moparisthebest
/
pacman
mirror of https://github.com/moparisthebest/pacman
1
0
Fork 0
Code Issues Releases Wiki Activity

Remove support for SHA1 from pacman. 

There's no need for a second hashing algorithm. MD5 serves the purpose
of verifying that a package file hasn't been corrupted during download.

Signed-off-by: Andrew Fyfe <andrew@neptune-one.net>
Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
Andrew Fyfe 2007-07-25 22:35:29 +01:00 committed by Dan McGee
parent ee977019e3
commit ba67fdae63
13 changed files with 22 additions and 650 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
contrib/vimproject
View File

@ -29,7 +29,6 @@ pacman=~/devel/pacman-lib CD=. flags=S {
provide.c
remove.c
server.c
sha1.c
sync.c
trans.c
util.c
@ -50,7 +49,6 @@ pacman=~/devel/pacman-lib CD=. flags=S {
provide.h
remove.h
server.h
sha1.h
sync.h
trans.h
util.h

1
lib/libalpm/Makefile.am
View File

@ -29,7 +29,6 @@ libalpm_la_SOURCES = \
provide.h provide.c \
remove.h remove.c \
server.h server.c \
sha1.h sha1.c \
sync.h sync.c \
trans.h trans.c \
util.h util.c

37
lib/libalpm/add.c
View File

@ -42,7 +42,6 @@
#include "error.h"
#include "cache.h"
#include "md5.h"
#include "sha1.h"
#include "log.h"
#include "backup.h"
#include "package.h"
@ -336,7 +335,6 @@ static int extract_single_file(struct archive *archive,
char filename[PATH_MAX]; /* the actual file we're extracting */
int needbackup = 0, notouch = 0;
char *hash_orig = NULL;
int use_md5 = 0;
const int archive_flags = ARCHIVE_EXTRACT_OWNER |
ARCHIVE_EXTRACT_PERM |
ARCHIVE_EXTRACT_TIME;
@ -485,10 +483,6 @@ static int extract_single_file(struct archive *archive,
/* case 5,8: don't need to do anything special */
}
if(strlen(newpkg->sha1sum) == 0) {
use_md5 = 1;
}
if(needbackup) {
char *tempfile = NULL;
char *hash_local = NULL, *hash_pkg = NULL;
@ -516,15 +510,10 @@ static int extract_single_file(struct archive *archive,
return(1);
}
if(use_md5) {
hash_local = _alpm_MDFile(filename);
hash_pkg = _alpm_MDFile(tempfile);
} else {
hash_local = _alpm_SHAFile(filename);
hash_pkg = _alpm_SHAFile(tempfile);
}
hash_local = _alpm_MDFile(filename);
hash_pkg = _alpm_MDFile(tempfile);
/* append the new md5 or sha1 hash to it's respective entry
/* append the new md5 hash to it's respective entry
* in newpkg's backup (it will be the new orginal) */
alpm_list_t *backups;
for(backups = alpm_pkg_get_backup(newpkg); backups;
@ -534,14 +523,7 @@ static int extract_single_file(struct archive *archive,
return(0);
}
char *backup = NULL;
int backup_len = strlen(oldbackup) + 2; /* tab char and null byte */
if(use_md5) {
backup_len += 32; /* MD5s are 32 chars in length */
} else {
backup_len += 40; /* SHA1s are 40 chars in length */
}
int backup_len = strlen(oldbackup) + 34; /* tab char, null byte and MD5 (32 char) */
backup = malloc(backup_len);
if(!backup) {
RET_ERR(PM_ERR_MEMORY, -1);
@ -673,21 +655,14 @@ static int extract_single_file(struct archive *archive,
for(b = alpm_pkg_get_backup(newpkg); b; b = b->next) {
char *backup = NULL, *hash = NULL;
char *oldbackup = alpm_list_getdata(b);
int backup_len = strlen(oldbackup) + 2; /* tab char and null byte */
int backup_len = strlen(oldbackup) + 34; /* tab char, null byte and MD5 (32 char) */
if(!oldbackup || strcmp(oldbackup, entryname) != 0) {
return(0);
}
_alpm_log(PM_LOG_DEBUG, "appending backup entry for %s", filename);
if(use_md5) {
backup_len += 32; /* MD5s are 32 chars in length */
hash = _alpm_MDFile(filename);
} else {
backup_len += 40; /* SHA1s are 40 chars in length */
hash = _alpm_SHAFile(filename);
}
hash = _alpm_MDFile(filename);
backup = malloc(backup_len);
if(!backup) {
RET_ERR(PM_ERR_MEMORY, -1);

