Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 3ad388e
checksum: use blake2b everywhere we can
Baptiste Daroussin committed 7 days ago
commit 3ad388ece3cb3bf013c4e6ea317f5a7897ed9d91
parent f15d3dc
7 files changed +29 -31
modified libpkg/backup_lib.c
@@ -59,7 +59,7 @@ register_backup(struct pkgdb *db, struct pkg *orig, int fd, const char *libname)
	int retcode;



	sum = pkg_checksum_generate_fileat(fd, RELATIVE_PATH(libname),
- 
	    PKG_HASH_TYPE_SHA256_HEX);
+ 
	    PKG_HASH_TYPE_BLAKE2_BASE32);



	(void)xasprintf(&name, "%s-backup-%s", orig->name, libname);
modified libpkg/pkg_add.c
@@ -214,9 +214,20 @@ attempt_to_merge(int rootfd, struct pkg_config_file *rcf, struct pkg *local,
	lcf_len = strlen(lcf->content);

	if (sz == lcf_len) {

		pkg_debug(2, "Ancient vanilla and deployed conf are the same size testing checksum");
- 
		localsum = pkg_checksum_data(localconf, sz,
- 
		    PKG_HASH_TYPE_SHA256_HEX);
- 
		if (localsum != NULL && lf->sum != NULL && STREQ(localsum, lf->sum)) {
+ 
		const char *expected = lf->sum;
+ 
		pkg_checksum_type_t sum_type;
+ 
		sum_type = pkg_checksum_file_get_type(
+ 
		    expected, expected != NULL ? strlen(expected) : 0);
+ 
		if (sum_type == PKG_HASH_TYPE_UNKNOWN) {
+ 
			sum_type = PKG_HASH_TYPE_SHA256_HEX;
+ 
		} else {
+ 
			expected = strchr(expected, '$');
+ 
			if (expected != NULL)
+ 
				expected++;
+ 
		}
+ 
		localsum = pkg_checksum_data(localconf, sz, sum_type);
+ 
		if (localsum != NULL && expected != NULL &&
+ 
		    STREQ(localsum, expected)) {

			pkg_debug(2, "Checksum are the same %jd", (intmax_t)strlen(localconf));

			free(localsum);

			goto ret;
modified libpkg/pkg_create.c
@@ -121,7 +121,7 @@ pkg_create_from_dir(struct pkg *pkg, const char *root,
		if (trust_filesystem) {

			free(file->sum);

			file->sum = pkg_checksum_generate_file(fpath,
- 
							       PKG_HASH_TYPE_SHA256_HEX);
+ 
							       PKG_HASH_TYPE_BLAKE2_BASE32);

			if (file->sum == NULL) {

				vec_free_and_free(&hardlinks, free);

				return (EPKG_FATAL);
@@ -388,8 +388,8 @@ hash_file(struct pkg *pkg)
	/* Find the hash and rename the file and create a symlink */

	pkg_snprintf(filename, sizeof(filename), "%n-%v.pkg",

			pkg, pkg);
- 
	pkg->sum = pkg_checksum_file(filename,
- 
			PKG_HASH_TYPE_SHA256_HEX);
+ 
	pkg->sum = pkg_checksum_generate_file(filename,
+ 
			PKG_HASH_TYPE_BLAKE2_BASE32);

	pkg_snprintf(hash_dest, sizeof(hash_dest), "%n-%v-%z.pkg",

			pkg, pkg, pkg);
modified libpkg/pkg_ports.c
@@ -363,7 +363,7 @@ meta_file(struct plist *p, char *line, struct file_attr *a, bool is_config)
	}



	buf = pkg_checksum_generate_fileat(p->stagefd, RELATIVE_PATH(path),
- 
	    PKG_HASH_TYPE_SHA256_HEX);
+ 
	    PKG_HASH_TYPE_BLAKE2_BASE32);

	if (buf == NULL) {

		return (EPKG_FATAL);

	}
modified libpkg/private/pkg.h
@@ -448,16 +448,7 @@ struct pkg_repo_meta_key {
	char *name;

};
- 
typedef enum pkg_checksum_type_e {
- 
	PKG_HASH_TYPE_SHA256_BASE32 = 0,
- 
	PKG_HASH_TYPE_SHA256_HEX,
- 
	PKG_HASH_TYPE_BLAKE2_BASE32,
- 
	PKG_HASH_TYPE_SHA256_RAW,
- 
	PKG_HASH_TYPE_BLAKE2_RAW,
- 
	PKG_HASH_TYPE_BLAKE2S_BASE32,
- 
	PKG_HASH_TYPE_BLAKE2S_RAW,
- 
	PKG_HASH_TYPE_UNKNOWN
- 
} pkg_checksum_type_t;
+ 
#include <pkg/checksum.h>



static const char repo_meta_file[] = "meta";
@@ -842,25 +833,21 @@ int pkg_checksum_generate(struct pkg *pkg, char *dest, size_t destlen,
unsigned char * pkg_checksum_data(const unsigned char *in, size_t inlen,

