futils: use SHA256 for checksums always

ethomson · ethomson · commit 6a02b459ab1d · 2023-05-08T15:06:41.000+01:00
Use SHA256 for file checksums. SHA1 makes no sense as a default in 2023.

Given that we're just looking at a file checksum to see if it's changed,
this does not need to take repository's OID type into account or
otherwise be configurable.
diff --git a/src/libgit2/grafts.c b/src/libgit2/grafts.c
@@ -18,7 +18,7 @@ struct git_grafts {
 
 	/* File backing the graft. NULL if it's an in-memory graft */
 	char *path;
-	git_oid path_checksum;
+	unsigned char path_checksum[GIT_HASH_SHA256_SIZE];
 };
 
 int git_grafts_new(git_grafts **out)
@@ -97,7 +97,8 @@ int git_grafts_refresh(git_grafts *grafts)
 		return 0;
 
 	if ((error = git_futils_readbuffer_updated(&contents, grafts->path,
-				(grafts->path_checksum).id, &updated)) < 0) {
+				grafts->path_checksum, &updated)) < 0) {
+
 		if (error == GIT_ENOTFOUND) {
 			git_grafts_clear(grafts);
 			error = 0;
diff --git a/src/util/futils.c b/src/util/futils.c
@@ -221,14 +221,14 @@ int git_futils_readbuffer_fd_full(git_str *buf, git_file fd)
 int git_futils_readbuffer_updated(
 	git_str *out,
 	const char *path,
-	unsigned char checksum[GIT_HASH_SHA1_SIZE],
+	unsigned char checksum[GIT_HASH_SHA256_SIZE],
 	int *updated)
 {
 	int error;
 	git_file fd;
 	struct stat st;
 	git_str buf = GIT_STR_INIT;
-	unsigned char checksum_new[GIT_HASH_SHA1_SIZE];
+	unsigned char checksum_new[GIT_HASH_SHA256_SIZE];
 
 	GIT_ASSERT_ARG(out);
 	GIT_ASSERT_ARG(path && *path);
@@ -261,23 +261,26 @@ int git_futils_readbuffer_updated(
 	p_close(fd);
 
 	if (checksum) {
-		if ((error = git_hash_buf(checksum_new, buf.ptr, buf.size, GIT_HASH_ALGORITHM_SHA1)) < 0) {
+		error = git_hash_buf(checksum_new, buf.ptr,
+		                     buf.size, GIT_HASH_ALGORITHM_SHA256);
+
+		if (error < 0) {
 			git_str_dispose(&buf);
 			return error;
 		}
 
 		/*
 		 * If we were given a checksum, we only want to use it if it's different
 		 */
-		if (!memcmp(checksum, checksum_new, GIT_HASH_SHA1_SIZE)) {
+		if (!memcmp(checksum, checksum_new, GIT_HASH_SHA256_SIZE)) {
 			git_str_dispose(&buf);
 			if (updated)
 				*updated = 0;
 
 			return 0;
 		}
 
-		memcpy(checksum, checksum_new, GIT_HASH_SHA1_SIZE);
+		memcpy(checksum, checksum_new, GIT_HASH_SHA256_SIZE);
 	}
 
 	/*