3
lib/libalpm/alpm.h
View File

@ -188,7 +188,6 @@ typedef enum _pmpkghasarch_t {
int alpm_pkg_load(const char *filename, pmpkg_t **pkg);
int alpm_pkg_free(pmpkg_t *pkg);
int alpm_pkg_checkmd5sum(pmpkg_t *pkg);
int alpm_pkg_checksha1sum(pmpkg_t *pkg);
char *alpm_fetch_pkgurl(const char *url);
int alpm_pkg_vercmp(const char *ver1, const char *ver2);
char *alpm_pkg_name_hasarch(const char *pkgname);
@ -203,7 +202,6 @@ const char *alpm_pkg_get_buildtype(pmpkg_t *pkg);
const char *alpm_pkg_get_installdate(pmpkg_t *pkg);
const char *alpm_pkg_get_packager(pmpkg_t *pkg);
const char *alpm_pkg_get_md5sum(pmpkg_t *pkg);
const char *alpm_pkg_get_sha1sum(pmpkg_t *pkg);
const char *alpm_pkg_get_arch(pmpkg_t *pkg);
unsigned long alpm_pkg_get_size(pmpkg_t *pkg);
unsigned long alpm_pkg_get_isize(pmpkg_t *pkg);
@ -382,7 +380,6 @@ const char *alpm_conflict_get_ctarget(pmconflict_t *conflict);
/* checksums */
char *alpm_get_md5sum(char *name);
char *alpm_get_sha1sum(char *name);
/*
* Errors

6
lib/libalpm/backup.c
View File

@ -34,7 +34,7 @@
#include "util.h"
/* Look for a filename in a pmpkg_t.backup list. If we find it,
* then we return the md5 or sha1 hash (parsed from the same line)
* then we return the md5 hash (parsed from the same line)
*/
char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
{
@ -46,7 +46,7 @@ char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
return(NULL);
}
/* run through the backup list and parse out the md5 or sha1 hash for our file */
/* run through the backup list and parse out the md5 hash for our file */
for(lp = backup; lp; lp = lp->next) {
char *str = strdup(lp->data);
char *ptr;
@ -59,7 +59,7 @@ char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
}
*ptr = '\0';
ptr++;
/* now str points to the filename and ptr points to the md5 or sha1 hash */
/* now str points to the filename and ptr points to the md5 hash */
if(strcmp(file, str) == 0) {
char *hash = strdup(ptr);
FREE(str);

11
lib/libalpm/be_files.c
View File

@ -361,12 +361,6 @@ int _alpm_db_read(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq)
}
_alpm_strtrim(tmp);
info->isize = atol(tmp);
} else if(!strcmp(line, "%SHA1SUM%")) {
/* SHA1SUM tag only appears in sync repositories,
* not the local one. */
if(fgets(info->sha1sum, sizeof(info->sha1sum), fp) == NULL) {
goto error;
}
} else if(!strcmp(line, "%MD5SUM%")) {
/* MD5SUM tag only appears in sync repositories,
* not the local one. */
@ -571,10 +565,7 @@ int _alpm_db_write(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq)
fprintf(fp, "%%ISIZE%%\n"
"%lu\n\n", info->isize);
}
if(info->sha1sum) {
fprintf(fp, "%%SHA1SUM%%\n"
"%s\n\n", info->sha1sum);
} else if(info->md5sum) {
if(info->md5sum) {
fprintf(fp, "%%MD5SUM%%\n"
"%s\n\n", info->md5sum);
}

