state of the art rpm signatures and verification by adding sha256 header and payload digests See craigwblake/redline#157
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Aug 18, 2021
This updates the nebula ospackage plugin to 8.6.1 that includes a our provided PRs: - nebula-plugins/gradle-ospackage-plugin#402 - nebula-plugins/gradle-ospackage-plugin#400 - nebula-plugins/gradle-ospackage-plugin#397 and also an update to the redline library our fix for ssh256 headers - craigwblake/redline#157
breskeby
added a commit
to elastic/elasticsearch
that referenced
this pull request
Aug 18, 2021
This updates the nebula ospackage plugin to 8.6.1 that includes a our provided PRs: - nebula-plugins/gradle-ospackage-plugin#402 - nebula-plugins/gradle-ospackage-plugin#400 - nebula-plugins/gradle-ospackage-plugin#397 and also an update to the redline library our fix for ssh256 headers - craigwblake/redline#157
breskeby
added a commit
to breskeby/elasticsearch
that referenced
this pull request
Dec 20, 2021
This updates the nebula ospackage plugin to 8.6.1 that includes a our provided PRs: - nebula-plugins/gradle-ospackage-plugin#402 - nebula-plugins/gradle-ospackage-plugin#400 - nebula-plugins/gradle-ospackage-plugin#397 and also an update to the redline library our fix for ssh256 headers - craigwblake/redline#157
elasticsearchmachine
pushed a commit
to elastic/elasticsearch
that referenced
this pull request
Dec 20, 2021
This updates the nebula ospackage plugin to 8.6.1 that includes a our provided PRs: - nebula-plugins/gradle-ospackage-plugin#402 - nebula-plugins/gradle-ospackage-plugin#400 - nebula-plugins/gradle-ospackage-plugin#397 and also an update to the redline library our fix for ssh256 headers - craigwblake/redline#157
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hey there, this PR adds support for sha256 header and sha256 payload digests and should fix #155
This also changes the filedigestalgo to sha256 instead of using md5 which allows rpm packages to created with this tool to be installed on FIPS (see https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3781.pdf) enabled environments.
I also added a few more explicit tags in the Header class and updating some naming changes there to make debugging simpler of third party rpms.