devuan
/
apt
11
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

* implement sha256/sha1/md5 checking with proper backward compatibility 

and fallback
debian/1.8.y
Michael Vogt 15 years ago
parent
dfd1a56e88
commit
495e5cb254
13 changed files with 252 additions and 147 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 127
      apt-pkg/acquire-item.cc
  2. 75
      apt-pkg/acquire-item.h
  3. 84
      apt-pkg/contrib/hashes.cc
  4. 27
      apt-pkg/contrib/hashes.h
  5. 2
      apt-pkg/deb/debmetaindex.cc
  6. 8
      apt-pkg/deb/debrecords.cc
  7. 1
      apt-pkg/deb/debrecords.h
  8. 13
      apt-pkg/indexcopy.cc
  9. 48
      apt-pkg/indexrecords.cc
  10. 3
      apt-pkg/indexrecords.h
  11. 1
      apt-pkg/pkgrecords.h
  12. 4
      apt-pkg/tagfile.h
  13. 6
      cmdline/apt-get.cc

127
apt-pkg/acquire-item.cc
View File

@ -95,7 +95,7 @@ void pkgAcquire::Item::Start(string /*Message*/,unsigned long Size)
// Acquire::Item::Done - Item downloaded OK /*{{{*/
// ---------------------------------------------------------------------
/* */
void pkgAcquire::Item::Done(string Message,unsigned long Size,string,
void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cnf)
{
// We just downloaded something..
@ -142,8 +142,9 @@ void pkgAcquire::Item::Rename(string From,string To)
*/
pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
string URI,string URIDesc,string ShortDesc,
string ExpectedMD5)
: Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5), Description(URIDesc)
HashString ExpectedHash)
: Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
Description(URIDesc)
{
Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
@ -271,11 +272,11 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)
if(found)
{
// queue the diffs
unsigned int last_space = Description.rfind(" ");
string::size_type last_space = Description.rfind(" ");
if(last_space != string::npos)
Description.erase(last_space, Description.size()-last_space);
new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
ExpectedMD5, available_patches);
ExpectedHash, available_patches);
Complete = false;
Status = StatDone;
Dequeue();
@ -298,7 +299,7 @@ void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
<< "Falling back to normal index file aquire" << std::endl;
new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc,
ExpectedMD5);
ExpectedHash);
Complete = false;
Status = StatDone;
@ -344,8 +345,9 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,
*/
pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
string URI,string URIDesc,string ShortDesc,
string ExpectedMD5, vector<DiffInfo> diffs)
: Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5),
HashString ExpectedMD5,
vector<DiffInfo> diffs)
: Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
available_patches(diffs)
{
@ -378,7 +380,7 @@ void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl
<< "Falling back to normal index file aquire" << std::endl;
new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc,
ExpectedMD5);
ExpectedHash);
Finish();
}
@ -393,14 +395,7 @@ void pkgAcqIndexDiffs::Finish(bool allDone)
DestFile = _config->FindDir("Dir::State::lists");
DestFile += URItoFileName(RealURI);
// do the final md5sum checking
MD5Summation sum;
FileFd Fd(DestFile, FileFd::ReadOnly);
sum.AddFD(Fd.Fd(), Fd.Size());
Fd.Close();
string MD5 = (string)sum.Result();
if (!ExpectedMD5.empty() && MD5 != ExpectedMD5)
if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
{
Status = StatAuthError;
ErrorText = _("MD5Sum mismatch");
