Remove support for SHA1 from pacman.
There's no need for a second hashing algorithm. MD5 serves the purpose of verifying that a package file hasn't been corrupted during download. Signed-off-by: Andrew Fyfe <andrew@neptune-one.net> Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
parent
ee977019e3
commit
ba67fdae63
|
@ -29,7 +29,6 @@ pacman=~/devel/pacman-lib CD=. flags=S {
|
|||
provide.c
|
||||
remove.c
|
||||
server.c
|
||||
sha1.c
|
||||
sync.c
|
||||
trans.c
|
||||
util.c
|
||||
|
@ -50,7 +49,6 @@ pacman=~/devel/pacman-lib CD=. flags=S {
|
|||
provide.h
|
||||
remove.h
|
||||
server.h
|
||||
sha1.h
|
||||
sync.h
|
||||
trans.h
|
||||
util.h
|
||||
|
|
|
@ -29,7 +29,6 @@ libalpm_la_SOURCES = \
|
|||
provide.h provide.c \
|
||||
remove.h remove.c \
|
||||
server.h server.c \
|
||||
sha1.h sha1.c \
|
||||
sync.h sync.c \
|
||||
trans.h trans.c \
|
||||
util.h util.c
|
||||
|
|
|
@ -42,7 +42,6 @@
|
|||
#include "error.h"
|
||||
#include "cache.h"
|
||||
#include "md5.h"
|
||||
#include "sha1.h"
|
||||
#include "log.h"
|
||||
#include "backup.h"
|
||||
#include "package.h"
|
||||
|
@ -336,7 +335,6 @@ static int extract_single_file(struct archive *archive,
|
|||
char filename[PATH_MAX]; /* the actual file we're extracting */
|
||||
int needbackup = 0, notouch = 0;
|
||||
char *hash_orig = NULL;
|
||||
int use_md5 = 0;
|
||||
const int archive_flags = ARCHIVE_EXTRACT_OWNER |
|
||||
ARCHIVE_EXTRACT_PERM |
|
||||
ARCHIVE_EXTRACT_TIME;
|
||||
|
@ -485,10 +483,6 @@ static int extract_single_file(struct archive *archive,
|
|||
/* case 5,8: don't need to do anything special */
|
||||
}
|
||||
|
||||
if(strlen(newpkg->sha1sum) == 0) {
|
||||
use_md5 = 1;
|
||||
}
|
||||
|
||||
if(needbackup) {
|
||||
char *tempfile = NULL;
|
||||
char *hash_local = NULL, *hash_pkg = NULL;
|
||||
|
@ -516,15 +510,10 @@ static int extract_single_file(struct archive *archive,
|
|||
return(1);
|
||||
}
|
||||
|
||||
if(use_md5) {
|
||||
hash_local = _alpm_MDFile(filename);
|
||||
hash_pkg = _alpm_MDFile(tempfile);
|
||||
} else {
|
||||
hash_local = _alpm_SHAFile(filename);
|
||||
hash_pkg = _alpm_SHAFile(tempfile);
|
||||
}
|
||||
hash_local = _alpm_MDFile(filename);
|
||||
hash_pkg = _alpm_MDFile(tempfile);
|
||||
|
||||
/* append the new md5 or sha1 hash to it's respective entry
|
||||
/* append the new md5 hash to it's respective entry
|
||||
* in newpkg's backup (it will be the new orginal) */
|
||||
alpm_list_t *backups;
|
||||
for(backups = alpm_pkg_get_backup(newpkg); backups;
|
||||
|
@ -534,14 +523,7 @@ static int extract_single_file(struct archive *archive,
|
|||
return(0);
|
||||
}
|
||||
char *backup = NULL;
|
||||
int backup_len = strlen(oldbackup) + 2; /* tab char and null byte */
|
||||
|
||||
if(use_md5) {
|
||||
backup_len += 32; /* MD5s are 32 chars in length */
|
||||
} else {
|
||||
backup_len += 40; /* SHA1s are 40 chars in length */
|
||||
}
|
||||
|
||||
int backup_len = strlen(oldbackup) + 34; /* tab char, null byte and MD5 (32 char) */
|
||||
backup = malloc(backup_len);
|
||||
if(!backup) {
|
||||
RET_ERR(PM_ERR_MEMORY, -1);
|
||||
|
@ -673,21 +655,14 @@ static int extract_single_file(struct archive *archive,
|
|||
for(b = alpm_pkg_get_backup(newpkg); b; b = b->next) {
|
||||
char *backup = NULL, *hash = NULL;
|
||||
char *oldbackup = alpm_list_getdata(b);
|
||||
int backup_len = strlen(oldbackup) + 2; /* tab char and null byte */
|
||||
int backup_len = strlen(oldbackup) + 34; /* tab char, null byte and MD5 (32 char) */
|
||||
|
||||
if(!oldbackup || strcmp(oldbackup, entryname) != 0) {
|
||||
return(0);
|
||||
}
|
||||
_alpm_log(PM_LOG_DEBUG, "appending backup entry for %s", filename);
|
||||
|
||||
if(use_md5) {
|
||||
