summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Vogt <michael.vogt@ubuntu.com>2007-08-03 11:27:47 +0200
committerMichael Vogt <michael.vogt@ubuntu.com>2007-08-03 11:27:47 +0200
commitc3279b9d100fb62f412267512458b58dda40f95b (patch)
tree9af2a695fd7f789090ce8cba959d7241db07497c
parent5aa5a030bb4f2d46a30526377c5309dc20dbe2af (diff)
parent2c941d896911dca364b3d38dc593f3bf6847f3e5 (diff)
downloadapt-c3279b9d100fb62f412267512458b58dda40f95b.tar.gz
(ABI break)
* merged apt--sha256 branch to fully support the new sha256 checksums in the Packages and Release files (ABI break)
-rw-r--r--apt-pkg/acquire-item.cc133
-rw-r--r--apt-pkg/acquire-item.h76
-rw-r--r--apt-pkg/acquire-method.cc9
-rw-r--r--apt-pkg/acquire-method.h1
-rw-r--r--apt-pkg/acquire-worker.cc17
-rw-r--r--apt-pkg/contrib/hashes.cc84
-rw-r--r--apt-pkg/contrib/hashes.h30
-rw-r--r--apt-pkg/deb/debmetaindex.cc2
-rw-r--r--apt-pkg/deb/debrecords.cc8
-rw-r--r--apt-pkg/deb/debrecords.h1
-rw-r--r--apt-pkg/indexcopy.cc13
-rw-r--r--apt-pkg/indexrecords.cc48
-rw-r--r--apt-pkg/indexrecords.h3
-rw-r--r--apt-pkg/pkgrecords.h1
-rw-r--r--apt-pkg/tagfile.h4
-rw-r--r--cmdline/apt-get.cc6
-rw-r--r--debian/changelog5
17 files changed, 289 insertions, 152 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 4f5d644ab..f3784a58b 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -95,7 +95,7 @@ void pkgAcquire::Item::Start(string /*Message*/,unsigned long Size)
// Acquire::Item::Done - Item downloaded OK /*{{{*/
// ---------------------------------------------------------------------
/* */
-void pkgAcquire::Item::Done(string Message,unsigned long Size,string,
+void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cnf)
{
// We just downloaded something..
@@ -142,8 +142,9 @@ void pkgAcquire::Item::Rename(string From,string To)
*/
pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
string URI,string URIDesc,string ShortDesc,
- string ExpectedMD5)
- : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5), Description(URIDesc)
+ HashString ExpectedHash)
+ : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
+ Description(URIDesc)
{
Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
@@ -271,11 +272,11 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)
if(found)
{
// queue the diffs
- unsigned int last_space = Description.rfind(" ");
+ string::size_type last_space = Description.rfind(" ");
if(last_space != string::npos)
Description.erase(last_space, Description.size()-last_space);
new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
- ExpectedMD5, available_patches);
+ ExpectedHash, available_patches);
Complete = false;
Status = StatDone;
Dequeue();
@@ -298,7 +299,7 @@ void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
<< "Falling back to normal index file aquire" << std::endl;
new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc,
- ExpectedMD5);
+ ExpectedHash);
Complete = false;
Status = StatDone;
@@ -344,8 +345,9 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,
*/
pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
string URI,string URIDesc,string ShortDesc,
- string ExpectedMD5, vector<DiffInfo> diffs)
- : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5),
+ HashString ExpectedMD5,
+ vector<DiffInfo> diffs)
+ : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
available_patches(diffs)
{
@@ -378,7 +380,7 @@ void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl
<< "Falling back to normal index file aquire" << std::endl;
new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc,
- ExpectedMD5);
+ ExpectedHash);
Finish();
}
@@ -393,14 +395,7 @@ void pkgAcqIndexDiffs::Finish(bool allDone)
DestFile = _config->FindDir("Dir::State::lists");
DestFile += URItoFileName(RealURI);
- // do the final md5sum checking
- MD5Summation sum;
- FileFd Fd(DestFile, FileFd::ReadOnly);
- sum.AddFD(Fd.Fd(), Fd.Size());
- Fd.Close();
- string MD5 = (string)sum.Result();
-
- if (!ExpectedMD5.empty() && MD5 != ExpectedMD5)
+ if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
{
Status = StatAuthError;
ErrorText = _("MD5Sum mismatch");
@@ -542,7 +537,7 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
// see if there is more to download
if(available_patches.size() > 0) {
new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
- ExpectedMD5, available_patches);
+ ExpectedHash, available_patches);
return Finish();
} else
return Finish(true);
@@ -556,8 +551,8 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
instantiated to fetch the revision file */
pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
string URI,string URIDesc,string ShortDesc,
- string ExpectedMD5, string comprExt)
- : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5)
+ HashString ExpectedHash, string comprExt)
+ : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash)
{
Decompression = false;