@ -542,7 +537,7 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
// see if there is more to download
if(available_patches.size() > 0) {
new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
ExpectedMD5, available_patches);
ExpectedHash, available_patches);
return Finish();
} else
return Finish(true);
@ -556,8 +551,8 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
instantiated to fetch the revision file */
pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
string URI,string URIDesc,string ShortDesc,
string ExpectedMD5, string comprExt)
: Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5)
HashString ExpectedHash, string comprExt)
: Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash)
{
Decompression = false;
Erase = false;
@ -608,7 +603,7 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
// retry with a gzip one
new pkgAcqIndex(Owner, RealURI, Desc.Description,Desc.ShortDesc,
ExpectedMD5, string(".gz"));
ExpectedHash, string(".gz"));
Status = StatDone;
Complete = false;
Dequeue();
@ -633,29 +628,20 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
to the uncompressed version of the file. If this is so the file
is copied into the partial directory. In all other cases the file
is decompressed with a gzip uri. */
void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5,
void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cfg)
{
Item::Done(Message,Size,MD5,Cfg);
Item::Done(Message,Size,Hash,Cfg);
if (Decompression == true)
{
if (_config->FindB("Debug::pkgAcquire::Auth", false))
{
std::cerr << std::endl << RealURI << ": Computed MD5: " << MD5;
std::cerr << " Expected MD5: " << ExpectedMD5 << std::endl;
std::cerr << std::endl << RealURI << ": Computed Hash: " << Hash;
std::cerr << " Expected Hash: " << ExpectedHash.toStr() << std::endl;
}
if (MD5.empty())
{
MD5Summation sum;
FileFd Fd(DestFile, FileFd::ReadOnly);
sum.AddFD(Fd.Fd(), Fd.Size());
Fd.Close();
MD5 = (string)sum.Result();
}
if (!ExpectedMD5.empty() && MD5 != ExpectedMD5)
if (!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
{
Status = StatAuthError;
ErrorText = _("MD5Sum mismatch");
@ -737,8 +723,8 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5,
// ---------------------------------------------------------------------
/* The Translation file is added to the queue */
pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner,
string URI,string URIDesc,string ShortDesc) :
pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, "", "")
string URI,string URIDesc,string ShortDesc)
: pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "")
{
}
@ -915,10 +901,10 @@ string pkgAcqMetaIndex::Custom600Headers()
return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
}
void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string MD5,
void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cfg)
{
Item::Done(Message,Size,MD5,Cfg);
Item::Done(Message,Size,Hash,Cfg);
// MetaIndexes are done in two passes: one to download the
// metaindex with an appropriate method, and a second to verify it
@ -1036,7 +1022,7 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
Target != IndexTargets->end();
Target++)
{
string ExpectedIndexMD5;
HashString ExpectedIndexHash;
if (verify)
{
const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
@ -1047,16 +1033,16 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
+ (*Target)->MetaKey + " in Meta-index file (malformed Release file?)";
return;
}
ExpectedIndexMD5 = Record->MD5Hash;
ExpectedIndexHash = Record->Hash;