65
lib/libalpm/package.c
View File

@ -95,57 +95,6 @@ int SYMEXPORT alpm_pkg_free(pmpkg_t *pkg)
return(0);
}
/** Check the integrity (with sha1) of a package from the sync cache.
* @param pkg package pointer
* @return 0 on success, -1 on error (pm_errno is set accordingly)
*/
int SYMEXPORT alpm_pkg_checksha1sum(pmpkg_t *pkg)
{
char path[PATH_MAX];
struct stat buf;
char *sha1sum = NULL;
alpm_list_t *i;
int retval = 0;
ALPM_LOG_FUNC;
ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1));
/* We only inspect packages from sync repositories */
ASSERT(pkg->origin == PKG_FROM_CACHE, RET_ERR(PM_ERR_PKG_INVALID, -1));
ASSERT(pkg->origin_data.db != handle->db_local, RET_ERR(PM_ERR_PKG_INVALID, -1));
/* Loop through the cache dirs until we find a matching file */
for(i = alpm_option_get_cachedirs(); i; i = alpm_list_next(i)) {
snprintf(path, PATH_MAX, "%s%s-%s" PKGEXT, (char*)alpm_list_getdata(i),
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
if(stat(path, &buf) == 0) {
break;
}
}
sha1sum = alpm_get_sha1sum(path);
if(sha1sum == NULL) {
_alpm_log(PM_LOG_ERROR, _("could not get sha1sum for package %s-%s"),
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
pm_errno = PM_ERR_NOT_A_FILE;
retval = -1;
} else {
if(strcmp(sha1sum, alpm_pkg_get_sha1sum(pkg)) == 0) {
_alpm_log(PM_LOG_DEBUG, "sha1sums for package %s-%s match",
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
} else {
_alpm_log(PM_LOG_ERROR, _("sha1sums do not match for package %s-%s"),
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
pm_errno = PM_ERR_PKG_INVALID;
retval = -1;
}
}
FREE(sha1sum);
return(retval);
}
/** Check the integrity (with md5) of a package from the sync cache.
* @param pkg package pointer
* @return 0 on success, -1 on error (pm_errno is set accordingly)
@ -392,20 +341,6 @@ const char SYMEXPORT *alpm_pkg_get_md5sum(pmpkg_t *pkg)
return pkg->md5sum;
}
const char SYMEXPORT *alpm_pkg_get_sha1sum(pmpkg_t *pkg)
{
ALPM_LOG_FUNC;
/* Sanity checks */
ASSERT(handle != NULL, return(NULL));
ASSERT(pkg != NULL, return(NULL));
if(pkg->origin == PKG_FROM_CACHE && !(pkg->infolevel & INFRQ_DESC)) {
_alpm_db_read(pkg->origin_data.db, pkg, INFRQ_DESC);
}
return pkg->sha1sum;
}
const char SYMEXPORT *alpm_pkg_get_arch(pmpkg_t *pkg)
{
ALPM_LOG_FUNC;

2
lib/libalpm/package.h
View File

@ -46,7 +46,6 @@ typedef enum _pmpkgfrom_t {
#define PKG_TYPE_LEN 32
#define PKG_PACKAGER_LEN 64
#define PKG_MD5SUM_LEN 33
#define PKG_SHA1SUM_LEN 41
#define PKG_ARCH_LEN 32
struct __pmpkg_t {
@ -59,7 +58,6 @@ struct __pmpkg_t {
char installdate[PKG_DATE_LEN];
char packager[PKG_PACKAGER_LEN];
char md5sum[PKG_MD5SUM_LEN];
char sha1sum[PKG_SHA1SUM_LEN];
char arch[PKG_ARCH_LEN];
unsigned long size;
unsigned long isize;

1
lib/libalpm/remove.c
View File

@ -40,7 +40,6 @@
#include "util.h"
#include "error.h"
#include "md5.h"
#include "sha1.h"
#include "log.h"
#include "backup.h"
#include "package.h"

