From 8a8feb29265b3dfc27f82072563a641a7976752a Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 30 Jul 2007 17:47:05 +0200 Subject: * apt-pkg/acquire-item.{cc,h}: - rename "hash" into ExpectedHash in pkgAcqFile, pkgAcqIndex - add missing HashSum() call to class pkgAcqIndex - use the data provided by acquire-method (and send via the {SHA256,SHA1,MD5Sum}-Hash tag when comparing the hash, this avoids calculating the hash twice (just like old libapt) * apt-pkg/acquire-method.cc: - send MD5Sum-Hash tag to libapt to be consistant with HashString::SupportedHashes() * apt-pkg/acquire-worker.cc: - check with "Owner->HashSum().HashType()" what hash the frontend is expecting and pass it to pkgAcquireItem::Done() in the new HashString format - add some debugging output * apt-pkg/contrib/hashes.cc: - fix off-by-one error when constructing a HashString from a single input string * apt-pkg/contrib/hashes.h: - add "HashType()" method * apt-pkg/init.h, apt-pkg/makefile, methods/makefile: - break ABI --- apt-pkg/acquire-item.cc | 18 +++++++++--------- apt-pkg/acquire-item.h | 9 +++++---- apt-pkg/acquire-method.cc | 3 +++ apt-pkg/acquire-worker.cc | 17 ++++++++++++++++- apt-pkg/contrib/hashes.cc | 2 +- apt-pkg/contrib/hashes.h | 3 +++ apt-pkg/init.h | 2 +- apt-pkg/makefile | 2 +- methods/makefile | 2 +- 9 files changed, 40 insertions(+), 18 deletions(-) diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index a7132ce1d..c48502bb9 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -641,7 +641,7 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash, std::cerr << " Expected Hash: " << ExpectedHash.toStr() << std::endl; } - if (!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile)) + if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash) { Status = StatAuthError; ErrorText = _("Hash Sum mismatch"); @@ -1296,11 +1296,11 @@ bool pkgAcqArchive::QueueNext() string PkgFile = Parse.FileName(); if(Parse.SHA256Hash() != "") - hash = HashString("SHA256", Parse.SHA256Hash()); + ExpectedHash = HashString("SHA256", Parse.SHA256Hash()); else if (Parse.SHA1Hash() != "") - hash = HashString("SHA1", Parse.SHA1Hash()); + ExpectedHash = HashString("SHA1", Parse.SHA1Hash()); else - hash = HashString("MD5Sum", Parse.MD5Hash()); + ExpectedHash = HashString("MD5Sum", Parse.MD5Hash()); if (PkgFile.empty() == true) return _error->Error(_("The package index files are corrupted. No Filename: " "field for package %s."), @@ -1394,7 +1394,7 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash, } // Check the hash - if(!hash.VerifyFile(DestFile)) + if(ExpectedHash.toStr() != CalcHash) { Status = StatError; ErrorText = _("Hash Sum mismatch"); @@ -1492,10 +1492,10 @@ void pkgAcqArchive::Finished() // AcqFile::pkgAcqFile - Constructor /*{{{*/ // --------------------------------------------------------------------- /* The file is added to the queue */ -pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5, +pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash, unsigned long Size,string Dsc,string ShortDesc, const string &DestDir, const string &DestFilename) : - Item(Owner), hash(MD5) + Item(Owner), ExpectedHash(Hash) { Retries = _config->FindI("Acquire::Retries",0); @@ -1537,8 +1537,8 @@ void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash, { Item::Done(Message,Size,CalcHash,Cnf); - // Check the md5 - if(!hash.VerifyFile(DestFile)) + // Check the hash + if(ExpectedHash.toStr() != CalcHash) { Status = StatError; ErrorText = "Hash Sum mismatch"; diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h index 08b75c6d2..edd910230 100644 --- a/apt-pkg/acquire-item.h +++ b/apt-pkg/acquire-item.h @@ -523,6 +523,7 @@ class pkgAcqIndex : public pkgAcquire::Item pkgAcquire::MethodConfig *Cnf); virtual string Custom600Headers(); virtual string DescURI() {return RealURI + CompressionExtension;}; + virtual string HashSum() {return ExpectedHash.toStr(); }; /** \brief Create a pkgAcqIndex. * @@ -777,7 +778,7 @@ class pkgAcqArchive : public pkgAcquire::Item pkgRecords *Recs; /** \brief The hashsum of this package. */ - HashString hash; + HashString ExpectedHash; /** \brief A location in which the actual filename of the package * should be stored. @@ -810,7 +811,7 @@ class pkgAcqArchive : public pkgAcquire::Item virtual string DescURI() {return Desc.URI;}; virtual string ShortDesc() {return Desc.ShortDesc;}; virtual void Finished(); - virtual string HashSum() {return