Erase = false;
@@ -608,7 +603,7 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
// retry with a gzip one
new pkgAcqIndex(Owner, RealURI, Desc.Description,Desc.ShortDesc,
- ExpectedMD5, string(".gz"));
+ ExpectedHash, string(".gz"));
Status = StatDone;
Complete = false;
Dequeue();
@@ -633,32 +628,23 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
to the uncompressed version of the file. If this is so the file
is copied into the partial directory. In all other cases the file
is decompressed with a gzip uri. */
-void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5,
+void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cfg)
{
- Item::Done(Message,Size,MD5,Cfg);
+ Item::Done(Message,Size,Hash,Cfg);
if (Decompression == true)
{
if (_config->FindB("Debug::pkgAcquire::Auth", false))
{
- std::cerr << std::endl << RealURI << ": Computed MD5: " << MD5;
- std::cerr << " Expected MD5: " << ExpectedMD5 << std::endl;
+ std::cerr << std::endl << RealURI << ": Computed Hash: " << Hash;
+ std::cerr << " Expected Hash: " << ExpectedHash.toStr() << std::endl;
}
- if (MD5.empty())
- {
- MD5Summation sum;
- FileFd Fd(DestFile, FileFd::ReadOnly);
- sum.AddFD(Fd.Fd(), Fd.Size());
- Fd.Close();
- MD5 = (string)sum.Result();
- }
-
- if (!ExpectedMD5.empty() && MD5 != ExpectedMD5)
+ if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash)
{
Status = StatAuthError;
- ErrorText = _("MD5Sum mismatch");
+ ErrorText = _("Hash Sum mismatch");
Rename(DestFile,DestFile + ".FAILED");
return;
}
@@ -742,8 +728,8 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5,
// ---------------------------------------------------------------------
/* The Translation file is added to the queue */
pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner,
- string URI,string URIDesc,string ShortDesc) :
- pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, "", "")
+ string URI,string URIDesc,string ShortDesc)
+ : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "")
{
}
@@ -920,10 +906,10 @@ string pkgAcqMetaIndex::Custom600Headers()
return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
}
-void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string MD5,
+void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cfg)
{
- Item::Done(Message,Size,MD5,Cfg);
+ Item::Done(Message,Size,Hash,Cfg);
// MetaIndexes are done in two passes: one to download the
// metaindex with an appropriate method, and a second to verify it
@@ -1041,7 +1027,7 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
Target != IndexTargets->end();
Target++)
{
- string ExpectedIndexMD5;
+ HashString ExpectedIndexHash;
if (verify)
{
const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
@@ -1052,16 +1038,16 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
+ (*Target)->MetaKey + " in Meta-index file (malformed Release file?)";
return;
}
- ExpectedIndexMD5 = Record->MD5Hash;
+ ExpectedIndexHash = Record->Hash;
if (_config->FindB("Debug::pkgAcquire::Auth", false))
{
std::cerr << "Queueing: " << (*Target)->URI << std::endl;
- std::cerr << "Expected MD5: " << ExpectedIndexMD5 << std::endl;
+ std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
}
- if (ExpectedIndexMD5.empty())
+ if (ExpectedIndexHash.empty())
{
Status = StatAuthError;
- ErrorText = "Unable to find MD5 sum for "
+ ErrorText = "Unable to find hash sum for "
+ (*Target)->MetaKey + " in Meta-index file";
return;
}
@@ -1071,10 +1057,10 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
// on the users option)
if(_config->FindB("Acquire::PDiffs",true) == true)
new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
- (*Target)->ShortDesc, ExpectedIndexMD5);
+ (*Target)->ShortDesc, ExpectedIndexHash);
else
new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
- (*Target)->ShortDesc, ExpectedIndexMD5);
+ (*Target)->ShortDesc, ExpectedIndexHash);
}
}
@@ -1314,7 +1300,12 @@ bool pkgAcqArchive::QueueNext()
return false;
string PkgFile = Parse.FileName();
- MD5 = Parse.MD5Hash();
+ if(Parse.SHA256Hash() != "")
+ ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
+ else if (Parse.SHA1Hash() != "")
+ ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
+ else
+ ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
if (PkgFile.empty() == true)
return _error->Error(_("The package index files are corrupted. No Filename: "
"field for package %s."),
@@ -1394,10 +1385,10 @@ bool pkgAcqArchive::QueueNext()
// AcqArchive::Done - Finished fetching /*{{{*/
// ---------------------------------------------------------------------
/* */
-void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash,
+void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash,
pkgAcquire::MethodConfig *Cfg)
{
- Item::Done(Message,Size,Md5Hash,Cfg);
+ Item::Done(Message,Size,CalcHash,Cfg);
// Check the size
if (Size != Version->Size)
