diff options
| author | brian m. carlson <sandals@crustytoothpaste.net> | 2025-07-01 21:22:37 +0000 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2025-07-01 14:58:26 -0700 |
| commit | c79bb70a2e7d9158ec165ea16ad45371cd6e350d (patch) | |
| tree | d35981c46cb19e0609d073719be6b384ec914b60 /hash.h | |
| parent | 39153c809711885ca2ea5b527e4ff893170f1b6f (diff) | |
| download | git-c79bb70a2e7d9158ec165ea16ad45371cd6e350d.tar.xz | |
Enable SHA-256 by default in breaking changes mode
Our document on breaking changes indicates that we intend to default to
SHA-256 in Git 3.0. Since most people choose the default option, this
is an important security upgrade to our defaults.
To allow people to test this case, when WITH_BREAKING_CHANGES is set in
the configuration, build Git with SHA-256 as the default hash. Update
the testsuite to use the build options information to automatically
choose the right value.
Note that if the command substitution for GIT_TEST_BUILTIN_HASH fails,
so does the testsuiteāand quite spectacularly at that. Thus, the case
where the Git binary is somehow subtly broken will not go undetected.
Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'hash.h')
| -rw-r--r-- | hash.h | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -174,8 +174,14 @@ static inline void git_SHA256_Clone(git_SHA256_CTX *dst, const git_SHA256_CTX *s #define GIT_HASH_SHA256 2 /* Number of algorithms supported (including unknown). */ #define GIT_HASH_NALGOS (GIT_HASH_SHA256 + 1) + /* Default hash algorithm if unspecified. */ -#define GIT_HASH_DEFAULT GIT_HASH_SHA1 +#ifdef WITH_BREAKING_CHANGES +# define GIT_HASH_DEFAULT GIT_HASH_SHA256 +#else +# define GIT_HASH_DEFAULT GIT_HASH_SHA1 +#endif + /* Legacy hash algorithm. Implied for older data formats which don't specify. */ #define GIT_HASH_SHA1_LEGACY GIT_HASH_SHA1 |