if (_config->FindB("Debug::pkgAcquire::Auth", false))
{
std::cerr << "Queueing: " << (*Target)->URI << std::endl;
std::cerr << "Expected MD5: " << ExpectedIndexMD5 << std::endl;
std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
}
if (ExpectedIndexMD5.empty())
if (ExpectedIndexHash.empty())
{
Status = StatAuthError;
ErrorText = "Unable to find MD5 sum for "
ErrorText = "Unable to find hash sum for "
+ (*Target)->MetaKey + " in Meta-index file";
return;
}
@ -1066,10 +1052,10 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
// on the users option)
if(_config->FindB("Acquire::PDiffs",true) == true)
new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
(*Target)->ShortDesc, ExpectedIndexMD5);
(*Target)->ShortDesc, ExpectedIndexHash);
else
new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
(*Target)->ShortDesc, ExpectedIndexMD5);
(*Target)->ShortDesc, ExpectedIndexHash);
}
}
@ -1309,7 +1295,12 @@ bool pkgAcqArchive::QueueNext()
return false;
string PkgFile = Parse.FileName();
MD5 = Parse.MD5Hash();
if(Parse.SHA256Hash() != "")
hash = HashString("SHA256", Parse.SHA256Hash());
else if (Parse.SHA1Hash() != "")
hash = HashString("SHA1", Parse.SHA1Hash());
else
hash = HashString("MD5Sum", Parse.MD5Hash());
if (PkgFile.empty() == true)
return _error->Error(_("The package index files are corrupted. No Filename: "
"field for package %s."),
@ -1389,10 +1380,10 @@ bool pkgAcqArchive::QueueNext()
// AcqArchive::Done - Finished fetching /*{{{*/
// ---------------------------------------------------------------------
/* */
void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash,
void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash,
pkgAcquire::MethodConfig *Cfg)
{
Item::Done(Message,Size,Md5Hash,Cfg);
Item::Done(Message,Size,CalcHash,Cfg);
// Check the size
if (Size != Version->Size)
@ -1402,17 +1393,14 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash,
return;
}
// Check the md5
if (Md5Hash.empty() == false && MD5.empty() == false)
// Check the hash
if(!hash.VerifyFile(DestFile))
{
if (Md5Hash != MD5)
{
Status = StatError;
ErrorText = _("MD5Sum mismatch");
if(FileExists(DestFile))
Rename(DestFile,DestFile + ".FAILED");
return;
}
Status = StatError;
ErrorText = _("MD5Sum mismatch");
if(FileExists(DestFile))
Rename(DestFile,DestFile + ".FAILED");
return;
}
// Grab the output filename
@ -1507,7 +1495,7 @@ void pkgAcqArchive::Finished()
pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
unsigned long Size,string Dsc,string ShortDesc,
const string &DestDir, const string &DestFilename) :
Item(Owner), Md5Hash(MD5)
Item(Owner), hash(MD5)
{
Retries = _config->FindI("Acquire::Retries",0);
@ -1544,23 +1532,20 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
// AcqFile::Done - Item downloaded OK /*{{{*/
// ---------------------------------------------------------------------
/* */
void pkgAcqFile::Done(string Message,unsigned long Size,string MD5,
void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash,
pkgAcquire::MethodConfig *Cnf)
{
Item::Done(Message,Size,CalcHash,Cnf);
// Check the md5
if (Md5Hash.empty() == false && MD5.empty() == false)
if(!hash.VerifyFile(DestFile))
{
if (Md5Hash != MD5)
{
Status = StatError;
ErrorText = "MD5Sum mismatch";
Rename(DestFile,DestFile + ".FAILED");
return;
}
Status = StatError;
ErrorText = "MD5Sum mismatch";
Rename(DestFile,DestFile + ".FAILED");
return;
}
Item::Done(Message,Size,MD5,Cnf);
string FileName = LookupTag(Message,"Filename");
if (FileName.empty() == true)
{