@@ -1407,17 +1398,14 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash,
return;
}
- // Check the md5
- if (Md5Hash.empty() == false && MD5.empty() == false)
+ // Check the hash
+ if(ExpectedHash.toStr() != CalcHash)
{
- if (Md5Hash != MD5)
- {
- Status = StatError;
- ErrorText = _("MD5Sum mismatch");
- if(FileExists(DestFile))
- Rename(DestFile,DestFile + ".FAILED");
- return;
- }
+ Status = StatError;
+ ErrorText = _("Hash Sum mismatch");
+ if(FileExists(DestFile))
+ Rename(DestFile,DestFile + ".FAILED");
+ return;
}
// Grab the output filename
@@ -1509,10 +1497,10 @@ void pkgAcqArchive::Finished()
// AcqFile::pkgAcqFile - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* The file is added to the queue */
-pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
+pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
unsigned long Size,string Dsc,string ShortDesc,
const string &DestDir, const string &DestFilename) :
- Item(Owner), Md5Hash(MD5)
+ Item(Owner), ExpectedHash(Hash)
{
Retries = _config->FindI("Acquire::Retries",0);
@@ -1549,23 +1537,20 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
// AcqFile::Done - Item downloaded OK /*{{{*/
// ---------------------------------------------------------------------
/* */
-void pkgAcqFile::Done(string Message,unsigned long Size,string MD5,
+void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash,
pkgAcquire::MethodConfig *Cnf)
{
- // Check the md5
- if (Md5Hash.empty() == false && MD5.empty() == false)
+ Item::Done(Message,Size,CalcHash,Cnf);
+
+ // Check the hash
+ if(!ExpectedHash.empty() && ExpectedHash.toStr() != CalcHash)
{
- if (Md5Hash != MD5)
- {
- Status = StatError;
- ErrorText = "MD5Sum mismatch";
- Rename(DestFile,DestFile + ".FAILED");
- return;
- }
+ Status = StatError;
+ ErrorText = "Hash Sum mismatch";
+ Rename(DestFile,DestFile + ".FAILED");
+ return;
}
- Item::Done(Message,Size,MD5,Cnf);
-
string FileName = LookupTag(Message,"Filename");
if (FileName.empty() == true)
{
diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h
index f5272ed86..edd910230 100644
--- a/apt-pkg/acquire-item.h
+++ b/apt-pkg/acquire-item.h
@@ -12,7 +12,7 @@
Three item classes are provided to provide functionality for
downloading of Index, Translation and Packages files.
- A Archive class is provided for downloading .deb files. It does Md5
+ A Archive class is provided for downloading .deb files. It does Hash
checking and source location as well as a retry algorithm.
##################################################################### */
@@ -26,7 +26,7 @@
#include <apt-pkg/sourcelist.h>
#include <apt-pkg/pkgrecords.h>
#include <apt-pkg/indexrecords.h>
-
+#include <apt-pkg/hashes.h>
/** \addtogroup acquire
* @{
@@ -187,12 +187,12 @@ class pkgAcquire::Item
* \param Message Data from the acquire method. Use LookupTag()
* to parse it.
* \param Size The size of the object that was fetched.
- * \param Md5Hash The MD5Sum of the object that was fetched.
+ * \param Hash The HashSum of the object that was fetched.
* \param Cnf The method via which the object was fetched.
*
* \sa pkgAcqMethod
*/
- virtual void Done(string Message,unsigned long Size,string Md5Hash,
+ virtual void Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cnf);
/** \brief Invoked when the worker starts to fetch this object.
@@ -230,12 +230,12 @@ class pkgAcquire::Item
/** \brief Invoked by the worker when the download is completely done. */
virtual void Finished() {};
- /** \brief MD5Sum.
+ /** \brief HashSum
*
- * \return the MD5Sum of this object, if applicable; otherwise, an
+ * \return the HashSum of this object, if applicable; otherwise, an
* empty string.
*/
- virtual string MD5Sum() {return string();};
+ virtual string HashSum() {return string();};
/** \return the acquire process with which this item is associated. */
pkgAcquire *GetOwner() {return Owner;};
@@ -297,10 +297,10 @@ class pkgAcqDiffIndex : public pkgAcquire::Item
*/
string RealURI;
- /** \brief The MD5Sum that the real index file should have after
+ /** \brief The Hash that the real index file should have after
* all patches have been applied.
*/
- string ExpectedMD5;
+ HashString ExpectedHash;
/** \brief The index file which will be patched to generate the new
* file.
@@ -343,10 +343,10 @@ class pkgAcqDiffIndex : public pkgAcquire::Item
*
* \param ShortDesc A short description of the list file to download.
*
- * \param ExpectedMD5 The list file's MD5 signature.
+ * \param ExpectedHash The list file's MD5 signature.
*/
pkgAcqDiffIndex(pkgAcquire *Owner,string URI,string URIDesc,
- string ShortDesc, string ExpectedMD5);
+ string ShortDesc, HashString ExpectedHash);
};
/** \brief An item that is responsible for fetching all the patches
@@ -379,7 +379,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
* finishes downloading.