backup_len += 32; /* MD5s are 32 chars in length */
|
||||
hash = _alpm_MDFile(filename);
|
||||
} else {
|
||||
backup_len += 40; /* SHA1s are 40 chars in length */
|
||||
hash = _alpm_SHAFile(filename);
|
||||
}
|
||||
|
||||
hash = _alpm_MDFile(filename);
|
||||
backup = malloc(backup_len);
|
||||
if(!backup) {
|
||||
RET_ERR(PM_ERR_MEMORY, -1);
|
||||
|
|
|
@ -188,7 +188,6 @@ typedef enum _pmpkghasarch_t {
|
|||
int alpm_pkg_load(const char *filename, pmpkg_t **pkg);
|
||||
int alpm_pkg_free(pmpkg_t *pkg);
|
||||
int alpm_pkg_checkmd5sum(pmpkg_t *pkg);
|
||||
int alpm_pkg_checksha1sum(pmpkg_t *pkg);
|
||||
char *alpm_fetch_pkgurl(const char *url);
|
||||
int alpm_pkg_vercmp(const char *ver1, const char *ver2);
|
||||
char *alpm_pkg_name_hasarch(const char *pkgname);
|
||||
|
@ -203,7 +202,6 @@ const char *alpm_pkg_get_buildtype(pmpkg_t *pkg);
|
|||
const char *alpm_pkg_get_installdate(pmpkg_t *pkg);
|
||||
const char *alpm_pkg_get_packager(pmpkg_t *pkg);
|
||||
const char *alpm_pkg_get_md5sum(pmpkg_t *pkg);
|
||||
const char *alpm_pkg_get_sha1sum(pmpkg_t *pkg);
|
||||
const char *alpm_pkg_get_arch(pmpkg_t *pkg);
|
||||
unsigned long alpm_pkg_get_size(pmpkg_t *pkg);
|
||||
unsigned long alpm_pkg_get_isize(pmpkg_t *pkg);
|
||||
|
@ -382,7 +380,6 @@ const char *alpm_conflict_get_ctarget(pmconflict_t *conflict);
|
|||
|
||||
/* checksums */
|
||||
char *alpm_get_md5sum(char *name);
|
||||
char *alpm_get_sha1sum(char *name);
|
||||
|
||||
/*
|
||||
* Errors
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
#include "util.h"
|
||||
|
||||
/* Look for a filename in a pmpkg_t.backup list. If we find it,
|
||||
* then we return the md5 or sha1 hash (parsed from the same line)
|
||||
* then we return the md5 hash (parsed from the same line)
|
||||
*/
|
||||
char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
|
||||
{
|
||||
|
@ -46,7 +46,7 @@ char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
|
|||
return(NULL);
|
||||
}
|
||||
|
||||
/* run through the backup list and parse out the md5 or sha1 hash for our file */
|
||||
/* run through the backup list and parse out the md5 hash for our file */
|
||||
for(lp = backup; lp; lp = lp->next) {
|
||||
char *str = strdup(lp->data);
|
||||
char *ptr;
|
||||
|
@ -59,7 +59,7 @@ char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
|
|||
}
|
||||
*ptr = '\0';
|
||||
ptr++;
|
||||
/* now str points to the filename and ptr points to the md5 or sha1 hash */
|
||||
/* now str points to the filename and ptr points to the md5 hash */
|
||||
if(strcmp(file, str) == 0) {
|
||||
char *hash = strdup(ptr);
|
||||
FREE(str);
|
||||
|
|
|
@ -361,12 +361,6 @@ int _alpm_db_read(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq)
|
|||
}
|
||||
_alpm_strtrim(tmp);
|
||||
info->isize = atol(tmp);
|
||||
} else if(!strcmp(line, "%SHA1SUM%")) {
|
||||
/* SHA1SUM tag only appears in sync repositories,
|
||||
* not the local one. */
|
||||
if(fgets(info->sha1sum, sizeof(info->sha1sum), fp) == NULL) {
|
||||
goto error;
|
||||
}
|
||||
} else if(!strcmp(line, "%MD5SUM%")) {
|
||||
/* MD5SUM tag only appears in sync repositories,
|
||||
* not the local one. */
|
||||
|
@ -571,10 +565,7 @@ int _alpm_db_write(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq)
|
|||
fprintf(fp, "%%ISIZE%%\n"
|
||||
"%lu\n\n", info->isize);
|
||||
}
|
||||
if(info->sha1sum) {
|
||||
fprintf(fp, "%%SHA1SUM%%\n"
|
||||
"%s\n\n", info->sha1sum);
|
||||
} else if(info->md5sum) {
|
||||
if(info->md5sum) {
|
||||
fprintf(fp, "%%MD5SUM%%\n"
|
||||
"%s\n\n", info->md5sum);
|
||||
}
|
||||
|
|
|
@ -95,57 +95,6 @@ int SYMEXPORT alpm_pkg_free(pmpkg_t *pkg)
|
|||
return(0);
|
||||
}
|
||||
|
||||
/** Check the integrity (with sha1) of a package from the sync cache.
