Date: Thu, 05 Feb 2009 01:37:26 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: FreeBSD <freebsd@optiksecurite.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: OT: SVN checkout checksumming Message-ID: <878wolpydl.fsf@kobe.laptop> In-Reply-To: <4989B239.9090504@optiksecurite.com> (freebsd@optiksecurite.com's message of "Wed, 04 Feb 2009 10:20:25 -0500") References: <4989B239.9090504@optiksecurite.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 04 Feb 2009 10:20:25 -0500, FreeBSD <freebsd@optiksecurite.com> wrote: > Hi everyone, > > I have asked this question on the svnforum.org and didn't got a good > answer, so I try it here. > > I want to use SVN to automate the update process of a custom > application. So, I'm planning to indicate to every PC to update > periodically to a specific branch of the repository. The problem is > that I need to be sure the files where not corrupted during the > transfer. So, I'm planning to generate the hash (SHA or MD5, doesn't > really matters) of every file downloaded by SVN on the client. For > this to work, I need to compare the hashes with their server-side > equivalent. I looked at the post-commit hooks and it looks pretty > interesting but is anyone doing something similar? How are you > creating the file containing the hash of the committed file? Let's assume for a moment that you install a post-commit hook that generates a SHA-256 checksum of all the files in the latest repo revision on the svn server. For the sake of simplicity, let's assume that this file is a simple, plain text file that is named db/revs/NUMBER.sha256 where 'NUMBER' is the revision number you are check-summing. How are you going to *safely* transmit those SHA-256 checksums to the client on 'svn checkout'? If you have a communication channel between the SVN server and its clients that it "secure enough", why would you want to go through the extra hoops to communicate the checksums of the files and not tunnel the checkout itself through the secure channel? > I got 2 answers on the forum from people thinking that SVN takes care > of the checksumming by itself, but I would like a little more > information than that. What is the algorithm used would be a nice > start. They were probably referring to the internal checksums of the FSFS storage format of the SVN repository itself. There is a description of the internal FSFS storage format at: http://svn.collab.net/repos/svn/trunk/subversion/libsvn_fs_fs/structure This may be useful as you try to understand what is stored in an FSFS-based Subversion repository.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?878wolpydl.fsf>