*
* Dequeues the item and checks the resulting file's md5sum
- * against ExpectedMD5 after the last patch was applied.
+ * against ExpectedHash after the last patch was applied.
* There is no need to check the md5/sha1 after a "normal"
* patch because QueueNextDiff() will check the sha1 later.
*
@@ -405,10 +405,10 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
*/
string RealURI;
- /** \brief The MD5Sum of the package index file that is being
+ /** \brief The HashSum of the package index file that is being
* reconstructed.
*/
- string ExpectedMD5;
+ HashString ExpectedHash;
/** A description of the file being downloaded. */
string Description;
@@ -465,7 +465,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
*
* \param ShortDesc A brief description of this item.
*
- * \param ExpectedMD5 The expected md5sum of the completely
+ * \param ExpectedHash The expected md5sum of the completely
* reconstructed package index file; the index file will be tested
* against this value when it is entirely reconstructed.
*
@@ -474,7 +474,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
* that depends on it.
*/
pkgAcqIndexDiffs(pkgAcquire *Owner,string URI,string URIDesc,
- string ShortDesc, string ExpectedMD5,
+ string ShortDesc, HashString ExpectedHash,
vector<DiffInfo> diffs=vector<DiffInfo>());
};
@@ -507,8 +507,8 @@ class pkgAcqIndex : public pkgAcquire::Item
*/
string RealURI;
- /** \brief The expected md5sum of the decompressed index file. */
- string ExpectedMD5;
+ /** \brief The expected hashsum of the decompressed index file. */
+ HashString ExpectedHash;
/** \brief The compression-related file extension that is being
* added to the downloaded file (e.g., ".gz" or ".bz2").
@@ -523,6 +523,7 @@ class pkgAcqIndex : public pkgAcquire::Item
pkgAcquire::MethodConfig *Cnf);
virtual string Custom600Headers();
virtual string DescURI() {return RealURI + CompressionExtension;};
+ virtual string HashSum() {return ExpectedHash.toStr(); };
/** \brief Create a pkgAcqIndex.
*
@@ -535,14 +536,14 @@ class pkgAcqIndex : public pkgAcquire::Item
*
* \param ShortDesc A brief description of this index file.
*
- * \param ExpectedMD5 The expected md5sum of this index file.
+ * \param ExpectedHash The expected hashsum of this index file.
*
* \param compressExt The compression-related extension with which
* this index file should be downloaded, or "" to autodetect
* (".bz2" is used if bzip2 is installed, ".gz" otherwise).
*/
pkgAcqIndex(pkgAcquire *Owner,string URI,string URIDesc,
- string ShortDesc, string ExpectedMD5, string compressExt="");
+ string ShortDesc, HashString ExpectedHash, string compressExt="");
};
/** \brief An acquire item that is responsible for fetching a
@@ -569,7 +570,7 @@ class pkgAcqIndexTrans : public pkgAcqIndex
*
* \param ShortDesc A brief description of this index file.
*
- * \param ExpectedMD5 The expected md5sum of this index file.
+ * \param ExpectedHash The expected hashsum of this index file.
*
* \param compressExt The compression-related extension with which
* this index file should be downloaded, or "" to autodetect
@@ -661,9 +662,9 @@ class pkgAcqMetaSig : public pkgAcquire::Item
*
* Once the download and verification are complete, the downloads of
* the individual index files are queued up using pkgAcqDiffIndex.
- * If the meta-index file had a valid signature, the expected md5sums
+ * If the meta-index file had a valid signature, the expected hashsums
* of the index files will be the md5sums listed in the meta-index;
- * otherwise, the expected md5sums will be "" (causing the
+ * otherwise, the expected hashsums will be "" (causing the
* authentication of the index files to be bypassed).
*/
class pkgAcqMetaIndex : public pkgAcquire::Item
@@ -727,11 +728,11 @@ class pkgAcqMetaIndex : public pkgAcquire::Item
/** \brief Starts downloading the individual index files.
*
- * \param verify If \b true, only indices whose expected md5sum
+ * \param verify If \b true, only indices whose expected hashsum
* can be determined from the meta-index will be downloaded, and
- * the md5sums of indices will be checked (reporting
+ * the hashsums of indices will be checked (reporting
* #StatAuthError if there is a mismatch). If verify is \b false,
- * no md5sum checking will be performed.
+ * no hashsum checking will be performed.
*/
void QueueIndexes(bool verify);
@@ -739,7 +740,7 @@ class pkgAcqMetaIndex : public pkgAcquire::Item
// Specialized action members
virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
- virtual void Done(string Message,unsigned long Size,string Md5Hash,
+ virtual void Done(string Message,unsigned long Size, string Hash,
pkgAcquire::MethodConfig *Cnf);
virtual string Custom600Headers();
virtual string DescURI() {return RealURI; };
@@ -776,8 +777,8 @@ class pkgAcqArchive : public pkgAcquire::Item
*/
pkgRecords *Recs;
- /** \brief The md5sum of this package. */
- string MD5;
+ /** \brief The hashsum of this package. */
+ HashString ExpectedHash;
/** \brief A location in which the actual filename of the package
* should be stored.