|
||||
* @param pkg package pointer
|
||||
* @return 0 on success, -1 on error (pm_errno is set accordingly)
|
||||
*/
|
||||
int SYMEXPORT alpm_pkg_checksha1sum(pmpkg_t *pkg)
|
||||
{
|
||||
char path[PATH_MAX];
|
||||
struct stat buf;
|
||||
char *sha1sum = NULL;
|
||||
alpm_list_t *i;
|
||||
int retval = 0;
|
||||
|
||||
ALPM_LOG_FUNC;
|
||||
|
||||
ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1));
|
||||
/* We only inspect packages from sync repositories */
|
||||
ASSERT(pkg->origin == PKG_FROM_CACHE, RET_ERR(PM_ERR_PKG_INVALID, -1));
|
||||
ASSERT(pkg->origin_data.db != handle->db_local, RET_ERR(PM_ERR_PKG_INVALID, -1));
|
||||
|
||||
/* Loop through the cache dirs until we find a matching file */
|
||||
for(i = alpm_option_get_cachedirs(); i; i = alpm_list_next(i)) {
|
||||
snprintf(path, PATH_MAX, "%s%s-%s" PKGEXT, (char*)alpm_list_getdata(i),
|
||||
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
|
||||
if(stat(path, &buf) == 0) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
sha1sum = alpm_get_sha1sum(path);
|
||||
if(sha1sum == NULL) {
|
||||
_alpm_log(PM_LOG_ERROR, _("could not get sha1sum for package %s-%s"),
|
||||
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
|
||||
pm_errno = PM_ERR_NOT_A_FILE;
|
||||
retval = -1;
|
||||
} else {
|
||||
if(strcmp(sha1sum, alpm_pkg_get_sha1sum(pkg)) == 0) {
|
||||
_alpm_log(PM_LOG_DEBUG, "sha1sums for package %s-%s match",
|
||||
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
|
||||
} else {
|
||||
_alpm_log(PM_LOG_ERROR, _("sha1sums do not match for package %s-%s"),
|
||||
alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
|
||||
pm_errno = PM_ERR_PKG_INVALID;
|
||||
retval = -1;
|
||||
}
|
||||
}
|
||||
|
||||
FREE(sha1sum);
|
||||
|
||||
return(retval);
|
||||
}
|
||||
|
||||
/** Check the integrity (with md5) of a package from the sync cache.
|
||||
* @param pkg package pointer
|
||||
* @return 0 on success, -1 on error (pm_errno is set accordingly)
|
||||
|
@ -392,20 +341,6 @@ const char SYMEXPORT *alpm_pkg_get_md5sum(pmpkg_t *pkg)
|
|||
return pkg->md5sum;
|
||||
}
|
||||
|
||||
const char SYMEXPORT *alpm_pkg_get_sha1sum(pmpkg_t *pkg)
|
||||
{
|
||||
ALPM_LOG_FUNC;
|
||||
|
||||
/* Sanity checks */
|
||||
ASSERT(handle != NULL, return(NULL));
|
||||
ASSERT(pkg != NULL, return(NULL));
|
||||
|
||||
if(pkg->origin == PKG_FROM_CACHE && !(pkg->infolevel & INFRQ_DESC)) {
|
||||
_alpm_db_read(pkg->origin_data.db, pkg, INFRQ_DESC);
|
||||
}
|
||||
return pkg->sha1sum;
|
||||
}
|
||||
|
||||
const char SYMEXPORT *alpm_pkg_get_arch(pmpkg_t *pkg)
|
||||
{
|
||||
ALPM_LOG_FUNC;
|
||||
|
|
|
@ -46,7 +46,6 @@ typedef enum _pmpkgfrom_t {
|
|||
#define PKG_TYPE_LEN 32
|
||||
#define PKG_PACKAGER_LEN 64
|
||||
#define PKG_MD5SUM_LEN 33
|
||||
#define PKG_SHA1SUM_LEN 41
|
||||
#define PKG_ARCH_LEN 32
|
||||
|
||||
struct __pmpkg_t {
|
||||
|
@ -59,7 +58,6 @@ struct __pmpkg_t {
|
|||
char installdate[PKG_DATE_LEN];
|
||||
char packager[PKG_PACKAGER_LEN];
|
||||
char md5sum[PKG_MD5SUM_LEN];
|
||||
char sha1sum[PKG_SHA1SUM_LEN];
|
||||
char arch[PKG_ARCH_LEN];
|
||||
unsigned long size;
|
||||
unsigned long isize;
|
||||
|
|
|
@ -40,7 +40,6 @@
|
|||
#include "util.h"
|
||||
#include "error.h"
|
||||
#include "md5.h"
|
||||
#include "sha1.h"
|
||||
#include "log.h"
|
||||
#include "backup.h"
|
||||
#include "package.h"
|
||||
|
|
|
@ -1,431 +0,0 @@
|
|||
/* sha.c - Functions to compute SHA1 message digest of files or
|
||||
memory blocks according to the NIST specification FIPS-180-1.
|
||||
|
||||
Copyright (C) 2000, 2001, 2003 Free Software Foundation, Inc.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify it
|
||||
under the terms of the GNU General Public License as published by the
|
||||
Free Software Foundation; either version 2, or (at your option) any
|
||||
later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software Foundation,
|
||||
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
|
||||
|
||||
/* Written by Scott G. Miller
|
||||
Credits:
|
||||
Robert Klep <robert@ilse.nl> -- Expansion function fix
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
/* libalpm */
|
||||
#include "sha1.h"
|
||||
#include "alpm.h"
|
||||
#include "log.h"
|
||||
#include "util.h"
|
||||
|
||||
/*
|
||||
Not-swap is a macro that does an endian swap on architectures that are
|
||||
big-endian, as SHA needs some data in a little-endian format
|
||||
*/
|
||||
|
||||
#ifdef WORDS_BIGENDIAN
|
||||
# define NOTSWAP(n) (n)
|
||||
# define SWAP(n) \
|
||||
(((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
|
||||
#else
|
||||
# define NOTSWAP(n) \
|
||||
(((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
|
||||
# define SWAP(n) (n)
|
||||
#endif
|
||||
|
||||
#define BLOCKSIZE 4096
|
||||
/* Ensure that BLOCKSIZE is a multiple of 64. */
|
||||
#if BLOCKSIZE % 64 != 0
|
||||
/* FIXME-someday (soon?): use #error instead of this kludge. */
|
||||
"invalid BLOCKSIZE"
|
||||
#endif
|
||||
|
||||
/* This array contains the bytes used to pad the buffer to the next
|
||||
64-byte boundary. (RFC 1321, 3.1: Step 1) */
|
||||
static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
|
||||
|
||||
|
||||
/* Starting with the result of former calls of this function (or the
|
||||
initialization function update the context for the next LEN bytes
|
||||
starting at BUFFER.