75
apt-pkg/acquire-item.h
View File

@ -12,7 +12,7 @@
Three item classes are provided to provide functionality for
downloading of Index, Translation and Packages files.
A Archive class is provided for downloading .deb files. It does Md5
A Archive class is provided for downloading .deb files. It does Hash
checking and source location as well as a retry algorithm.
##################################################################### */
@ -26,7 +26,7 @@
#include <apt-pkg/sourcelist.h>
#include <apt-pkg/pkgrecords.h>
#include <apt-pkg/indexrecords.h>
#include <apt-pkg/hashes.h>
/** \addtogroup acquire
* @{
@ -187,12 +187,12 @@ class pkgAcquire::Item
* \param Message Data from the acquire method. Use LookupTag()
* to parse it.
* \param Size The size of the object that was fetched.
* \param Md5Hash The MD5Sum of the object that was fetched.
* \param Hash The HashSum of the object that was fetched.
* \param Cnf The method via which the object was fetched.
*
* \sa pkgAcqMethod
*/
virtual void Done(string Message,unsigned long Size,string Md5Hash,
virtual void Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cnf);
/** \brief Invoked when the worker starts to fetch this object.
@ -230,12 +230,12 @@ class pkgAcquire::Item
/** \brief Invoked by the worker when the download is completely done. */
virtual void Finished() {};
/** \brief MD5Sum.
/** \brief HashSum
*
* \return the MD5Sum of this object, if applicable; otherwise, an
* \return the HashSum of this object, if applicable; otherwise, an
* empty string.
*/
virtual string MD5Sum() {return string();};
virtual string HashSum() {return string();};
/** \return the acquire process with which this item is associated. */
pkgAcquire *GetOwner() {return Owner;};
@ -297,10 +297,10 @@ class pkgAcqDiffIndex : public pkgAcquire::Item
*/
string RealURI;
/** \brief The MD5Sum that the real index file should have after
/** \brief The Hash that the real index file should have after
* all patches have been applied.
*/
string ExpectedMD5;
HashString ExpectedHash;
/** \brief The index file which will be patched to generate the new
* file.
@ -343,10 +343,10 @@ class pkgAcqDiffIndex : public pkgAcquire::Item
*
* \param ShortDesc A short description of the list file to download.
*
* \param ExpectedMD5 The list file's MD5 signature.
* \param ExpectedHash The list file's MD5 signature.
*/
pkgAcqDiffIndex(pkgAcquire *Owner,string URI,string URIDesc,
string ShortDesc, string ExpectedMD5);
string ShortDesc, HashString ExpectedHash);
};
/** \brief An item that is responsible for fetching all the patches
@ -379,7 +379,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
* finishes downloading.
*
* Dequeues the item and checks the resulting file's md5sum
* against ExpectedMD5 after the last patch was applied.
* against ExpectedHash after the last patch was applied.
* There is no need to check the md5/sha1 after a "normal"
* patch because QueueNextDiff() will check the sha1 later.
*
@ -405,10 +405,10 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
*/
string RealURI;
/** \brief The MD5Sum of the package index file that is being
/** \brief The HashSum of the package index file that is being
* reconstructed.
*/
string ExpectedMD5;
HashString ExpectedHash;
/** A description of the file being downloaded. */
string Description;
@ -465,7 +465,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
*
* \param ShortDesc A brief description of this item.
*
* \param ExpectedMD5 The expected md5sum of the completely
* \param ExpectedHash The expected md5sum of the completely
* reconstructed package index file; the index file will be tested
* against this value when it is entirely reconstructed.
*
@ -474,7 +474,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
* that depends on it.
*/
pkgAcqIndexDiffs(pkgAcquire *Owner,string URI,string URIDesc,
string ShortDesc, string ExpectedMD5,
string ShortDesc, HashString ExpectedHash,
vector<DiffInfo> diffs=vector<DiffInfo>());
};
@ -507,8 +507,8 @@ class pkgAcqIndex : public pkgAcquire::Item
*/
string RealURI;
/** \brief The expected md5sum of the decompressed index file. */
string ExpectedMD5;
/** \brief The expected hashsum of the decompressed index file. */
HashString ExpectedHash;
/** \brief The compression-related file extension that is being
* added to the downloaded file (e.g., ".gz" or ".bz2").
@ -535,14 +535,14 @@ class pkgAcqIndex : public pkgAcquire::Item
*
* \param ShortDesc A brief description of this index file.
*
* \param ExpectedMD5 The expected md5sum of this index file.
* \param ExpectedHash The expected hashsum of this index file.
*
* \param compressExt The compression-related extension with which
* this index file should be downloaded, or "" to autodetect