431
lib/libalpm/sha1.c
View File

@ -1,431 +0,0 @@
/* sha.c - Functions to compute SHA1 message digest of files or
memory blocks according to the NIST specification FIPS-180-1.
Copyright (C) 2000, 2001, 2003 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2, or (at your option) any
later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
/* Written by Scott G. Miller
Credits:
Robert Klep <robert@ilse.nl> -- Expansion function fix
*/
#include "config.h"
#include <sys/types.h>
#include <stdlib.h>
#include <string.h>
/* libalpm */
#include "sha1.h"
#include "alpm.h"
#include "log.h"
#include "util.h"
/*
Not-swap is a macro that does an endian swap on architectures that are
big-endian, as SHA needs some data in a little-endian format
*/
#ifdef WORDS_BIGENDIAN
# define NOTSWAP(n) (n)
# define SWAP(n) \
(((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
#else
# define NOTSWAP(n) \
(((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
# define SWAP(n) (n)
#endif
#define BLOCKSIZE 4096
/* Ensure that BLOCKSIZE is a multiple of 64. */
#if BLOCKSIZE % 64 != 0
/* FIXME-someday (soon?): use #error instead of this kludge. */
"invalid BLOCKSIZE"
#endif
/* This array contains the bytes used to pad the buffer to the next
64-byte boundary. (RFC 1321, 3.1: Step 1) */
static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
/* Starting with the result of former calls of this function (or the
initialization function update the context for the next LEN bytes
starting at BUFFER.
It is necessary that LEN is a multiple of 64!!! */
static void sha_process_block (const void *buffer, size_t len,
struct sha_ctx *ctx);
/* Starting with the result of former calls of this function (or the
initialization function update the context for the next LEN bytes
starting at BUFFER.
It is NOT required that LEN is a multiple of 64. */
static void sha_process_bytes (const void *buffer, size_t len,
struct sha_ctx *ctx);
/* Put result from CTX in first 20 bytes following RESBUF. The result is
always in little endian byte order, so that a byte-wise output yields
to the wanted ASCII representation of the message digest.
IMPORTANT: On some systems it is required that RESBUF is correctly
aligned for a 32 bits value. */
static void *sha_read_ctx (const struct sha_ctx *ctx, void *resbuf);
/*
Takes a pointer to a 160 bit block of data (five 32 bit ints) and
intializes it to the start constants of the SHA1 algorithm. This
must be called before using hash in the call to sha_hash
*/
static void
sha_init_ctx (struct sha_ctx *ctx)
{
ctx->A = 0x67452301;
ctx->B = 0xefcdab89;
ctx->C = 0x98badcfe;
ctx->D = 0x10325476;
ctx->E = 0xc3d2e1f0;
ctx->total[0] = ctx->total[1] = 0;
ctx->buflen = 0;
}
/* Put result from CTX in first 20 bytes following RESBUF. The result
must be in little endian byte order.
IMPORTANT: On some systems it is required that RESBUF is correctly
aligned for a 32 bits value. */
static void *
sha_read_ctx (const struct sha_ctx *ctx, void *resbuf)
{
((sha_uint32 *) resbuf)[0] = NOTSWAP (ctx->A);
((sha_uint32 *) resbuf)[1] = NOTSWAP (ctx->B);
((sha_uint32 *) resbuf)[2] = NOTSWAP (ctx->C);
((sha_uint32 *) resbuf)[3] = NOTSWAP (ctx->D);
((sha_uint32 *) resbuf)[4] = NOTSWAP (ctx->E);
return resbuf;
}
/* Process the remaining bytes in the internal buffer and the usual
prolog according to the standard and write the result to RESBUF.
IMPORTANT: On some systems it is required that RESBUF is correctly
aligned for a 32 bits value. */
static void *
sha_finish_ctx (struct sha_ctx *ctx, void *resbuf)
{
/* Take yet unprocessed bytes into account. */
sha_uint32 bytes = ctx->buflen;
size_t pad;
/* Now count remaining bytes. */
ctx->total[0] += bytes;
if (ctx->total[0] < bytes)
++ctx->total[1];
pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
memcpy (&ctx->buffer[bytes], fillbuf, pad);
