Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits d95705a
don't use the fuck libmd which conflict with libcrypto instead use our own sha256_file and sha256_str based on openssl
Baptiste Daroussin committed 15 years ago
commit d95705ab6d01f5fc260f694efece1b9a4fbf56a6
parent f964efb
5 files changed +59 -7
modified libpkg/pkg_delete.c
@@ -1,7 +1,6 @@
#include <string.h>

#include <err.h>

#include <unistd.h>
- 
#include <sha256.h>

#include <search.h>

#include <archive.h>

#include <archive_entry.h>
@@ -112,7 +111,7 @@ pkg_delete(struct pkg *pkg, struct pkgdb *db, int force)
	for (i = 0; files[i] != NULL; i++) {

		/* check sha256 */

		if (pkg_file_sha256(files[i])[0] != '\0' &&
- 
			(SHA256_File(pkg_file_path(files[i]), sha256) == NULL ||
+ 
			(sha256_file(pkg_file_path(files[i]), sha256) == -1 ||

			strcmp(sha256, pkg_file_sha256(files[i])) != 0))

			warnx("%s fails original SHA256 checksum, not removed",

					pkg_file_path(files[i]));
modified libpkg/pkg_ports.c
@@ -1,7 +1,6 @@
#include <sys/stat.h>



#include <err.h>
- 
#include <sha256.h>

#include <string.h>

#include <stdio.h>

#include <stdlib.h>
@@ -91,7 +90,9 @@ ports_parse_plist(struct pkg *pkg, char *plist)
				snprintf(path, MAXPATHLEN, "%s/%s", prefix, buf);



			if (lstat(path, &st) >= 0) {
- 
				p = S_ISLNK(st.st_mode) ? NULL : SHA256_File(path, sha256);
+ 
				if (!S_ISLNK(st.st_mode) && sha256_file(path, sha256) == 0)
+ 
					p = sha256;
+ 


				flatsize += st.st_size;

			} else {

				warn("lstat(%s)", path);
modified libpkg/pkg_util.c
@@ -11,6 +11,9 @@
#include <unistd.h>

#include <string.h>
+
+ 
#include <openssl/sha.h>
+ 


#include "pkg.h"

#include "pkg_error.h"

#include "pkg_util.h"
@@ -227,3 +230,52 @@ is_dir(const char *path)


	return (stat(path, &st) == 0 && S_ISDIR(st.st_mode));

}
+
+ 
static void
+ 
sha256_hash(unsigned char hash[SHA256_DIGEST_LENGTH], char out[65])
+ 
{
+ 
	int i;
+ 
	for (i = 0; i < SHA256_DIGEST_LENGTH; i++)
+ 
		sprintf(out + (i * 2), "%02x", hash[i]);
+
+ 
	out[64] = '\0';
+ 
}
+
+ 
void
+ 
sha256_str(const char *string, char out[65])
+ 
{
+ 
	unsigned char hash[SHA256_DIGEST_LENGTH];
+ 
	SHA256_CTX sha256;
+
+ 
	SHA256_Init(&sha256);
+ 
	SHA256_Update(&sha256, string, strlen(string));
+ 
	SHA256_Final(hash, &sha256);
+
+ 
	sha256_hash(hash, out);
+ 
}
+
+ 
int
+ 
sha256_file(const char *path, char out[65])
+ 
{
+ 
	FILE *file = fopen(path, "rb");
+ 
	char buffer[BUFSIZ];
+ 
	unsigned char hash[SHA256_DIGEST_LENGTH];
+ 
	int r = 0;
+ 
	SHA256_CTX sha256;
+
+ 
	if (!file) return -1;
+
+ 
	SHA256_Init(&sha256);
+
+ 
	while ((r = fread(buffer, 1, BUFSIZ, file)))
+ 
		SHA256_Update(&sha256, buffer, r);
+
+ 
	SHA256_Final(hash, &sha256);
+
+ 
	sha256_hash(hash, out);
+
+ 
	fclose(file);
+
+ 
	return 0;
+ 
}
+
modified libpkg/pkg_util.h
@@ -30,6 +30,6 @@ int split_chr(char *, char);
int file_fetch(const char *, const char *);

int is_dir(const char *);
- 
int rsa_sign(const char *, const char *, char **);
-
+ 
int sha256_file(const char *, char[65]);
+ 
void sha256_str(const char *, char[65]);

#endif
modified libpkg/pkgdb.c
@@ -853,7 +853,7 @@ pkgdb_register_pkg(struct pkgdb *db, struct pkg *pkg)
	 */

	mtree = pkg_get(pkg, PKG_MTREE);

	if (mtree != NULL) {
- 
		SHA256_Data(mtree, strlen(mtree), mtree_sha256);
+ 
		sha256_str(mtree, mtree_sha256);



		/* Try to find the mtree in the database */

		if (sqlite3_prepare_v2(s, sql_sel_mtree, -1, &stmt_sel_mtree, NULL)