* (".bz2" is used if bzip2 is installed, ".gz" otherwise).
*/
pkgAcqIndex(pkgAcquire *Owner,string URI,string URIDesc,
string ShortDesc, string ExpectedMD5, string compressExt="");
string ShortDesc, HashString ExpectedHash, string compressExt="");
};
/** \brief An acquire item that is responsible for fetching a
@ -569,7 +569,7 @@ class pkgAcqIndexTrans : public pkgAcqIndex
*
* \param ShortDesc A brief description of this index file.
*
* \param ExpectedMD5 The expected md5sum of this index file.
* \param ExpectedHash The expected hashsum of this index file.
*
* \param compressExt The compression-related extension with which
* this index file should be downloaded, or "" to autodetect
@ -661,9 +661,9 @@ class pkgAcqMetaSig : public pkgAcquire::Item
*
* Once the download and verification are complete, the downloads of
* the individual index files are queued up using pkgAcqDiffIndex.
* If the meta-index file had a valid signature, the expected md5sums
* If the meta-index file had a valid signature, the expected hashsums
* of the index files will be the md5sums listed in the meta-index;
* otherwise, the expected md5sums will be "" (causing the
* otherwise, the expected hashsums will be "" (causing the
* authentication of the index files to be bypassed).
*/
class pkgAcqMetaIndex : public pkgAcquire::Item
@ -727,11 +727,11 @@ class pkgAcqMetaIndex : public pkgAcquire::Item
/** \brief Starts downloading the individual index files.
*
* \param verify If \b true, only indices whose expected md5sum
* \param verify If \b true, only indices whose expected hashsum
* can be determined from the meta-index will be downloaded, and
* the md5sums of indices will be checked (reporting
* the hashsums of indices will be checked (reporting
* #StatAuthError if there is a mismatch). If verify is \b false,
* no md5sum checking will be performed.
* no hashsum checking will be performed.
*/
void QueueIndexes(bool verify);
@ -739,7 +739,7 @@ class pkgAcqMetaIndex : public pkgAcquire::Item
// Specialized action members
virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
virtual void Done(string Message,unsigned long Size,string Md5Hash,
virtual void Done(string Message,unsigned long Size, string Hash,
pkgAcquire::MethodConfig *Cnf);
virtual string Custom600Headers();
virtual string DescURI() {return RealURI; };
@ -776,8 +776,8 @@ class pkgAcqArchive : public pkgAcquire::Item
*/
pkgRecords *Recs;
/** \brief The md5sum of this package. */
string MD5;
/** \brief The hashsum of this package. */
HashString hash;
/** \brief A location in which the actual filename of the package
* should be stored.
@ -805,13 +805,12 @@ class pkgAcqArchive : public pkgAcquire::Item
public:
virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
virtual void Done(string Message,unsigned long Size,string Md5Hash,
virtual void Done(string Message,unsigned long Size,string Hash,
pkgAcquire::MethodConfig *Cnf);
virtual string MD5Sum() {return MD5;};
virtual string DescURI() {return Desc.URI;};
virtual string ShortDesc() {return Desc.ShortDesc;};
virtual void Finished();
virtual string HashSum() {return hash.toStr(); };
virtual bool IsTrusted();
/** \brief Create a new pkgAcqArchive.
@ -848,8 +847,8 @@ class pkgAcqFile : public pkgAcquire::Item
/** \brief The currently active download process. */
pkgAcquire::ItemDesc Desc;
/** \brief The md5sum of the file to download, if it is known. */
string Md5Hash;
/** \brief The hashsum of the file to download, if it is known. */
HashString hash;
/** \brief How many times to retry the download, set from
* Acquire::Retries.
@ -860,9 +859,9 @@ class pkgAcqFile : public pkgAcquire::Item
// Specialized action members
virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
virtual void Done(string Message,unsigned long Size,string Md5Hash,
virtual void Done(string Message,unsigned long Size,string CalcHash,
pkgAcquire::MethodConfig *Cnf);
virtual string MD5Sum() {return Md5Hash;};
virtual string HashSum() {return hash.toStr(); };
virtual string DescURI() {return Desc.URI;};
/** \brief Create a new pkgAcqFile object.
@ -872,7 +871,7 @@ class pkgAcqFile : public pkgAcquire::Item
*
* \param URI The URI to download.
*
* \param MD5 The md5sum of the file to download, if it is known;
* \param Hash The hashsum of the file to download, if it is known;
* otherwise "".
*
* \param Size The size of the file to download, if it is known;
@ -894,7 +893,7 @@ class pkgAcqFile : public pkgAcquire::Item
* is the absolute name to which the file should be downloaded.
*/
pkgAcqFile(pkgAcquire *Owner, string URI, string MD5, unsigned long Size,
pkgAcqFile(pkgAcquire *Owner, string URI, string Hash, unsigned long Size,
string Desc, string ShortDesc,
const string &DestDir="", const string &DestFilename="");
};