/* Put the 64-bit file length in *bits* at the end of the buffer. */
*(sha_uint32 *) &ctx->buffer[bytes + pad + 4] = NOTSWAP (ctx->total[0] << 3);
*(sha_uint32 *) &ctx->buffer[bytes + pad] = NOTSWAP ((ctx->total[1] << 3) |
(ctx->total[0] >> 29));
/* Process last bytes. */
sha_process_block (ctx->buffer, bytes + pad + 8, ctx);
return sha_read_ctx (ctx, resbuf);
}
static void
sha_process_bytes (const void *buffer, size_t len, struct sha_ctx *ctx)
{
/* When we already have some bits in our internal buffer concatenate
both inputs first. */
if (ctx->buflen != 0)
{
size_t left_over = ctx->buflen;
size_t add = 128 - left_over > len ? len : 128 - left_over;
memcpy (&ctx->buffer[left_over], buffer, add);
ctx->buflen += add;
if (ctx->buflen > 64)
{
sha_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
ctx->buflen &= 63;
/* The regions in the following copy operation cannot overlap. */
memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
ctx->buflen);
}
buffer = (const char *) buffer + add;
len -= add;
}
/* Process available complete blocks. */
if (len >= 64)
{
#if !_STRING_ARCH_unaligned
/* To check alignment gcc has an appropriate operator. Other
compilers don't. */
# if __GNUC__ >= 2
# define UNALIGNED_P(p) (((sha_uintptr) p) % __alignof__ (sha_uint32) != 0)
# else
# define UNALIGNED_P(p) (((sha_uintptr) p) % sizeof (sha_uint32) != 0)
# endif
if (UNALIGNED_P (buffer))
while (len > 64)
{
sha_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
buffer = (const char *) buffer + 64;
len -= 64;
}
else
#endif
{
sha_process_block (buffer, len & ~63, ctx);
buffer = (const char *) buffer + (len & ~63);
len &= 63;
}
}
/* Move remaining bytes in internal buffer. */
if (len > 0)
{
size_t left_over = ctx->buflen;
memcpy (&ctx->buffer[left_over], buffer, len);
left_over += len;
if (left_over >= 64)
{
sha_process_block (ctx->buffer, 64, ctx);
left_over -= 64;
memcpy (ctx->buffer, &ctx->buffer[64], left_over);
}
ctx->buflen = left_over;
}
}
/* --- Code below is the primary difference between md5.c and sha.c --- */
/* SHA1 round constants */
#define K1 0x5a827999L
#define K2 0x6ed9eba1L
#define K3 0x8f1bbcdcL
#define K4 0xca62c1d6L
/* Round functions. Note that F2 is the same as F4. */
#define F1(B,C,D) ( D ^ ( B & ( C ^ D ) ) )
#define F2(B,C,D) (B ^ C ^ D)
#define F3(B,C,D) ( ( B & C ) | ( D & ( B | C ) ) )
#define F4(B,C,D) (B ^ C ^ D)
/* Process LEN bytes of BUFFER, accumulating context into CTX.
It is assumed that LEN % 64 == 0.
Most of this code comes from GnuPG's cipher/sha1.c. */
static void
sha_process_block (const void *buffer, size_t len, struct sha_ctx *ctx)
{
const sha_uint32 *words = buffer;
size_t nwords = len / sizeof (sha_uint32);
const sha_uint32 *endp = words + nwords;
sha_uint32 x[16];
sha_uint32 a = ctx->A;
sha_uint32 b = ctx->B;
sha_uint32 c = ctx->C;
sha_uint32 d = ctx->D;
sha_uint32 e = ctx->E;
/* First increment the byte count. RFC 1321 specifies the possible
length of the file up to 2^64 bits. Here we only compute the
number of bytes. Do a double word increment. */
ctx->total[0] += len;
if (ctx->total[0] < len)
++ctx->total[1];
#define M(I) ( tm = x[I&0x0f] ^ x[(I-14)&0x0f] \
^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \
, (x[I&0x0f] = rol(tm, 1)) )
#define R(A,B,C,D,E,F,K,M) do { E += rol( A, 5 ) \
+ F( B, C, D ) \
+ K \
+ M; \
B = rol( B, 30 ); \
} while(0)
while (words < endp)
{
sha_uint32 tm;
int t;
/* FIXME: see sha1.c for a better implementation. */
for (t = 0; t < 16; t++)
{
x[t] = NOTSWAP (*words);
words++;
}
R( a, b, c, d, e, F1, K1, x[ 0] );
R( e, a, b, c, d, F1, K1, x[ 1] );
R( d, e, a, b, c, F1, K1, x[ 2] );
R( c, d, e, a, b, F1, K1, x[ 3] );
R( b, c, d, e, a, F1, K1, x[ 4] );
R( a, b, c, d, e, F1, K1, x[ 5] );
R( e, a, b, c, d, F1, K1, x[ 6] );
R( d, e, a, b, c, F1, K1, x[ 7] );
R( c, d, e, a, b, F1, K1, x[ 8] );
