f15d3dc checksum: now pkg command to generate a validate checksums — HardenedBSD-pkg

HardenedBSD-pkg

rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9

HardenedBSD Package Manager

checksum: now pkg command to generate a validate checksums

Baptiste Daroussin committed 7 days ago

commit f15d3dc7fcb09cc366453c20ff4decb7e50d6881
parent eb2ac2b

6 files changed +139 -0

modified libpkg/Makefile.in

@@ -210,4 +210,5 @@ install: all pkg.h lib$(LIB)$(LIBSOEXT) lib$(LIB)_flat.a

 	install -m 644 pkg.h $(DESTDIR)$(includedir)/
 	install -m 644 $(top_srcdir)/libpkg/pkg/vec.h $(DESTDIR)$(includedir)/pkg
 	install -m 644 $(top_srcdir)/libpkg/pkg/audit.h $(DESTDIR)$(includedir)/pkg
 	install -m 644 $(top_srcdir)/libpkg/pkg/checksum.h $(DESTDIR)$(includedir)/pkg
 	install -m 644 pkg.pc $(DESTDIR)$(pkgconfigdir)/

added libpkg/pkg/checksum.h

@@ -0,0 +1,26 @@

 /*-
  * Copyright (c) 2026 Baptiste Daroussin <bapt@FreeBSD.org>
  *
  * SPDX-License-Identifier: BSD-2-Clause
  */
 #ifndef PKG_CHECKSUM_H
 #define PKG_CHECKSUM_H
 typedef enum {
 	PKG_HASH_TYPE_SHA256_BASE32 = 0,
 	PKG_HASH_TYPE_SHA256_HEX,
 	PKG_HASH_TYPE_BLAKE2_BASE32,
 	PKG_HASH_TYPE_SHA256_RAW,
 	PKG_HASH_TYPE_BLAKE2_RAW,
 	PKG_HASH_TYPE_BLAKE2S_BASE32,
 	PKG_HASH_TYPE_BLAKE2S_RAW,
 	PKG_HASH_TYPE_UNKNOWN
 } pkg_checksum_type_t;
 unsigned char *pkg_checksum_file(const char *path, pkg_checksum_type_t type);
 char *pkg_checksum_generate_file(const char *path, pkg_checksum_type_t type);
 int pkg_checksum_validate_file(const char *path, const char *sum);
 pkg_checksum_type_t pkg_checksum_type_from_string(const char *name);
 #endif

modified src/Makefile.in

@@ -6,6 +6,7 @@ SRCS= add.c \

 	audit.c \
 	autoremove.c \
 	check.c \
 	checksum.c \
 	clean.c \
 	config.c \
 	create.c \

added src/checksum.c

@@ -0,0 +1,106 @@

 /*-
  * Copyright (c) 2026 Baptiste Daroussin <bapt@FreeBSD.org>
  *
  * SPDX-License-Identifier: BSD-2-Clause
  */
 #include <err.h>
 #include <getopt.h>
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
 #include <pkg.h>
 #include <pkg/checksum.h>
 #include "pkgcli.h"
 void
 usage_checksum(void)
 {
 	fprintf(stderr,
 	    "Usage: pkg checksum [-qt <type>] [-c <hash>] <file> ...\n\n");
 	fprintf(stderr, "Types: sha256_hex (default), sha256_base32, "
 	    "blake2_base32, blake2s_base32\n\n");
 	fprintf(stderr, "For more information see 'pkg help checksum'.\n");
 }
 int
 exec_checksum(int argc, char **argv)
 {
 	const char *type_str = "blake2_base32";
 	const char *check = NULL;
 	int ch;
 	int retcode = EXIT_SUCCESS;
 	struct option longopts[] = {
 		{ "quiet",	no_argument,		NULL,	'q' },
 		{ "type",	required_argument,	NULL,	't' },
 		{ "check",	required_argument,	NULL,	'c' },
 		{ NULL,		0,			NULL,	0   },
 	};
 	while ((ch = getopt_long(argc, argv, "+qt:c:", longopts, NULL)) != -1) {
 		switch (ch) {
 		case 'q':
 			quiet = true;
 			break;
 		case 't':
 			type_str = optarg;
 			break;
 		case 'c':
 			check = optarg;
 			break;
 		default:
 			usage_checksum();
 			return (EXIT_FAILURE);
 		}
 	}
 	argc -= optind;
 	argv += optind;
 	if (argc < 1) {
 		usage_checksum();
 		return (EXIT_FAILURE);
 	}
 	pkg_checksum_type_t type = pkg_checksum_type_from_string(type_str);
 	if (type == PKG_HASH_TYPE_UNKNOWN) {
 		warnx("unknown checksum type: %s", type_str);
 		return (EXIT_FAILURE);
 	}
 	while (argc >= 1) {
 		if (check != NULL) {
 			/* Validate mode */
 			int ret = pkg_checksum_validate_file(argv[0], check);
 			if (ret != 0) {
 				if (!quiet)
 					printf("%s: FAILED\n", argv[0]);
 				retcode = EXIT_FAILURE;
 			} else {
 				if (!quiet)
 					printf("%s: OK\n", argv[0]);
 			}
 		} else {
 			/* Generate mode */
 			char *sum = pkg_checksum_generate_file(argv[0], type);
 			if (sum == NULL) {
 				warnx("cannot compute checksum for %s",
 				    argv[0]);
 				retcode = EXIT_FAILURE;
 			} else {
 				if (quiet)
 					printf("%s\n", sum);
 				else
 					printf("%s (%s)\n", sum, argv[0]);
 				free(sum);
 			}
 		}
 		argc--;
 		argv++;
 	}
 	return (retcode);
 }

modified src/main.c

@@ -64,6 +64,7 @@ static struct commands {

 	{ "audit", "Reports vulnerable packages", exec_audit, usage_audit},
 	{ "autoremove", "Removes orphan packages", exec_autoremove, usage_autoremove},
 	{ "check", "Checks for missing dependencies and database consistency", exec_check, usage_check},
 	{ "checksum", "Computes or validates file checksums", exec_checksum, usage_checksum},
 	{ "clean", "Cleans old packages from the cache", exec_clean, usage_clean},
 	{ "config", "Display the value of the configuration options", exec_config, usage_config},
 	{ "create", "Creates software package distributions", exec_create, usage_create},

modified src/pkgcli.h

@@ -173,6 +173,10 @@ void usage_shell(void);

 int exec_version(int, char **);
 void usage_version(void);
 /* pkg checksum */
 int exec_checksum(int, char **);
 void usage_checksum(void);
 /* pkg which */
 int exec_which(int, char **);
 void usage_which(void);