84
apt-pkg/contrib/hashes.cc
View File

@ -12,11 +12,95 @@
/*}}}*/
// Include Files /*{{{*/
#include <apt-pkg/hashes.h>
#include <apt-pkg/fileutl.h>
#include <apt-pkg/configuration.h>
#include <unistd.h>
#include <system.h>
#include <string>
#include <iostream>
/*}}}*/
const char* HashString::_SupportedHashes[] =
{
"SHA256", "SHA1", "MD5Sum", NULL
};
HashString::HashString()
{
}
HashString::HashString(string Type, string Hash) : Type(Type), Hash(Hash)
{
}
HashString::HashString(string StringedHash)
{
// legacy: md5sum without "MD5Sum:" prefix
if (StringedHash.find(":") == string::npos && StringedHash.size() == 32)
{
Type = "MD5Sum";
Hash = StringedHash;
return;
}
string::size_type pos = StringedHash.find(":");
Type = StringedHash.substr(0,pos-1);
Hash = StringedHash.substr(pos+1, StringedHash.size() - pos);
if(_config->FindB("Debug::Hashes",false) == true)
std::clog << "HashString(string): " << Type << " : " << Hash << std::endl;
}
bool HashString::VerifyFile(string filename) const
{
FileFd fd;
MD5Summation MD5;
SHA1Summation SHA1;
SHA256Summation SHA256;
string fileHash;
FileFd Fd(filename, FileFd::ReadOnly);
if(Type == "MD5Sum")
{
MD5.AddFD(Fd.Fd(), Fd.Size());
fileHash = (string)MD5.Result();
}
else if (Type == "SHA1")
{
SHA1.AddFD(Fd.Fd(), Fd.Size());
fileHash = (string)SHA1.Result();
}
else if (Type == "SHA256")
{
SHA256.AddFD(Fd.Fd(), Fd.Size());
fileHash = (string)SHA256.Result();
}
Fd.Close();
if(_config->FindB("Debug::Hashes",false) == true)
std::clog << "HashString::VerifyFile: got: " << fileHash << " expected: " << toStr() << std::endl;
return (fileHash == Hash);
}
const char** HashString::SupportedHashes()
{
return _SupportedHashes;
}
bool HashString::empty() const
{
return (Type.empty() || Hash.empty());
}
string HashString::toStr() const
{
return Type+string(":")+Hash;
}
// Hashes::AddFD - Add the contents of the FD /*{{{*/
// ---------------------------------------------------------------------
/* */

27
apt-pkg/contrib/hashes.h
View File

@ -19,8 +19,35 @@
#include <apt-pkg/sha256.h>
#include <algorithm>
#include <vector>
using std::min;
using std::vector;
// helper class that contains hash function name
// and hash
class HashString
{
protected:
string Type;
string Hash;
static const char * _SupportedHashes[10];
public:
HashString(string Type, string Hash);
HashString(string StringedHashString); // init from str as "type:hash"
HashString();
// verify the given filename against the currently loaded hash
bool VerifyFile(string filename) const;
// helper
string toStr() const; // convert to str as "type:hash"
bool empty() const;
// return the list of hashes we support
static const char** SupportedHashes();
};
class Hashes
{

2
apt-pkg/deb/debmetaindex.cc
View File

@ -144,7 +144,7 @@ bool debReleaseIndex::GetIndexes(pkgAcquire *Owner, bool GetAll) const
vector <struct IndexTarget *> *targets = ComputeIndexTargets();
for (vector <struct IndexTarget*>::const_iterator Target = targets->begin(); Target != targets->end(); Target++) {
new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
(*Target)->ShortDesc, "");
(*Target)->ShortDesc, HashString());
}
}
new pkgAcqMetaSig(Owner, MetaIndexURI("Release.gpg"),

8
apt-pkg/deb/debrecords.cc
View File

@ -67,6 +67,14 @@ string debRecordParser::SHA1Hash()
return Section.FindS("SHA1");
}
/*}}}*/
// RecordParser::SHA1Hash - Return the archive hash /*{{{*/
// ---------------------------------------------------------------------
/* */
string debRecordParser::SHA256Hash()
{
return Section.FindS("SHA256");
}
/*}}}*/
// RecordParser::Maintainer - Return the maintainer email /*{{{*/
// ---------------------------------------------------------------------
/* */

1
apt-pkg/deb/debrecords.h
View File

@ -35,6 +35,7 @@ class debRecordParser : public pkgRecords::Parser
virtual string FileName();
virtual string MD5Hash();
virtual string SHA1Hash();
virtual string SHA256Hash();
virtual string SourcePkg();
virtual string SourceVer();

13
apt-pkg/indexcopy.cc
View File

@ -528,23 +528,16 @@ bool SigVerify::Verify(string prefix, string file, indexRecords *MetaIndex)
return false;
}
MD5Summation sum;
FileFd Fd(prefix+file, FileFd::ReadOnly);
sum.AddFD(Fd.Fd(), Fd.Size());
Fd.Close();
string MD5 = (string)sum.Result();
if (Record->MD5Hash != MD5)
if (!Record->Hash.VerifyFile(prefix+file))
{
_error->Warning("MD5 mismatch for: %s",file.c_str());
_error->Warning("Hash mismatch for: %s",file.c_str());
return false;
}
if(_config->FindB("Debug::aptcdrom",false))
{
cout << "File: " << prefix+file << endl;
cout << "Expected MD5sum: " << Record->MD5Hash << endl;
cout << "got: " << MD5 << endl << endl;
cout << "Expected Hash " << Record->Hash.toStr() << endl;
}
return true;