R( b, c, d, e, a, F1, K1, x[ 9] );
R( a, b, c, d, e, F1, K1, x[10] );
R( e, a, b, c, d, F1, K1, x[11] );
R( d, e, a, b, c, F1, K1, x[12] );
R( c, d, e, a, b, F1, K1, x[13] );
R( b, c, d, e, a, F1, K1, x[14] );
R( a, b, c, d, e, F1, K1, x[15] );
R( e, a, b, c, d, F1, K1, M(16) );
R( d, e, a, b, c, F1, K1, M(17) );
R( c, d, e, a, b, F1, K1, M(18) );
R( b, c, d, e, a, F1, K1, M(19) );
R( a, b, c, d, e, F2, K2, M(20) );
R( e, a, b, c, d, F2, K2, M(21) );
R( d, e, a, b, c, F2, K2, M(22) );
R( c, d, e, a, b, F2, K2, M(23) );
R( b, c, d, e, a, F2, K2, M(24) );
R( a, b, c, d, e, F2, K2, M(25) );
R( e, a, b, c, d, F2, K2, M(26) );
R( d, e, a, b, c, F2, K2, M(27) );
R( c, d, e, a, b, F2, K2, M(28) );
R( b, c, d, e, a, F2, K2, M(29) );
R( a, b, c, d, e, F2, K2, M(30) );
R( e, a, b, c, d, F2, K2, M(31) );
R( d, e, a, b, c, F2, K2, M(32) );
R( c, d, e, a, b, F2, K2, M(33) );
R( b, c, d, e, a, F2, K2, M(34) );
R( a, b, c, d, e, F2, K2, M(35) );
R( e, a, b, c, d, F2, K2, M(36) );
R( d, e, a, b, c, F2, K2, M(37) );
R( c, d, e, a, b, F2, K2, M(38) );
R( b, c, d, e, a, F2, K2, M(39) );
R( a, b, c, d, e, F3, K3, M(40) );
R( e, a, b, c, d, F3, K3, M(41) );
R( d, e, a, b, c, F3, K3, M(42) );
R( c, d, e, a, b, F3, K3, M(43) );
R( b, c, d, e, a, F3, K3, M(44) );
R( a, b, c, d, e, F3, K3, M(45) );
R( e, a, b, c, d, F3, K3, M(46) );
R( d, e, a, b, c, F3, K3, M(47) );
R( c, d, e, a, b, F3, K3, M(48) );
R( b, c, d, e, a, F3, K3, M(49) );
R( a, b, c, d, e, F3, K3, M(50) );
R( e, a, b, c, d, F3, K3, M(51) );
R( d, e, a, b, c, F3, K3, M(52) );
R( c, d, e, a, b, F3, K3, M(53) );
R( b, c, d, e, a, F3, K3, M(54) );
R( a, b, c, d, e, F3, K3, M(55) );
R( e, a, b, c, d, F3, K3, M(56) );
R( d, e, a, b, c, F3, K3, M(57) );
R( c, d, e, a, b, F3, K3, M(58) );
R( b, c, d, e, a, F3, K3, M(59) );
R( a, b, c, d, e, F4, K4, M(60) );
R( e, a, b, c, d, F4, K4, M(61) );
R( d, e, a, b, c, F4, K4, M(62) );
R( c, d, e, a, b, F4, K4, M(63) );
R( b, c, d, e, a, F4, K4, M(64) );
R( a, b, c, d, e, F4, K4, M(65) );
R( e, a, b, c, d, F4, K4, M(66) );
R( d, e, a, b, c, F4, K4, M(67) );
R( c, d, e, a, b, F4, K4, M(68) );
R( b, c, d, e, a, F4, K4, M(69) );
R( a, b, c, d, e, F4, K4, M(70) );
R( e, a, b, c, d, F4, K4, M(71) );
R( d, e, a, b, c, F4, K4, M(72) );
R( c, d, e, a, b, F4, K4, M(73) );
R( b, c, d, e, a, F4, K4, M(74) );
R( a, b, c, d, e, F4, K4, M(75) );
R( e, a, b, c, d, F4, K4, M(76) );
R( d, e, a, b, c, F4, K4, M(77) );
R( c, d, e, a, b, F4, K4, M(78) );
R( b, c, d, e, a, F4, K4, M(79) );
a = ctx->A += a;
b = ctx->B += b;
c = ctx->C += c;
d = ctx->D += d;
e = ctx->E += e;
}
}
/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
rights reserved.
RSA Data Security, Inc. makes no representations concerning either
the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is"
without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this
documentation and/or software.
*/
/** Get the sha1 sum of file.
* @param name name of the file
* @return the checksum on success, NULL on error
* @addtogroup alpm_misc
*/
char SYMEXPORT *alpm_get_sha1sum(char *name)
{
ALPM_LOG_FUNC;
ASSERT(name != NULL, return(NULL));
return(_alpm_SHAFile(name));
}
char* _alpm_SHAFile(char *filename) {
FILE *file;
struct sha_ctx context;
int len, i;
char hex[3];
unsigned char buffer[1024], digest[20];
char *ret;
ALPM_LOG_FUNC;
if((file = fopen(filename, "rb")) == NULL) {
_alpm_log(PM_LOG_ERROR, _("sha1: %s can't be opened\n"), filename);
} else {
sha_init_ctx(&context);
while((len = fread(buffer, 1, 1024, file))) {
sha_process_bytes(buffer, len, &context);
}
sha_finish_ctx(&context, digest);
fclose(file);
ret = (char*)malloc(41);
ret[0] = '\0';
for(i = 0; i < 20; i++) {
snprintf(hex, 3, "%02x", digest[i]);
strncat(ret, hex, 2);
}
_alpm_log(PM_LOG_DEBUG, "sha1(%s) = %s", filename, ret);
return(ret);
}
return(NULL);
}
/* vim: set ts=2 sw=2 noet: */