|
||||
It is necessary that LEN is a multiple of 64!!! */
|
||||
static void sha_process_block (const void *buffer, size_t len,
|
||||
struct sha_ctx *ctx);
|
||||
|
||||
/* Starting with the result of former calls of this function (or the
|
||||
initialization function update the context for the next LEN bytes
|
||||
starting at BUFFER.
|
||||
It is NOT required that LEN is a multiple of 64. */
|
||||
static void sha_process_bytes (const void *buffer, size_t len,
|
||||
struct sha_ctx *ctx);
|
||||
|
||||
/* Put result from CTX in first 20 bytes following RESBUF. The result is
|
||||
always in little endian byte order, so that a byte-wise output yields
|
||||
to the wanted ASCII representation of the message digest.
|
||||
|
||||
IMPORTANT: On some systems it is required that RESBUF is correctly
|
||||
aligned for a 32 bits value. */
|
||||
static void *sha_read_ctx (const struct sha_ctx *ctx, void *resbuf);
|
||||
|
||||
/*
|
||||
Takes a pointer to a 160 bit block of data (five 32 bit ints) and
|
||||
intializes it to the start constants of the SHA1 algorithm. This
|
||||
must be called before using hash in the call to sha_hash
|
||||
*/
|
||||
static void
|
||||
sha_init_ctx (struct sha_ctx *ctx)
|
||||
{
|
||||
ctx->A = 0x67452301;
|
||||
ctx->B = 0xefcdab89;
|
||||
ctx->C = 0x98badcfe;
|
||||
ctx->D = 0x10325476;
|
||||
ctx->E = 0xc3d2e1f0;
|
||||
|
||||
ctx->total[0] = ctx->total[1] = 0;
|
||||
ctx->buflen = 0;
|
||||
}
|
||||
|
||||
/* Put result from CTX in first 20 bytes following RESBUF. The result
|
||||
must be in little endian byte order.
|
||||
|
||||
IMPORTANT: On some systems it is required that RESBUF is correctly
|
||||
aligned for a 32 bits value. */
|
||||
static void *
|
||||
sha_read_ctx (const struct sha_ctx *ctx, void *resbuf)
|
||||
{
|
||||
((sha_uint32 *) resbuf)[0] = NOTSWAP (ctx->A);
|
||||
((sha_uint32 *) resbuf)[1] = NOTSWAP (ctx->B);
|
||||
((sha_uint32 *) resbuf)[2] = NOTSWAP (ctx->C);
|
||||
((sha_uint32 *) resbuf)[3] = NOTSWAP (ctx->D);
|
||||
((sha_uint32 *) resbuf)[4] = NOTSWAP (ctx->E);
|
||||
|
||||
return resbuf;
|
||||
}
|
||||
|
||||
/* Process the remaining bytes in the internal buffer and the usual
|
||||
prolog according to the standard and write the result to RESBUF.
|
||||
|
||||
IMPORTANT: On some systems it is required that RESBUF is correctly
|
||||
aligned for a 32 bits value. */
|
||||
static void *
|
||||
sha_finish_ctx (struct sha_ctx *ctx, void *resbuf)
|
||||
{
|
||||
/* Take yet unprocessed bytes into account. */
|
||||
sha_uint32 bytes = ctx->buflen;
|
||||
size_t pad;
|
||||
|
||||
/* Now count remaining bytes. */
|
||||
ctx->total[0] += bytes;
|
||||
if (ctx->total[0] < bytes)
|
||||
++ctx->total[1];
|
||||
|
||||
pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
|
||||
memcpy (&ctx->buffer[bytes], fillbuf, pad);
|
||||
|
||||
/* Put the 64-bit file length in *bits* at the end of the buffer. */
|
||||
*(sha_uint32 *) &ctx->buffer[bytes + pad + 4] = NOTSWAP (ctx->total[0] << 3);
|
||||
*(sha_uint32 *) &ctx->buffer[bytes + pad] = NOTSWAP ((ctx->total[1] << 3) |
|
||||
(ctx->total[0] >> 29));
|
||||
|
||||
/* Process last bytes. */
|
||||
sha_process_block (ctx->buffer, bytes + pad + 8, ctx);
|
||||
|
||||
return sha_read_ctx (ctx, resbuf);
|
||||
}
|
||||
|
||||
static void
|
||||
sha_process_bytes (const void *buffer, size_t len, struct sha_ctx *ctx)
|
||||
{
|
||||
/* When we already have some bits in our internal buffer concatenate
|
||||
both inputs first. */
|
||||
if (ctx->buflen != 0)
|
||||
{
|
||||
size_t left_over = ctx->buflen;
|
||||
size_t add = 128 - left_over > len ? len : 128 - left_over;
|
||||
|
||||
memcpy (&ctx->buffer[left_over], buffer, add);
|
||||
ctx->buflen += add;
|
||||
|
||||
if (ctx->buflen > 64)
|
||||
{
|
||||