@@ -805,13 +806,12 @@ class pkgAcqArchive : public pkgAcquire::Item
public:
virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
- virtual void Done(string Message,unsigned long Size,string Md5Hash,
+ virtual void Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cnf);
- virtual string MD5Sum() {return MD5;};
virtual string DescURI() {return Desc.URI;};
virtual string ShortDesc() {return Desc.ShortDesc;};
virtual void Finished();
-
+ virtual string HashSum() {return ExpectedHash.toStr(); };
virtual bool IsTrusted();
/** \brief Create a new pkgAcqArchive.
@@ -848,8 +848,8 @@ class pkgAcqFile : public pkgAcquire::Item
/** \brief The currently active download process. */
pkgAcquire::ItemDesc Desc;
- /** \brief The md5sum of the file to download, if it is known. */
- string Md5Hash;
+ /** \brief The hashsum of the file to download, if it is known. */
+ HashString ExpectedHash;
/** \brief How many times to retry the download, set from
* Acquire::Retries.
@@ -860,10 +860,10 @@ class pkgAcqFile : public pkgAcquire::Item
// Specialized action members
virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
- virtual void Done(string Message,unsigned long Size,string Md5Hash,
+ virtual void Done(string Message,unsigned long Size,string CalcHash,
pkgAcquire::MethodConfig *Cnf);
- virtual string MD5Sum() {return Md5Hash;};
virtual string DescURI() {return Desc.URI;};
+ virtual string HashSum() {return ExpectedHash.toStr(); };
/** \brief Create a new pkgAcqFile object.
*
@@ -872,7 +872,7 @@ class pkgAcqFile : public pkgAcquire::Item
*
* \param URI The URI to download.
*
- * \param MD5 The md5sum of the file to download, if it is known;
+ * \param Hash The hashsum of the file to download, if it is known;
* otherwise "".
*
* \param Size The size of the file to download, if it is known;
@@ -894,7 +894,7 @@ class pkgAcqFile : public pkgAcquire::Item
* is the absolute name to which the file should be downloaded.
*/
- pkgAcqFile(pkgAcquire *Owner, string URI, string MD5, unsigned long Size,
+ pkgAcqFile(pkgAcquire *Owner, string URI, string Hash, unsigned long Size,
string Desc, string ShortDesc,
const string &DestDir="", const string &DestFilename="");
};
diff --git a/apt-pkg/acquire-method.cc b/apt-pkg/acquire-method.cc
index 3360a8eae..bc29417f7 100644
--- a/apt-pkg/acquire-method.cc
+++ b/apt-pkg/acquire-method.cc
@@ -176,9 +176,14 @@ void pkgAcqMethod::URIDone(FetchResult &Res, FetchResult *Alt)
TimeRFC1123(Res.LastModified).c_str());
if (Res.MD5Sum.empty() == false)
+ {
End += snprintf(End,sizeof(S)-50 - (End - S),"MD5-Hash: %s\n",Res.MD5Sum.c_str());
+ End += snprintf(End,sizeof(S)-50 - (End - S),"MD5Sum-Hash: %s\n",Res.MD5Sum.c_str());
+ }
if (Res.SHA1Sum.empty() == false)
End += snprintf(End,sizeof(S)-50 - (End - S),"SHA1-Hash: %s\n",Res.SHA1Sum.c_str());
+ if (Res.SHA256Sum.empty() == false)
+ End += snprintf(End,sizeof(S)-50 - (End - S),"SHA256-Hash: %s\n",Res.SHA256Sum.c_str());
if (Res.GPGVOutput.size() > 0)
End += snprintf(End,sizeof(S)-50 - (End - S),"GPGVOutput:\n");
for (vector<string>::iterator I = Res.GPGVOutput.begin();
@@ -211,6 +216,9 @@ void pkgAcqMethod::URIDone(FetchResult &Res, FetchResult *Alt)
if (Alt->SHA1Sum.empty() == false)
End += snprintf(End,sizeof(S)-50 - (End - S),"Alt-SHA1-Hash: %s\n",
Alt->SHA1Sum.c_str());
+ if (Alt->SHA256Sum.empty() == false)
+ End += snprintf(End,sizeof(S)-50 - (End - S),"Alt-SHA256-Hash: %s\n",
+ Alt->SHA256Sum.c_str());
if (Alt->IMSHit == true)
strcat(End,"Alt-IMS-Hit: true\n");
@@ -455,5 +463,6 @@ void pkgAcqMethod::FetchResult::TakeHashes(Hashes &Hash)
{
MD5Sum = Hash.MD5.Result();
SHA1Sum = Hash.SHA1.Result();
+ SHA256Sum = Hash.SHA256.Result();
}
/*}}}*/
diff --git a/apt-pkg/acquire-method.h b/apt-pkg/acquire-method.h
index 0fd846f54..e02eab018 100644
--- a/apt-pkg/acquire-method.h
+++ b/apt-pkg/acquire-method.h
@@ -43,6 +43,7 @@ class pkgAcqMethod
{
string MD5Sum;
string SHA1Sum;
+ string SHA256Sum;
vector<string> GPGVOutput;
time_t LastModified;
bool IMSHit;
diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc
index 25d40ef54..460f59961 100644
--- a/apt-pkg/acquire-worker.cc