72
lib/libalpm/sha1.h
View File

@ -1,72 +0,0 @@
/* Declarations of functions and data types used for SHA1 sum
library functions.
Copyright (C) 2000, 2001, 2003 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2, or (at your option) any
later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
#ifndef _ALPM_SHA1_H
#define _ALPM_SHA1_H
#include <stdio.h>
#include <limits.h>
#define rol(x,n) ( ((x) << (n)) | ((x) >> (32 -(n))) )
/* TODO check this comment */
/* The code below is from md5.h (from coreutils), little modifications */
#define UINT_MAX_32_BITS 4294967295U
/* This new ifdef allows splint to not fail on its static code check */
#ifdef S_SPLINT_S
typedef unsigned int sha_uint32;
#else
#if UINT_MAX == UINT_MAX_32_BITS
typedef unsigned int sha_uint32;
#else
#if USHRT_MAX == UINT_MAX_32_BITS
typedef unsigned short sha_uint32;
#else
#if ULONG_MAX == UINT_MAX_32_BITS
typedef unsigned long sha_uint32;
#else
/* The following line is intended to evoke an error. Using #error is not portable enough. */
#error "Cannot determine unsigned 32-bit data type"
#endif /* ULONG_MAX */
#endif /* USHRT_MAX */
#endif /* UINT_MAX */
#endif /* S_SPLINT_S */
/* We have to make a guess about the integer type equivalent in size
to pointers which should always be correct. */
typedef unsigned long int sha_uintptr;
/* Structure to save state of computation between the single steps. */
struct sha_ctx
{
sha_uint32 A;
sha_uint32 B;
sha_uint32 C;
sha_uint32 D;
sha_uint32 E;
sha_uint32 total[2];
sha_uint32 buflen;
char buffer[128];
};
/* Needed for pacman */
char *_alpm_SHAFile (char *);
#endif /* _ALPM_SHA1_H */
/* vim: set ts=2 sw=2 noet: */

