[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SHA-1 collision in repository?

From: Myria <myriachan_at_gmail.com>
Date: Sun, 04 Mar 2018 10:31:24 +0000

How can I dump out the two things that Subversion thinks have the same
SHA-1 checksum but don't match? This seems to be rather difficult to do.

That said, it's far more likely that there's a bug in Subversion than that
we randomly collided SHA-1.

On Sun, Mar 4, 2018 at 02:29 Philip Martin <philip_at_codematters.co.uk> wrote:

> Nathan Hartman <hartman.nathan_at_gmail.com> writes:
> > Does this mean that content being committed to the repository is never
> > elided based on the SHA hash alone but only after a fulltext
> > verification that the content actually already exists in the
> > repository?
> That's correct. Fulltext matching was added in 1.9.6 and 1.8.18, older
> versions of Subversion relied on the SHA1 match alone.
> --
> Philip
Received on 2018-03-04 11:31:45 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.