+++ b/apt-pkg/acquire-worker.cc
@@ -267,8 +267,23 @@ bool pkgAcquire::Worker::RunMessages()
_error->Warning("Bizarre Error - File size is not what the server reported %s %lu",
LookupTag(Message,"Size","0").c_str(),TotalSize);
+ // see if there is a hash to verify
+ string RecivedHash;
+ HashString expectedHash(Owner->HashSum());
+ if(!expectedHash.empty())
+ {
+ string hashTag = expectedHash.HashType()+"-Hash";
+ RecivedHash = expectedHash.HashType() + ":" + LookupTag(Message, hashTag.c_str());
+ if(_config->FindB("Debug::pkgAcquire::Auth", false) == true)
+ {
+ clog << "201 URI Done: " << Owner->DescURI() << endl
+ << "RecivedHash: " << RecivedHash << endl
+ << "ExpectedHash: " << expectedHash.toStr()
+ << endl << endl;
+ }
+ }
Owner->Done(Message,atoi(LookupTag(Message,"Size","0").c_str()),
- LookupTag(Message,"MD5-Hash"),Config);
+ RecivedHash.c_str(), Config);
ItemDone();
// Log that we are done
diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc
index b725e9418..fcc2f887c 100644
--- a/apt-pkg/contrib/hashes.cc
+++ b/apt-pkg/contrib/hashes.cc
@@ -12,11 +12,95 @@
/*}}}*/
// Include Files /*{{{*/
#include <apt-pkg/hashes.h>
+#include <apt-pkg/fileutl.h>
+#include <apt-pkg/configuration.h>
#include <unistd.h>
#include <system.h>
+#include <string>
+#include <iostream>
/*}}}*/
+const char* HashString::_SupportedHashes[] =
+{
+ "SHA256", "SHA1", "MD5Sum", NULL
+};
+
+HashString::HashString()
+{
+}
+
+HashString::HashString(string Type, string Hash) : Type(Type), Hash(Hash)
+{
+}
+
+HashString::HashString(string StringedHash)
+{
+ // legacy: md5sum without "MD5Sum:" prefix
+ if (StringedHash.find(":") == string::npos && StringedHash.size() == 32)
+ {
+ Type = "MD5Sum";
+ Hash = StringedHash;
+ return;
+ }
+ string::size_type pos = StringedHash.find(":");
+ Type = StringedHash.substr(0,pos);
+ Hash = StringedHash.substr(pos+1, StringedHash.size() - pos);
+
+ if(_config->FindB("Debug::Hashes",false) == true)
+ std::clog << "HashString(string): " << Type << " : " << Hash << std::endl;
+}
+
+
+bool HashString::VerifyFile(string filename) const
+{
+ FileFd fd;
+ MD5Summation MD5;
+ SHA1Summation SHA1;
+ SHA256Summation SHA256;
+ string fileHash;
+
+ FileFd Fd(filename, FileFd::ReadOnly);
+ if(Type == "MD5Sum")
+ {
+ MD5.AddFD(Fd.Fd(), Fd.Size());
+ fileHash = (string)MD5.Result();
+ }
+ else if (Type == "SHA1")
+ {
+ SHA1.AddFD(Fd.Fd(), Fd.Size());
+ fileHash = (string)SHA1.Result();
+ }
+ else if (Type == "SHA256")
+ {
+ SHA256.AddFD(Fd.Fd(), Fd.Size());
+ fileHash = (string)SHA256.Result();
+ }
+ Fd.Close();
+
+ if(_config->FindB("Debug::Hashes",false) == true)
+ std::clog << "HashString::VerifyFile: got: " << fileHash << " expected: " << toStr() << std::endl;
+
+ return (fileHash == Hash);
+}
+
+const char** HashString::SupportedHashes()
+{
+ return _SupportedHashes;
+}
+
+bool HashString::empty() const
+{
+ return (Type.empty() || Hash.empty());
+}
+
+
+string HashString::toStr() const
+{
+ return Type+string(":")+Hash;
+}
+
+
// Hashes::AddFD - Add the contents of the FD /*{{{*/
// ---------------------------------------------------------------------
/* */
diff --git a/apt-pkg/contrib/hashes.h b/apt-pkg/contrib/hashes.h
index b09ea9f6b..93e7b25d9 100644
--- a/apt-pkg/contrib/hashes.h
+++ b/apt-pkg/contrib/hashes.h
@@ -19,8 +19,38 @@
#include <apt-pkg/sha256.h>
#include <algorithm>
+#include <vector>
using std::min;
+using std::vector;
+
+// helper class that contains hash function name
+// and hash
+class HashString
+{
+ protected:
+ string Type;
+ string Hash;
+ static const char * _SupportedHashes[10];
+
+ public:
+ HashString(string Type, string Hash);
+ HashString(string StringedHashString); // init from str as "type:hash"
+ HashString();
+
+ // get hash type used
+ string HashType() { return Type; };
+
+ // verify the given filename against the currently loaded hash
+ bool VerifyFile(string filename) const;
+
+ // helper
+ string toStr() const; // convert to str as "type:hash"
+ bool empty() const;
+
+ // return the list of hashes we support
+ static const char** SupportedHashes();
+};
class Hashes
{