hash.toStr(); }; + virtual string HashSum() {return ExpectedHash.toStr(); }; virtual bool IsTrusted(); /** \brief Create a new pkgAcqArchive. @@ -848,7 +849,7 @@ class pkgAcqFile : public pkgAcquire::Item pkgAcquire::ItemDesc Desc; /** \brief The hashsum of the file to download, if it is known. */ - HashString hash; + HashString ExpectedHash; /** \brief How many times to retry the download, set from * Acquire::Retries. @@ -861,8 +862,8 @@ class pkgAcqFile : public pkgAcquire::Item virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf); virtual void Done(string Message,unsigned long Size,string CalcHash, pkgAcquire::MethodConfig *Cnf); - virtual string HashSum() {return hash.toStr(); }; virtual string DescURI() {return Desc.URI;}; + virtual string HashSum() {return ExpectedHash.toStr(); }; /** \brief Create a new pkgAcqFile object. * diff --git a/apt-pkg/acquire-method.cc b/apt-pkg/acquire-method.cc index 7dee7d3e7..bc29417f7 100644 --- a/apt-pkg/acquire-method.cc +++ b/apt-pkg/acquire-method.cc @@ -176,7 +176,10 @@ void pkgAcqMethod::URIDone(FetchResult &Res, FetchResult *Alt) TimeRFC1123(Res.LastModified).c_str()); if (Res.MD5Sum.empty() == false) + { End += snprintf(End,sizeof(S)-50 - (End - S),"MD5-Hash: %s\n",Res.MD5Sum.c_str()); + End += snprintf(End,sizeof(S)-50 - (End - S),"MD5Sum-Hash: %s\n",Res.MD5Sum.c_str()); + } if (Res.SHA1Sum.empty() == false) End += snprintf(End,sizeof(S)-50 - (End - S),"SHA1-Hash: %s\n",Res.SHA1Sum.c_str()); if (Res.SHA256Sum.empty() == false) diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc index 25d40ef54..460f59961 100644 --- a/apt-pkg/acquire-worker.cc +++ b/apt-pkg/acquire-worker.cc @@ -267,8 +267,23 @@ bool pkgAcquire::Worker::RunMessages() _error->Warning("Bizarre Error - File size is not what the server reported %s %lu", LookupTag(Message,"Size","0").c_str(),TotalSize); + // see if there is a hash to verify + string RecivedHash; + HashString expectedHash(Owner->HashSum()); + if(!expectedHash.empty()) + { + string hashTag = expectedHash.HashType()+"-Hash"; + RecivedHash = expectedHash.HashType() + ":" + LookupTag(Message, hashTag.c_str()); + if(_config->FindB("Debug::pkgAcquire::Auth", false) == true) + { + clog << "201 URI Done: " << Owner->DescURI() << endl + << "RecivedHash: " << RecivedHash << endl + << "ExpectedHash: " << expectedHash.toStr() + << endl << endl; + } + } Owner->Done(Message,atoi(LookupTag(Message,"Size","0").c_str()), - LookupTag(Message,"MD5-Hash"),Config); + RecivedHash.c_str(), Config); ItemDone(); // Log that we are done diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc index da714f997..fcc2f887c 100644 --- a/apt-pkg/contrib/hashes.cc +++ b/apt-pkg/contrib/hashes.cc @@ -44,7 +44,7 @@ HashString::HashString(string StringedHash) return; } string::size_type pos = StringedHash.find(":"); - Type = StringedHash.substr(0,pos-1); + Type = StringedHash.substr(0,pos); Hash = StringedHash.substr(pos+1, StringedHash.size() - pos); if(_config->FindB("Debug::Hashes",false) == true) diff --git a/apt-pkg/contrib/hashes.h b/apt-pkg/contrib/hashes.h index 86c0eb2ad..93e7b25d9 100644 --- a/apt-pkg/contrib/hashes.h +++ b/apt-pkg/contrib/hashes.h @@ -38,6 +38,9 @@ class HashString HashString(string StringedHashString); // init from str as "type:hash" HashString(); + // get hash type used + string HashType() { return Type; }; + // verify the given filename against the currently loaded hash bool VerifyFile(string filename) const; diff --git a/apt-pkg/init.h b/apt-pkg/init.h index bc0e55036..801c7cfd0 100644 --- a/apt-pkg/init.h +++ b/apt-pkg/init.h @@ -18,7 +18,7 @@ // See the makefile #define APT_PKG_MAJOR 4 -#define APT_PKG_MINOR 4 +#define APT_PKG_MINOR 5 #define APT_PKG_RELEASE 0 extern const char *pkgVersion; diff --git a/apt-pkg/makefile b/apt-pkg/makefile index df9954f67..78c24fe83 100644 --- a/apt-pkg/makefile +++ b/apt-pkg/makefile @@ -13,7 +13,7 @@ include ../buildlib/defaults.mak # methods/makefile - FIXME LIBRARY=apt-pkg LIBEXT=$(GLIBC_VER)$(LIBSTDCPP_VER) -MAJOR=4.4 +MAJOR=4.5 MINOR=0 SLIBS=$(PTHREADLIB) $(INTLLIBS) APT_DOMAIN:=libapt-pkg$(MAJOR) diff --git a/methods/makefile b/methods/makefile index f178cbbea..16900116a 100644 --- a/methods/makefile +++ b/methods/makefile @@ -7,7 +7,7 @@ include ../buildlib/defaults.mak BIN := $(BIN)/methods # FIXME.. -LIB_APT_PKG_MAJOR = 4.4 +LIB_APT_PKG_MAJOR = 4.5 APT_DOMAIN := libapt-pkg$(LIB_APT_PKG_MAJOR) # The file method -- cgit v1.2.3