20
lib/libalpm/sync.c
View File

@ -48,7 +48,6 @@
#include "handle.h"
#include "alpm.h"
#include "md5.h"
#include "sha1.h"
#include "server.h"
pmsyncpkg_t *_alpm_sync_new(int type, pmpkg_t *spkg, void *data)
@ -808,19 +807,18 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
char str[PATH_MAX];
struct stat buf;
const char *pkgname;
char *md5sum1, *md5sum2, *sha1sum1, *sha1sum2;
char *md5sum1, *md5sum2;
char *ptr=NULL;
pkgname = alpm_pkg_get_filename(spkg);
md5sum1 = spkg->md5sum;
sha1sum1 = spkg->sha1sum;
if((md5sum1 == NULL) && (sha1sum1 == NULL)) {
if(md5sum1 == NULL) {
/* TODO wtf is this? malloc'd strings for error messages? */
if((ptr = calloc(512, sizeof(char))) == NULL) {
RET_ERR(PM_ERR_MEMORY, -1);
}
snprintf(ptr, 512, _("can't get md5 or sha1 checksum for package %s\n"), pkgname);
snprintf(ptr, 512, _("can't get md5 checksum for package %s\n"), pkgname);
*data = alpm_list_add(*data, ptr);
retval = 1;
continue;
@ -837,17 +835,16 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
}
md5sum2 = alpm_get_md5sum(str);
sha1sum2 = alpm_get_sha1sum(str);
if(md5sum2 == NULL && sha1sum2 == NULL) {
if(md5sum2 == NULL) {
if((ptr = calloc(512, sizeof(char))) == NULL) {
RET_ERR(PM_ERR_MEMORY, -1);
}
snprintf(ptr, 512, _("can't get md5 or sha1 checksum for package %s\n"), pkgname);
snprintf(ptr, 512, _("can't get md5 checksum for package %s\n"), pkgname);
*data = alpm_list_add(*data, ptr);
retval = 1;
continue;
}
if((strcmp(md5sum1, md5sum2) != 0) && (strcmp(sha1sum1, sha1sum2) != 0)) {
if(strcmp(md5sum1, md5sum2) != 0) {
int doremove=0;
if((ptr = calloc(512, sizeof(char))) == NULL) {
RET_ERR(PM_ERR_MEMORY, -1);
@ -855,15 +852,14 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
QUESTION(trans, PM_TRANS_CONV_CORRUPTED_PKG, (char *)pkgname, NULL, NULL, &doremove);
if(doremove) {
unlink(str);
snprintf(ptr, 512, _("archive %s was corrupted (bad MD5 or SHA1 checksum)\n"), pkgname);
snprintf(ptr, 512, _("archive %s was corrupted (bad MD5 checksum)\n"), pkgname);
} else {
snprintf(ptr, 512, _("archive %s is corrupted (bad MD5 or SHA1 checksum)\n"), pkgname);
snprintf(ptr, 512, _("archive %s is corrupted (bad MD5 checksum)\n"), pkgname);
}
*data = alpm_list_add(*data, ptr);
retval = 1;
}
FREE(md5sum2);
FREE(sha1sum2);
}
if(retval) {
pm_errno = PM_ERR_PKG_CORRUPTED;

21
src/pacman/package.c
View File

@ -110,7 +110,7 @@ void dump_pkg_full(pmpkg_t *pkg, int level)
*/
void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
{
const char *descheader, *md5sum, *sha1sum;
const char *descheader, *md5sum;
if(pkg == NULL) {
return;
}
@ -118,7 +118,6 @@ void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
descheader = _("Description : ");
md5sum = alpm_pkg_get_md5sum(pkg);
sha1sum = alpm_pkg_get_sha1sum(pkg);
printf(_("Repository : %s\n"), treename);
printf(_("Name : %s\n"), (char *)alpm_pkg_get_name(pkg));
@ -139,9 +138,6 @@ void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
if (md5sum != NULL && md5sum[0] != '\0') {
printf(_("MD5 Sum : %s"), md5sum);
}
if (sha1sum != NULL && sha1sum[0] != '\0') {
printf(_("SHA1 Sum : %s"), sha1sum);
}
printf("\n");
}
@ -168,31 +164,22 @@ void dump_pkg_backups(pmpkg_t *pkg)
snprintf(path, PATH_MAX-1, "%s%s", root, str);
/* if we find the file, calculate checksums, otherwise it is missing */
if(!stat(path, &buf)) {
char *sum;
char *md5sum = alpm_get_md5sum(path);
char *sha1sum = alpm_get_sha1sum(path);
if(md5sum == NULL || sha1sum == NULL) {
if(md5sum == NULL) {
fprintf(stderr, _("error: could not calculate checksums for %s\n"),
path);
free(str);
continue;
}
/* TODO Is this a good way to check type of backup stored?
* We aren't storing it anywhere in the database. */
if (strlen(ptr) == 32) {
sum = md5sum;
} else { /*if (strlen(ptr) == 40) */
sum = sha1sum;
}
/* if checksums don't match, file has been modified */
if (strcmp(sum, ptr)) {
if (strcmp(md5sum, ptr)) {
printf(_("MODIFIED\t%s\n"), path);
} else {
printf(_("Not Modified\t%s\n"), path);
}
free(md5sum);
free(sha1sum);
} else {
printf(_("MISSING\t\t%s\n"), path);
}