diff --git a/apt-pkg/deb/debmetaindex.cc b/apt-pkg/deb/debmetaindex.cc
index 73b2dda49..94995798f 100644
--- a/apt-pkg/deb/debmetaindex.cc
+++ b/apt-pkg/deb/debmetaindex.cc
@@ -144,7 +144,7 @@ bool debReleaseIndex::GetIndexes(pkgAcquire *Owner, bool GetAll) const
vector <struct IndexTarget *> *targets = ComputeIndexTargets();
for (vector <struct IndexTarget*>::const_iterator Target = targets->begin(); Target != targets->end(); Target++) {
new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
- (*Target)->ShortDesc, "");
+ (*Target)->ShortDesc, HashString());
}
}
new pkgAcqMetaSig(Owner, MetaIndexURI("Release.gpg"),
diff --git a/apt-pkg/deb/debrecords.cc b/apt-pkg/deb/debrecords.cc
index 8a5b6e215..3d3d7de0a 100644
--- a/apt-pkg/deb/debrecords.cc
+++ b/apt-pkg/deb/debrecords.cc
@@ -67,6 +67,14 @@ string debRecordParser::SHA1Hash()
return Section.FindS("SHA1");
}
/*}}}*/
+// RecordParser::SHA1Hash - Return the archive hash /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+string debRecordParser::SHA256Hash()
+{
+ return Section.FindS("SHA256");
+}
+ /*}}}*/
// RecordParser::Maintainer - Return the maintainer email /*{{{*/
// ---------------------------------------------------------------------
/* */
diff --git a/apt-pkg/deb/debrecords.h b/apt-pkg/deb/debrecords.h
index df21931a8..ab244b6dd 100644
--- a/apt-pkg/deb/debrecords.h
+++ b/apt-pkg/deb/debrecords.h
@@ -35,6 +35,7 @@ class debRecordParser : public pkgRecords::Parser
virtual string FileName();
virtual string MD5Hash();
virtual string SHA1Hash();
+ virtual string SHA256Hash();
virtual string SourcePkg();
virtual string SourceVer();
diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc
index c9dded134..b30777d8d 100644
--- a/apt-pkg/indexcopy.cc
+++ b/apt-pkg/indexcopy.cc
@@ -528,23 +528,16 @@ bool SigVerify::Verify(string prefix, string file, indexRecords *MetaIndex)
return false;
}
- MD5Summation sum;
- FileFd Fd(prefix+file, FileFd::ReadOnly);
- sum.AddFD(Fd.Fd(), Fd.Size());
- Fd.Close();
- string MD5 = (string)sum.Result();
-
- if (Record->MD5Hash != MD5)
+ if (!Record->Hash.VerifyFile(prefix+file))
{
- _error->Warning("MD5 mismatch for: %s",file.c_str());
+ _error->Warning("Hash mismatch for: %s",file.c_str());
return false;
}
if(_config->FindB("Debug::aptcdrom",false))
{
cout << "File: " << prefix+file << endl;
- cout << "Expected MD5sum: " << Record->MD5Hash << endl;
- cout << "got: " << MD5 << endl << endl;
+ cout << "Expected Hash " << Record->Hash.toStr() << endl;
}
return true;
diff --git a/apt-pkg/indexrecords.cc b/apt-pkg/indexrecords.cc
index 396e1591f..502f454a8 100644
--- a/apt-pkg/indexrecords.cc
+++ b/apt-pkg/indexrecords.cc
@@ -50,32 +50,38 @@ bool indexRecords::Load(const string Filename)
const char *Start, *End;
Section.Get (Start, End, 0);
+
Suite = Section.FindS("Suite");
Dist = Section.FindS("Codename");
-// if (Dist.empty())
-// {
-// ErrorText = _(("No Codename entry in Release file " + Filename).c_str());
-// return false;
-// }
- if (!Section.Find("MD5Sum", Start, End))
+
+ int i;
+ for (i=0;HashString::SupportedHashes()[i] != NULL; i++)
{
- ErrorText = _(("No MD5Sum entry in Release file " + Filename).c_str());
- return false;
+ if (!Section.Find(HashString::SupportedHashes()[i], Start, End))
+ continue;
+
+ string Name;
+ string Hash;
+ size_t Size;
+ while (Start < End)
+ {
+ if (!parseSumData(Start, End, Name, Hash, Size))
+ return false;
+ indexRecords::checkSum *Sum = new indexRecords::checkSum;
+ Sum->MetaKeyFilename = Name;
+ Sum->Hash = HashString(HashString::SupportedHashes()[i],Hash);
+ Sum->Size = Size;
+ Entries[Name] = Sum;
+ }
+ break;
}
- string Name;
- string MD5Hash;
- size_t Size;
- while (Start < End)
+
+ if(HashString::SupportedHashes()[i] == NULL)
{
- if (!parseSumData(Start, End, Name, MD5Hash, Size))
- return false;
- indexRecords::checkSum *Sum = new indexRecords::checkSum;
- Sum->MetaKeyFilename = Name;
- Sum->MD5Hash = MD5Hash;
- Sum->Size = Size;
- Entries[Name] = Sum;
- }
-
+ ErrorText = _(("No Hash entry in Release file " + Filename).c_str());
+ return false;
+ }
+
string Strdate = Section.FindS("Date"); // FIXME: verify this somehow?