    pkg_checksum_type_t type);

unsigned char *pkg_checksum_fd(int fd, pkg_checksum_type_t type);
- 
unsigned char *pkg_checksum_file(const char *path, pkg_checksum_type_t type);

unsigned char *pkg_checksum_fileat(int fd, const char *path,

    pkg_checksum_type_t type);

unsigned char *pkg_checksum_symlink(const char *path,

    pkg_checksum_type_t type);

unsigned char *pkg_checksum_symlinkat(int fd, const char *path,

    pkg_checksum_type_t type);
- 
int pkg_checksum_validate_file(const char *path, const  char *sum);

int pkg_checksum_validate_fileat(int fd, const char *path, const  char *sum);



bool pkg_checksum_is_valid(const char *cksum, size_t clen);

pkg_checksum_type_t pkg_checksum_get_type(const char *cksum, size_t clen);

pkg_checksum_type_t pkg_checksum_file_get_type(const char *cksum, size_t clen);
- 
pkg_checksum_type_t pkg_checksum_type_from_string(const char *name);

const char* pkg_checksum_type_to_string(pkg_checksum_type_t type);

size_t pkg_checksum_type_size(pkg_checksum_type_t type);

int pkg_checksum_calculate(struct pkg *pkg, struct pkgdb *db, bool inc_scripts,

    bool inc_version, bool inc_files);
- 
char *pkg_checksum_generate_file(const char *path, pkg_checksum_type_t type);

char *pkg_checksum_generate_fileat(int fd, const char *path,

    pkg_checksum_type_t type);
modified tests/frontend/create-parsebin.sh
@@ -10,7 +10,7 @@ genmanifest() {
    shift

    local PKG_FLATSIZE=0

    local PKG_FILES=""
- 
    local PKG_SHA256=""
+ 
    local PKG_SUM=""

    local NL="

"

    local hide_provided="$1"
@@ -21,14 +21,14 @@ genmanifest() {
        local file1="${1%#*}"

        local file1_base=$(basename ${file1})

        local file1_size=$(wc -c < ${file1})
- 
        local file1_sha=$(openssl dgst -sha256 -hex ${file1} | sed -nE 's/.*=[[:space:]]*([[:xdigit:]]+)/\1/p')
+ 
        local file1_sum=$(pkg checksum -q -t blake2_base32 ${file1})

        cp -a ${file1} ${TMPDIR}/${file1_base}

	file1_mtime=$(q_mtime ${TMPDIR}/${file1_base})



        PKG_FILES="${PKG_FILES}/${file1_base}: {perm: 0644}${NL}"
- 
	PKG_SHA256="${PKG_SHA256}
+ 
	PKG_SUM="${PKG_SUM}

    /${file1_base} {
- 
        sum = \"1\$${file1_sha}\";
+ 
        sum = \"${file1_sum}\";

        uname = \"root\";

        gname = \"wheel\";

        perm = \"0644\";
@@ -100,7 +100,7 @@ EOF
    fi



	cat << EOF >> ${PKG_NAME}.expected
- 
files {${PKG_SHA256}
+ 
files {${PKG_SUM}

}

EOF

}
modified tests/frontend/create.sh
@@ -454,7 +454,7 @@ categories [
]

files {

    /A {
- 
        sum = "1\$e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+ 
        sum = "2\$au4ro5mebesgyd5a7xbmnjj41mr91dbeb8sqwojtgwaxt59dwkgrpxbnt3m7qcpkuenjgnp1qnczrek8e5sebr7siki9gajd69gfq8d";

        uname = "root";

        gname = "wheel";

        perm = "0644";
@@ -508,7 +508,7 @@ categories [
]

files {

    /testfile {
- 
        sum = "1\$e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+ 
        sum = "2\$au4ro5mebesgyd5a7xbmnjj41mr91dbeb8sqwojtgwaxt59dwkgrpxbnt3m7qcpkuenjgnp1qnczrek8e5sebr7siki9gajd69gfq8d";

        uname = "root";

        gname = "wheel";

        perm = "0644";
@@ -560,7 +560,7 @@ categories [
]

files {

    /sym-file {
- 
        sum = "1\$a83552cc4e1e92707178239c630b7f05d51124ff2afa7c5595ff4e76cb96cfa4";
+ 
        sum = "2\$4s58ffcfakinh7ahkwx5ksk58ojxubb485btncophmqkh348u4fkomtxh83qbeck4o5qzea5owy9r84m6yn5g5o184s5bgnch1nmkob";

        uname = "root";

        gname = "wheel";

        perm = "0644";
@@ -568,7 +568,7 @@ files {
        mtime = ${sym_file_mtime};

    }

    /testfile {
- 
        sum = "1\$e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+ 
        sum = "2\$au4ro5mebesgyd5a7xbmnjj41mr91dbeb8sqwojtgwaxt59dwkgrpxbnt3m7qcpkuenjgnp1qnczrek8e5sebr7siki9gajd69gfq8d";

        uname = "root";

        gname = "wheel";

        perm = "0644";