48
apt-pkg/indexrecords.cc
View File

@ -50,32 +50,38 @@ bool indexRecords::Load(const string Filename)
const char *Start, *End;
Section.Get (Start, End, 0);
Suite = Section.FindS("Suite");
Dist = Section.FindS("Codename");
// if (Dist.empty())
// {
// ErrorText = _(("No Codename entry in Release file " + Filename).c_str());
// return false;
// }
if (!Section.Find("MD5Sum", Start, End))
int i;
for (i=0;HashString::SupportedHashes()[i] != NULL; i++)
{
ErrorText = _(("No MD5Sum entry in Release file " + Filename).c_str());
return false;
if (!Section.Find(HashString::SupportedHashes()[i], Start, End))
continue;
string Name;
string Hash;
size_t Size;
while (Start < End)
{
if (!parseSumData(Start, End, Name, Hash, Size))
return false;
indexRecords::checkSum *Sum = new indexRecords::checkSum;
Sum->MetaKeyFilename = Name;
Sum->Hash = HashString(HashString::SupportedHashes()[i],Hash);
Sum->Size = Size;
Entries[Name] = Sum;
}
break;
}
string Name;
string MD5Hash;
size_t Size;
while (Start < End)
if(HashString::SupportedHashes()[i] == NULL)
{
if (!parseSumData(Start, End, Name, MD5Hash, Size))
return false;
indexRecords::checkSum *Sum = new indexRecords::checkSum;
Sum->MetaKeyFilename = Name;
Sum->MD5Hash = MD5Hash;
Sum->Size = Size;
Entries[Name] = Sum;
}
ErrorText = _(("No Hash entry in Release file " + Filename).c_str());
return false;
}
string Strdate = Section.FindS("Date"); // FIXME: verify this somehow?
return true;
}

3
apt-pkg/indexrecords.h
View File

@ -8,6 +8,7 @@
#include <apt-pkg/pkgcache.h>
#include <apt-pkg/fileutl.h>
#include <apt-pkg/hashes.h>
#include <map>
#include <vector>
@ -45,7 +46,7 @@ class indexRecords
struct indexRecords::checkSum
{
string MetaKeyFilename;
string MD5Hash;
HashString Hash;
size_t Size;
};

1
apt-pkg/pkgrecords.h
View File

@ -57,6 +57,7 @@ class pkgRecords::Parser
virtual string FileName() {return string();};
virtual string MD5Hash() {return string();};
virtual string SHA1Hash() {return string();};
virtual string SHA256Hash() {return string();};
virtual string SourcePkg() {return string();};
virtual string SourceVer() {return string();};

4
apt-pkg/tagfile.h
View File

@ -30,8 +30,8 @@ class pkgTagSection
const char *Stop;
// We have a limit of 256 tags per section.
unsigned short Indexes[256];
unsigned short AlphaIndexes[0x100];
unsigned int Indexes[256];
unsigned int AlphaIndexes[0x100];
unsigned int TagCount;

6
cmdline/apt-get.cc
View File

@ -918,7 +918,7 @@ bool InstallPackages(CacheFile &Cache,bool ShwKept,bool Ask = true,
pkgAcquire::UriIterator I = Fetcher.UriBegin();
for (; I != Fetcher.UriEnd(); I++)
cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' <<
I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
return true;
}
@ -1359,7 +1359,7 @@ bool DoUpdate(CommandLine &CmdL)
pkgAcquire::UriIterator I = Fetcher.UriBegin();
for (; I != Fetcher.UriEnd(); I++)
cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' <<
I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
return true;
}
@ -2211,7 +2211,7 @@ bool DoSource(CommandLine &CmdL)
pkgAcquire::UriIterator I = Fetcher.UriBegin();
for (; I != Fetcher.UriEnd(); I++)
cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' <<
I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
return true;
}

Write Preview
Loading…
Cancel
Save