return true;
}
diff --git a/apt-pkg/indexrecords.h b/apt-pkg/indexrecords.h
index ac0df470c..468d2bd0f 100644
--- a/apt-pkg/indexrecords.h
+++ b/apt-pkg/indexrecords.h
@@ -8,6 +8,7 @@
#include <apt-pkg/pkgcache.h>
#include <apt-pkg/fileutl.h>
+#include <apt-pkg/hashes.h>
#include <map>
#include <vector>
@@ -45,7 +46,7 @@ class indexRecords
struct indexRecords::checkSum
{
string MetaKeyFilename;
- string MD5Hash;
+ HashString Hash;
size_t Size;
};
diff --git a/apt-pkg/pkgrecords.h b/apt-pkg/pkgrecords.h
index 7b9f51a50..f3bf7b6a1 100644
--- a/apt-pkg/pkgrecords.h
+++ b/apt-pkg/pkgrecords.h
@@ -57,6 +57,7 @@ class pkgRecords::Parser
virtual string FileName() {return string();};
virtual string MD5Hash() {return string();};
virtual string SHA1Hash() {return string();};
+ virtual string SHA256Hash() {return string();};
virtual string SourcePkg() {return string();};
virtual string SourceVer() {return string();};
diff --git a/apt-pkg/tagfile.h b/apt-pkg/tagfile.h
index 05c6aa701..6536932dd 100644
--- a/apt-pkg/tagfile.h
+++ b/apt-pkg/tagfile.h
@@ -30,8 +30,8 @@ class pkgTagSection
const char *Stop;
// We have a limit of 256 tags per section.
- unsigned short Indexes[256];
- unsigned short AlphaIndexes[0x100];
+ unsigned int Indexes[256];
+ unsigned int AlphaIndexes[0x100];
unsigned int TagCount;
diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc
index b216204d2..c9ec481aa 100644
--- a/cmdline/apt-get.cc
+++ b/cmdline/apt-get.cc
@@ -918,7 +918,7 @@ bool InstallPackages(CacheFile &Cache,bool ShwKept,bool Ask = true,
pkgAcquire::UriIterator I = Fetcher.UriBegin();
for (; I != Fetcher.UriEnd(); I++)
cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' <<
- I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
+ I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
return true;
}
@@ -1359,7 +1359,7 @@ bool DoUpdate(CommandLine &CmdL)
pkgAcquire::UriIterator I = Fetcher.UriBegin();
for (; I != Fetcher.UriEnd(); I++)
cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' <<
- I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
+ I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
return true;
}
@@ -2211,7 +2211,7 @@ bool DoSource(CommandLine &CmdL)
pkgAcquire::UriIterator I = Fetcher.UriBegin();
for (; I != Fetcher.UriEnd(); I++)
cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' <<
- I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
+ I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
return true;
}
diff --git a/debian/changelog b/debian/changelog
index 8c0bc2d0e..c730f85b0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -12,7 +12,10 @@ apt (0.7.7) UNRELEASED; urgency=low
* apt-pkg/deb/dpkgpm.{cc,h}:
- merged dpkg-log branch, this lets you specify a
Dir::Log::Terminal file to log dpkg output to
- ABI break
+ (ABI break)
+ * merged apt--sha256 branch to fully support the new
+ sha256 checksums in the Packages and Release files
+ (ABI break)
-- Michael Vogt <michael.vogt@ubuntu.com> Thu, 02 Aug 2007 11:55:54 +0200