Merge "Revert "Reject weak hash algorithms as SRIs, and warn in any other cases"" into main

2024-11-02 19:50:52 +00:00 · 2024-11-02 19:50:52 +00:00 · 763a61bb7c
parent 7df8b15b39 6e2349d2e1
commit 763a61bb7c
6 changed files with 1 additions and 40 deletions
--- a/doc/manual/change-authors.yml
+++ b/doc/manual/change-authors.yml
@ -137,11 +137,6 @@ roberth:
  display_name: Robert Hensing
  github: roberth

-tcmal:
-  display_name: Aria
-  forgejo: tcmal
-  github: tcmal
-
 thufschmitt:
  display_name: Théophane Hufschmitt
  github: thufschmitt
--- a/doc/manual/rl-next/reject-weak-hashes.md
+++ b/doc/manual/rl-next/reject-weak-hashes.md
@ -1,11 +0,0 @@
---
-synopsis: "Weak hash algorithms are now rejected in SRI form, and cause a warning otherwise"
-category: Breaking Changes
-credits: tcmal
-cls: [2110]
-issues: [8982, fj#114]
---
-
-MD5 and SHA-1 algorithms are now no longer allowed in SRI form, as specified in [the spec](https://w3c.github.io/webappsec-subresource-integrity/#hash-functions).
-
-These hash types will also give a warning when used in other cases.
--- a/src/libutil/hash.cc
+++ b/src/libutil/hash.cc
@ -8,7 +8,6 @@
 #include "hash.hh"
 #include "archive.hh"
 #include "charptr-cast.hh"
-#include "fmt.hh"
 #include "logging.hh"
 #include "split.hh"
 #include "strings.hh"
@ -211,17 +210,6 @@ Hash Hash::parseNonSRIUnprefixed(std::string_view s, HashType type)
 Hash::Hash(std::string_view rest, HashType type, bool isSRI)
    : Hash(type)
 {
-    if (type == HashType::MD5 || type == HashType::SHA1) {
-        if (isSRI) {
-            // Forbidden as per https://w3c.github.io/webappsec-csp/#grammardef-hash-algorithm
-            throw BadHash("%s values are not allowed in SRI hashes", printHashType(type));
-        } else {
-            logWarning({
-                    .msg = HintFmt("%s hashes are considered weak, use a newer hashing algorithm instead. (value: %s)", Uncolored(printHashType(type)), rest)
-            });
-        }
-    }
-
    if (!isSRI && rest.size() == base16Len()) {

        auto parseHexDigit = [&](char c) {
--- a/tests/functional/hash.sh
+++ b/tests/functional/hash.sh
@ -102,5 +102,6 @@ try3() {
    h16=$(nix hash to-base16 "$sri")
    [ "$h16" = "$2" ]
 }
+try3 sha1 "800d59cfcd3c05e900cb4e214be48f6b886a08df" "vw46m23bizj4n8afrc0fj19wrp7mj3c0" "gA1Zz808BekAy04hS+SPa4hqCN8="
 try3 sha256 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" "1b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s" "ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0="
 try3 sha512 "204a8fc6dda82f0a0ced7beb8e08a41657c16ef468b228a8279be331a703c33596fd15c13b1b07f9aa1d3bea57789ca031ad85c7a71dd70354ec631238ca3445" "12k9jiq29iyqm03swfsgiw5mlqs173qazm3n7daz43infy12pyrcdf30fkk3qwv4yl2ick8yipc2mqnlh48xsvvxl60lbx8vp38yji0" "IEqPxt2oLwoM7XvrjgikFlfBbvRosiioJ5vjMacDwzWW/RXBOxsH+aodO+pXeJygMa2Fx6cd1wNU7GMSOMo0RQ=="
--- a/tests/functional/meson.build
+++ b/tests/functional/meson.build
@ -197,7 +197,6 @@ functional_tests_scripts = [
  'extra-sandbox-profile.sh',
  'substitute-truncated-nar.sh',
  'regression-484.sh',
-  'reject-weak-hashes.sh'
 ]

 # Plugin tests require shared libraries support.
--- a/tests/functional/reject-weak-hashes.sh
+++ b/tests/functional/reject-weak-hashes.sh
@ -1,11 +0,0 @@
-source common.sh
-
-expectStderr 1 nix hash to-sri md5-rrdBU2a35b2PM2ZO+n/zGw== \
-  | grepQuiet "md5 values are not allowed"
-expectStderr 1 nix hash to-sri sha1-SXZKz6Po0xFryhnhSDvvOfAuBOo= \
-  | grepQuiet "sha1 values are not allowed"
-
-nix hash to-sri --type md5 a180c3fe91680389c210c99def54d9e0 2>&1 \
-  | grepQuiet "md5 hashes are considered weak"
-nix hash to-sri --type sha1 49764acfa3e8d3116bca19e1483bef39f02e04ea 2>&1 \
-  | grepQuiet "sha1 hashes are considered weak"