From ee14f31cbce992698a42f1f230480bd9e842daf0 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Sat, 22 Jul 2017 00:54:41 +0200
Subject: [PATCH] Disallow uploading of new md5 checksummed files

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 scripts/httpd/upload.cgi | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/httpd/upload.cgi b/scripts/httpd/upload.cgi
index f047343..3c656c4 100644
--- a/scripts/httpd/upload.cgi
+++ b/scripts/httpd/upload.cgi
@@ -194,6 +194,10 @@ def main():
             print 'Missing'
 
         sys.exit(0)
+    # TODO: At a later date, the default should be moved to True
+    elif hash_type == "md5" and config['dist-git'].getboolean('nomd5', fallback=False):
+        send_error('Uploads with md5 are no longer allowed.',
+                   status='406 Not Acceptable')
 
     # check that all directories are in place
     makedirs(module_dir, username)