sha_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
|
||||
|
||||
ctx->buflen &= 63;
|
||||
/* The regions in the following copy operation cannot overlap. */
|
||||
memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
|
||||
ctx->buflen);
|
||||
}
|
||||
|
||||
buffer = (const char *) buffer + add;
|
||||
len -= add;
|
||||
}
|
||||
|
||||
/* Process available complete blocks. */
|
||||
if (len >= 64)
|
||||
{
|
||||
#if !_STRING_ARCH_unaligned
|
||||
/* To check alignment gcc has an appropriate operator. Other
|
||||
compilers don't. */
|
||||
# if __GNUC__ >= 2
|
||||
# define UNALIGNED_P(p) (((sha_uintptr) p) % __alignof__ (sha_uint32) != 0)
|
||||
# else
|
||||
# define UNALIGNED_P(p) (((sha_uintptr) p) % sizeof (sha_uint32) != 0)
|
||||
# endif
|
||||
if (UNALIGNED_P (buffer))
|
||||
while (len > 64)
|
||||
{
|
||||
sha_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
|
||||
buffer = (const char *) buffer + 64;
|
||||
len -= 64;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
sha_process_block (buffer, len & ~63, ctx);
|
||||
buffer = (const char *) buffer + (len & ~63);
|
||||
len &= 63;
|
||||
}
|
||||
}
|
||||
|
||||
/* Move remaining bytes in internal buffer. */
|
||||
if (len > 0)
|
||||
{
|
||||
size_t left_over = ctx->buflen;
|
||||
|
||||
memcpy (&ctx->buffer[left_over], buffer, len);
|
||||
left_over += len;
|
||||
if (left_over >= 64)
|
||||
{
|
||||
sha_process_block (ctx->buffer, 64, ctx);
|
||||
left_over -= 64;
|
||||
memcpy (ctx->buffer, &ctx->buffer[64], left_over);
|
||||
}
|
||||
ctx->buflen = left_over;
|
||||
}
|
||||
}
|
||||
|
||||
/* --- Code below is the primary difference between md5.c and sha.c --- */
|
||||
|
||||
/* SHA1 round constants */
|
||||
#define K1 0x5a827999L
|
||||
#define K2 0x6ed9eba1L
|
||||
#define K3 0x8f1bbcdcL
|
||||
#define K4 0xca62c1d6L
|
||||
|
||||
/* Round functions. Note that F2 is the same as F4. */
|
||||
#define F1(B,C,D) ( D ^ ( B & ( C ^ D ) ) )
|
||||
#define F2(B,C,D) (B ^ C ^ D)
|
||||
#define F3(B,C,D) ( ( B & C ) | ( D & ( B | C ) ) )
|
||||
#define F4(B,C,D) (B ^ C ^ D)
|
||||
|
||||
/* Process LEN bytes of BUFFER, accumulating context into CTX.
|
||||
It is assumed that LEN % 64 == 0.
|
||||
Most of this code comes from GnuPG's cipher/sha1.c. */
|
||||
|
||||
static void
|
||||
sha_process_block (const void *buffer, size_t len, struct sha_ctx *ctx)
|
||||
{
|
||||
const sha_uint32 *words = buffer;
|
||||
size_t nwords = len / sizeof (sha_uint32);
|
||||
const sha_uint32 *endp = words + nwords;
|
||||
sha_uint32 x[16];
|
||||
sha_uint32 a = ctx->A;
|
||||
sha_uint32 b = ctx->B;
|
||||
sha_uint32 c = ctx->C;
|
||||
sha_uint32 d = ctx->D;
|
||||
sha_uint32 e = ctx->E;
|
||||
|
||||
/* First increment the byte count. RFC 1321 specifies the possible
|
||||
length of the file up to 2^64 bits. Here we only compute the
|
||||
number of bytes. Do a double word increment. */
|
||||
ctx->total[0] += len;
|
||||
if (ctx->total[0] < len)
|
||||
++ctx->total[1];
|
||||
|
||||
#define M(I) ( tm = x[I&0x0f] ^ x[(I-14)&0x0f] \
|
||||
^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \
|
||||
, (x[I&0x0f] = rol(tm, 1)) )
|
||||
|
||||
#define R(A,B,C,D,E,F,K,M) do { E += rol( A, 5 ) \
|
||||
+ F( B, C, D ) \
|
||||
+ K \
|
||||
+ M; \
|
||||
B = rol( B, 30 ); \
|
||||
} while(0)
|
||||
|
||||
while (words < endp)
|
||||
{
|
||||
sha_uint32 tm;
|
||||
int t;
|
||||
/* FIXME: see sha1.c for a better implementation. */
|
||||
for (t = 0; t < 16; t++)
|
||||
{
|
||||
x[t] = NOTSWAP (*words);
|
||||
words++;
|
||||
}
|
||||
|
||||
R( a, b, c, d, e, F1, K1, x[ 0] );
|
||||
R( e, a, b, c, d, F1, K1, x[ 1] );
|
||||
R( d, e, a, b, c, F1, K1, x[ 2] );
|
||||
R( c, d, e, a, b, F1, K1, x[ 3] );
|
||||
R( b, c, d, e, a, F1, K1, x[ 4] );
|
||||
R( a, b, c, d, e, F1, K1, x[ 5] );
