Re: SHA-1 collision in repository?

From: Myria <myriachan_at_gmail.com>
Date: Sun, 04 Mar 2018 10:31:24 +0000

How can I dump out the two things that Subversion thinks have the same
SHA-1 checksum but don't match? This seems to be rather difficult to do.

That said, it's far more likely that there's a bug in Subversion than that
we randomly collided SHA-1.

On Sun, Mar 4, 2018 at 02:29 Philip Martin <philip_at_codematters.co.uk> wrote:

> Nathan Hartman <hartman.nathan_at_gmail.com> writes:
>
> > Does this mean that content being committed to the repository is never
> > elided based on the SHA hash alone but only after a fulltext
> > verification that the content actually already exists in the
> > repository?
>
> That's correct. Fulltext matching was added in 1.9.6 and 1.8.18, older
> versions of Subversion relied on the SHA1 match alone.
>
> --
> Philip
>
Received on 2018-03-04 11:31:45 CET

This message: [ Message body ]
Next message: Philip Martin: "Re: SHA-1 collision in repository?"
Previous message: Philip Martin: "Re: SHA-1 collision in repository?"
In reply to: Philip Martin: "Re: SHA-1 collision in repository?"
Next in thread: Philip Martin: "Re: SHA-1 collision in repository?"
Reply: Philip Martin: "Re: SHA-1 collision in repository?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]