|
||||
R( e, a, b, c, d, F1, K1, x[ 6] );
|
||||
R( d, e, a, b, c, F1, K1, x[ 7] );
|
||||
R( c, d, e, a, b, F1, K1, x[ 8] );
|
||||
R( b, c, d, e, a, F1, K1, x[ 9] );
|
||||
R( a, b, c, d, e, F1, K1, x[10] );
|
||||
R( e, a, b, c, d, F1, K1, x[11] );
|
||||
R( d, e, a, b, c, F1, K1, x[12] );
|
||||
R( c, d, e, a, b, F1, K1, x[13] );
|
||||
R( b, c, d, e, a, F1, K1, x[14] );
|
||||
R( a, b, c, d, e, F1, K1, x[15] );
|
||||
R( e, a, b, c, d, F1, K1, M(16) );
|
||||
R( d, e, a, b, c, F1, K1, M(17) );
|
||||
R( c, d, e, a, b, F1, K1, M(18) );
|
||||
R( b, c, d, e, a, F1, K1, M(19) );
|
||||
R( a, b, c, d, e, F2, K2, M(20) );
|
||||
R( e, a, b, c, d, F2, K2, M(21) );
|
||||
R( d, e, a, b, c, F2, K2, M(22) );
|
||||
R( c, d, e, a, b, F2, K2, M(23) );
|
||||
R( b, c, d, e, a, F2, K2, M(24) );
|
||||
R( a, b, c, d, e, F2, K2, M(25) );
|
||||
R( e, a, b, c, d, F2, K2, M(26) );
|
||||
R( d, e, a, b, c, F2, K2, M(27) );
|
||||
R( c, d, e, a, b, F2, K2, M(28) );
|
||||
R( b, c, d, e, a, F2, K2, M(29) );
|
||||
R( a, b, c, d, e, F2, K2, M(30) );
|
||||
R( e, a, b, c, d, F2, K2, M(31) );
|
||||
R( d, e, a, b, c, F2, K2, M(32) );
|
||||
R( c, d, e, a, b, F2, K2, M(33) );
|
||||
R( b, c, d, e, a, F2, K2, M(34) );
|
||||
R( a, b, c, d, e, F2, K2, M(35) );
|
||||
R( e, a, b, c, d, F2, K2, M(36) );
|
||||
R( d, e, a, b, c, F2, K2, M(37) );
|
||||
R( c, d, e, a, b, F2, K2, M(38) );
|
||||
R( b, c, d, e, a, F2, K2, M(39) );
|
||||
R( a, b, c, d, e, F3, K3, M(40) );
|
||||
R( e, a, b, c, d, F3, K3, M(41) );
|
||||
R( d, e, a, b, c, F3, K3, M(42) );
|
||||
R( c, d, e, a, b, F3, K3, M(43) );
|
||||
R( b, c, d, e, a, F3, K3, M(44) );
|
||||
R( a, b, c, d, e, F3, K3, M(45) );
|
||||
R( e, a, b, c, d, F3, K3, M(46) );
|
||||
R( d, e, a, b, c, F3, K3, M(47) );
|
||||
R( c, d, e, a, b, F3, K3, M(48) );
|
||||
R( b, c, d, e, a, F3, K3, M(49) );
|
||||
R( a, b, c, d, e, F3, K3, M(50) );
|
||||
R( e, a, b, c, d, F3, K3, M(51) );
|
||||
R( d, e, a, b, c, F3, K3, M(52) );
|
||||
R( c, d, e, a, b, F3, K3, M(53) );
|
||||
R( b, c, d, e, a, F3, K3, M(54) );
|
||||
R( a, b, c, d, e, F3, K3, M(55) );
|
||||
R( e, a, b, c, d, F3, K3, M(56) );
|
||||
R( d, e, a, b, c, F3, K3, M(57) );
|
||||
R( c, d, e, a, b, F3, K3, M(58) );
|
||||
R( b, c, d, e, a, F3, K3, M(59) );
|
||||
R( a, b, c, d, e, F4, K4, M(60) );
|
||||
R( e, a, b, c, d, F4, K4, M(61) );
|
||||
R( d, e, a, b, c, F4, K4, M(62) );
|
||||
R( c, d, e, a, b, F4, K4, M(63) );
|
||||
R( b, c, d, e, a, F4, K4, M(64) );
|
||||
R( a, b, c, d, e, F4, K4, M(65) );
|
||||
R( e, a, b, c, d, F4, K4, M(66) );
|
||||
R( d, e, a, b, c, F4, K4, M(67) );
|
||||
R( c, d, e, a, b, F4, K4, M(68) );
|
||||
R( b, c, d, e, a, F4, K4, M(69) );
|
||||
R( a, b, c, d, e, F4, K4, M(70) );
|
||||
R( e, a, b, c, d, F4, K4, M(71) );
|
||||
R( d, e, a, b, c, F4, K4, M(72) );
|
||||
R( c, d, e, a, b, F4, K4, M(73) );
|
||||
R( b, c, d, e, a, F4, K4, M(74) );
|
||||
R( a, b, c, d, e, F4, K4, M(75) );
|
||||
R( e, a, b, c, d, F4, K4, M(76) );
|
||||
R( d, e, a, b, c, F4, K4, M(77) );
|
||||
R( c, d, e, a, b, F4, K4, M(78) );
|
||||
R( b, c, d, e, a, F4, K4, M(79) );
|
||||
|
||||
a = ctx->A += a;
|
||||
b = ctx->B += b;
|
||||
c = ctx->C += c;
|
||||
d = ctx->D += d;
|
||||
e = ctx->E += e;
|
||||
}
|
||||
}
|
||||
|
||||
/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
|
||||
rights reserved.
|
||||
|
||||
RSA Data Security, Inc. makes no representations concerning either
|
||||
the merchantability of this software or the suitability of this
|
||||
software for any particular purpose. It is provided "as is"
|
||||
without express or implied warranty of any kind.
|
||||
|
||||
These notices must be retained in any copies of any part of this
|
||||
documentation and/or software.
|
||||
*/
|
||||
|
||||
/** Get the sha1 sum of file.
|
||||
* @param name name of the file
|
||||
* @return the checksum on success, NULL on error
|
||||
* @addtogroup alpm_misc
|
||||
*/
|
||||
char SYMEXPORT *alpm_get_sha1sum(char *name)
|
||||
{
|
||||
ALPM_LOG_FUNC;
|
||||
|
||||
ASSERT(name != NULL, return(NULL));
|
||||
|
||||
return(_alpm_SHAFile(name));
|
||||
}
|
||||
|
||||
char* _alpm_SHAFile(char *filename) {
|
||||
FILE *file;
|
||||
struct sha_ctx context;
|
||||
int len, i;
|
||||
char hex[3];
|
||||
unsigned char buffer[1024], digest[20];
|
||||
char *ret;
|
||||
|
||||
ALPM_LOG_FUNC;
|
||||
|
||||
if((file = fopen(filename, "rb")) == NULL) {
|
||||
_alpm_log(PM_LOG_ERROR, _("sha1: %s can't be opened\n"), filename);
|
||||
} else {
|
||||
sha_init_ctx(&context);
|
||||
while((len = fread(buffer, 1, 1024, file))) {
|
||||
sha_process_bytes(buffer, len, &context);
|
||||
}
|
||||
sha_finish_ctx(&context, digest);
|
||||
fclose(file);
|
||||
|
||||
ret = (char*)malloc(41);
|
||||
ret[0] = '\0';
|
||||
for(i = 0; i < 20; i++) {
|
||||
snprintf(hex, 3, "%02x", digest[i]);
|
||||
strncat(ret, hex, 2);
|
||||
}
|
||||
_alpm_log(PM_LOG_DEBUG, "sha1(%s) = %s", filename, ret);
|
||||
return(ret);
|
||||
}
|
||||
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
/* vim: set ts=2 sw=2 noet: */
|
|
@ -1,72 +0,0 @@
|
|||
/* Declarations of functions and data types used for SHA1 sum
|
||||
library functions.
|
||||
Copyright (C) 2000, 2001, 2003 Free Software Foundation, Inc.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify it
|
||||
under the terms of the GNU General Public License as published by the
|
||||
Free Software Foundation; either version 2, or (at your option) any
|
||||
later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software Foundation,
|
||||
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
|
||||
#ifndef _ALPM_SHA1_H
|
||||
#define _ALPM_SHA1_H
|
||||
|
||||
#include <stdio.h>
|
||||
#include <limits.h>
|
||||
|
||||
#define rol(x,n) ( ((x) << (n)) | ((x) >> (32 -(n))) )
|
||||
/* TODO check this comment */
|
||||
/* The code below is from md5.h (from coreutils), little modifications */
|
||||
#define UINT_MAX_32_BITS 4294967295U
|
||||
|
||||
/* This new ifdef allows splint to not fail on its static code check */
|
||||
#ifdef S_SPLINT_S
|
||||
typedef unsigned int sha_uint32;
|
||||
#else
|
||||
#if UINT_MAX == UINT_MAX_32_BITS
|
||||
typedef unsigned int sha_uint32;
|
||||
#else
|
||||
#if USHRT_MAX == UINT_MAX_32_BITS
|
||||
typedef unsigned short sha_uint32;
|
||||
#else
|
||||
#if ULONG_MAX == UINT_MAX_32_BITS
|
||||
typedef unsigned long sha_uint32;
|
||||
#else
|
||||
/* The following line is intended to evoke an error. Using #error is not portable enough. */
|
||||
#error "Cannot determine unsigned 32-bit data type"
|
||||
#endif /* ULONG_MAX */
|
||||
#endif /* USHRT_MAX */
|
||||
#endif /* UINT_MAX */
|
||||
#endif /* S_SPLINT_S */
|
||||
/* We have to make a guess about the integer type equivalent in size
|
||||
to pointers which should always be correct. */
|
||||
typedef unsigned long int sha_uintptr;
|
||||
|
||||
/* Structure to save state of computation between the single steps. */
|
||||
struct sha_ctx
|
||||
{
|
||||
sha_uint32 A;
|
||||
sha_uint32 B;
|
||||
sha_uint32 C;
|
||||
sha_uint32 D;
|
||||
sha_uint32 E;
|
||||
|
||||
sha_uint32 total[2];
|
||||
sha_uint32 buflen;
|
||||
char buffer[128];
|
||||
};
|
||||
|
||||
|
||||
/* Needed for pacman */
|
||||
char *_alpm_SHAFile (char *);
|
||||
|
||||
#endif /* _ALPM_SHA1_H */
|
||||
|
||||
/* vim: set ts=2 sw=2 noet: */
|
|
@ -48,7 +48,6 @@
|
|||
#include "handle.h"
|
||||
#include "alpm.h"
|
||||
#include "md5.h"
|
||||
#include "sha1.h"
|
||||
#include "server.h"
|
||||
|
||||
pmsyncpkg_t *_alpm_sync_new(int type, pmpkg_t *spkg, void *data)
|
||||
|
@ -808,19 +807,18 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
|
|||
char str[PATH_MAX];
|
||||
struct stat buf;
|
||||
const char *pkgname;
|
||||
char *md5sum1, *md5sum2, *sha1sum1, *sha1sum2;
|
||||
char *md5sum1, *md5sum2;
|
||||
char *ptr=NULL;
|
||||
|
||||
pkgname = alpm_pkg_get_filename(spkg);
|
||||
md5sum1 = spkg->md5sum;
|
||||
sha1sum1 = spkg->sha1sum;
|
||||
|
||||
if((md5sum1 == NULL) && (sha1sum1 == NULL)) {
|
||||
if(md5sum1 == NULL) {
|
||||
/* TODO wtf is this? malloc'd strings for error messages? */
|
||||
if((ptr = calloc(512, sizeof(char))) == NULL) {
|
||||
RET_ERR(PM_ERR_MEMORY, -1);
|
||||
}
|
||||
snprintf(ptr, 512, _("can't get md5 or sha1 checksum for package %s\n"), pkgname);
|
||||
snprintf(ptr, 512, _("can't get md5 checksum for package %s\n"), pkgname);
|
||||
*data = alpm_list_add(*data, ptr);
|
||||
retval = 1;
|
||||
continue;
|
||||
|
@ -837,17 +835,16 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
|
|||
}
|
||||
|
||||
md5sum2 = alpm_get_md5sum(str);
|
||||
sha1sum2 = alpm_get_sha1sum(str);
|
||||
if(md5sum2 == NULL && sha1sum2 == NULL) {
|
||||
if(md5sum2 == NULL) {
|
||||
if((ptr = calloc(512, sizeof(char))) == NULL) {
|
||||
RET_ERR(PM_ERR_MEMORY, -1);
|
||||
}
|
||||
snprintf(ptr, 512, _("can't get md5 or sha1 checksum for package %s\n"), pkgname);
|
||||
snprintf(ptr, 512, _("can't get md5 checksum for package %s\n"), pkgname);
|
||||
*data = alpm_list_add(*data, ptr);
|
||||
retval = 1;
|
||||
continue;
|
||||
}
|
||||
if((strcmp(md5sum1, md5sum2) != 0) && (strcmp(sha1sum1, sha1sum2) != 0)) {
|
||||
if(strcmp(md5sum1, md5sum2) != 0) {
|
||||
int doremove=0;
|
||||
if((ptr = calloc(512, sizeof(char))) == NULL) {
|
||||
RET_ERR(PM_ERR_MEMORY, -1);
|
||||
|
@ -855,15 +852,14 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
|
|||
QUESTION(trans, PM_TRANS_CONV_CORRUPTED_PKG, (char *)pkgname, NULL, NULL, &doremove);
|
||||
if(doremove) {
|
||||
unlink(str);
|
||||
snprintf(ptr, 512, _("archive %s was corrupted (bad MD5 or SHA1 checksum)\n"), pkgname);
|
||||
snprintf(ptr, 512, _("archive %s was corrupted (bad MD5 checksum)\n"), pkgname);
|
||||
} else {
|
||||
snprintf(ptr, 512, _("archive %s is corrupted (bad MD5 or SHA1 checksum)\n"), pkgname);
|
||||
snprintf(ptr, 512, _("archive %s is corrupted (bad MD5 checksum)\n"), pkgname);
|
||||
}
|
||||
*data = alpm_list_add(*data, ptr);
|
||||
retval = 1;
|
||||
}
|
||||
FREE(md5sum2);
|
||||
FREE(sha1sum2);
|
||||
}
|
||||
if(retval) {
|
||||
pm_errno = PM_ERR_PKG_CORRUPTED;
|
||||
|
|
|
@ -110,7 +110,7 @@ void dump_pkg_full(pmpkg_t *pkg, int level)
|
|||
*/
|
||||
void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
|
||||
{
|
||||
const char *descheader, *md5sum, *sha1sum;
|
||||
const char *descheader, *md5sum;
|
||||
if(pkg == NULL) {
|
||||
return;
|
||||
}
|
||||
|
@ -118,7 +118,6 @@ void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
|
|||
descheader = _("Description : ");
|
||||
|
||||
md5sum = alpm_pkg_get_md5sum(pkg);
|
||||
sha1sum = alpm_pkg_get_sha1sum(pkg);
|
||||
|
||||
printf(_("Repository : %s\n"), treename);
|
||||
printf(_("Name : %s\n"), (char *)alpm_pkg_get_name(pkg));
|
||||
|
@ -139,9 +138,6 @@ void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
|
|||
if (md5sum != NULL && md5sum[0] != '\0') {
|
||||
printf(_("MD5 Sum : %s"), md5sum);
|
||||
}
|
||||
if (sha1sum != NULL && sha1sum[0] != '\0') {
|
||||
printf(_("SHA1 Sum : %s"), sha1sum);
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
|
@ -168,31 +164,22 @@ void dump_pkg_backups(pmpkg_t *pkg)
|
|||
snprintf(path, PATH_MAX-1, "%s%s", root, str);
|
||||
/* if we find the file, calculate checksums, otherwise it is missing */
|
||||
if(!stat(path, &buf)) {
|
||||
char *sum;
|
||||
char *md5sum = alpm_get_md5sum(path);
|
||||
char *sha1sum = alpm_get_sha1sum(path);
|
||||
|
||||
if(md5sum == NULL || sha1sum == NULL) {
|
||||
if(md5sum == NULL) {
|
||||
fprintf(stderr, _("error: could not calculate checksums for %s\n"),
|
||||
path);
|
||||
free(str);
|
||||
continue;
|
||||
}
|
||||
/* TODO Is this a good way to check type of backup stored?
|
||||
* We aren't storing it anywhere in the database. */
|
||||
if (strlen(ptr) == 32) {
|
||||
sum = md5sum;
|
||||
} else { /*if (strlen(ptr) == 40) */
|
||||
sum = sha1sum;
|
||||
}
|
||||
|
||||
/* if checksums don't match, file has been modified */
|
||||
if (strcmp(sum, ptr)) {
|
||||
if (strcmp(md5sum, ptr)) {
|
||||
printf(_("MODIFIED\t%s\n"), path);
|
||||
} else {
|
||||
printf(_("Not Modified\t%s\n"), path);
|
||||
}
|
||||
free(md5sum);
|
||||
free(sha1sum);
|
||||
} else {
|
||||
printf(_("MISSING\t\t%s\n"), path);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue