We read the entire input file we want to patch anyhow, so we can also
calculate the hash for that file and compare it with what he had
expected it to be.
Note that this isn't really a security improvement as a) the file we
patch is trusted & b) if the input is incorrect, the result will hardly be
matching, so this is just for failing slightly earlier with a more
relevant error message (althrough, in terms of rred its ignored and
complete download attempt instead).
if(State != StateApplyDiff)
return pkgAcqBaseIndex::Custom600Headers();
std::ostringstream patchhashes;
if(State != StateApplyDiff)
return pkgAcqBaseIndex::Custom600Headers();
std::ostringstream patchhashes;
- HashStringList const ExpectedHashes = available_patches[0].patch_hashes;
- for (HashStringList::const_iterator hs = ExpectedHashes.begin(); hs != ExpectedHashes.end(); ++hs)
- patchhashes << "\nPatch-0-" << hs->HashType() << "-Hash: " << hs->HashValue();
+ for (auto && hs : available_patches[0].result_hashes)
+ patchhashes << "\nStart-" << hs.HashType() << "-Hash: " << hs.HashValue();
+ for (auto && hs : available_patches[0].patch_hashes)
+ patchhashes << "\nPatch-0-" << hs.HashType() << "-Hash: " << hs.HashValue();
patchhashes << pkgAcqBaseIndex::Custom600Headers();
return patchhashes.str();
}
patchhashes << pkgAcqBaseIndex::Custom600Headers();
return patchhashes.str();
}
return pkgAcqBaseIndex::Custom600Headers();
std::ostringstream patchhashes;
unsigned int seen_patches = 0;
return pkgAcqBaseIndex::Custom600Headers();
std::ostringstream patchhashes;
unsigned int seen_patches = 0;
+ for (auto && hs : (*allPatches)[0]->patch.result_hashes)
+ patchhashes << "\nStart-" << hs.HashType() << "-Hash: " << hs.HashValue();
for (std::vector<pkgAcqIndexMergeDiffs *>::const_iterator I = allPatches->begin();
I != allPatches->end(); ++I)
{
for (std::vector<pkgAcqIndexMergeDiffs *>::const_iterator I = allPatches->begin();
I != allPatches->end(); ++I)
{
FileChanges filechanges;
MemBlock add_text;
FileChanges filechanges;
MemBlock add_text;
- static bool retry_fwrite(char *b, size_t l, FileFd &f, Hashes *hash)
+ static bool retry_fwrite(char *b, size_t l, FileFd &f, Hashes * const start_hash, Hashes * const end_hash = nullptr)
{
if (f.Write(b, l) == false)
return false;
{
if (f.Write(b, l) == false)
return false;
- if (hash)
- hash->Add((unsigned char*)b, l);
+ if (start_hash)
+ start_hash->Add((unsigned char*)b, l);
+ if (end_hash)
+ end_hash->Add((unsigned char*)b, l);
- static void dump_rest(FileFd &o, FileFd &i, Hashes *hash)
+ static void dump_rest(FileFd &o, FileFd &i,
+ Hashes * const start_hash, Hashes * const end_hash)
{
char buffer[BLOCK_SIZE];
unsigned long long l = 0;
while (i.Read(buffer, sizeof(buffer), &l)) {
{
char buffer[BLOCK_SIZE];
unsigned long long l = 0;
while (i.Read(buffer, sizeof(buffer), &l)) {
- if (l ==0 || !retry_fwrite(buffer, l, o, hash))
+ if (l ==0 || !retry_fwrite(buffer, l, o, start_hash, end_hash))
- static void dump_lines(FileFd &o, FileFd &i, size_t n, Hashes *hash)
+ static void dump_lines(FileFd &o, FileFd &i, size_t n,
+ Hashes * const start_hash, Hashes * const end_hash)
{
char buffer[BLOCK_SIZE];
while (n > 0) {
{
char buffer[BLOCK_SIZE];
while (n > 0) {
size_t const l = strlen(buffer);
if (l == 0 || buffer[l-1] == '\n')
n--;
size_t const l = strlen(buffer);
if (l == 0 || buffer[l-1] == '\n')
n--;
- retry_fwrite(buffer, l, o, hash);
+ retry_fwrite(buffer, l, o, start_hash, end_hash);
- static void skip_lines(FileFd &i, int n)
+ static void skip_lines(FileFd &i, int n, Hashes * const start_hash)
{
char buffer[BLOCK_SIZE];
while (n > 0) {
{
char buffer[BLOCK_SIZE];
while (n > 0) {
size_t const l = strlen(buffer);
if (l == 0 || buffer[l-1] == '\n')
n--;
size_t const l = strlen(buffer);
if (l == 0 || buffer[l-1] == '\n')
n--;
+ if (start_hash)
+ start_hash->Add((unsigned char*)buffer, l);
- void apply_against_file(FileFd &out, FileFd &in, Hashes *hash = NULL)
+ void apply_against_file(FileFd &out, FileFd &in,
+ Hashes * const start_hash = nullptr, Hashes * const end_hash = nullptr)
{
std::list<struct Change>::iterator ch;
for (ch = filechanges.begin(); ch != filechanges.end(); ++ch) {
{
std::list<struct Change>::iterator ch;
for (ch = filechanges.begin(); ch != filechanges.end(); ++ch) {
- dump_lines(out, in, ch->offset, hash);
- skip_lines(in, ch->del_cnt);
- dump_mem(out, ch->add, ch->add_len, hash);
+ dump_lines(out, in, ch->offset, start_hash, end_hash);
+ skip_lines(in, ch->del_cnt, start_hash);
+ dump_mem(out, ch->add, ch->add_len, end_hash);
- dump_rest(out, in, hash);
+ dump_rest(out, in, start_hash, end_hash);
std::vector<PDiffFile> patchfiles;
Patch patch;
std::vector<PDiffFile> patchfiles;
Patch patch;
+ HashStringList StartHashes;
+ for (char const * const * type = HashString::SupportedHashes(); *type != nullptr; ++type)
+ {
+ std::string tagname;
+ strprintf(tagname, "Start-%s-Hash", *type);
+ std::string const hashsum = LookupTag(Message, tagname.c_str());
+ if (hashsum.empty() == false)
+ StartHashes.push_back(HashString(*type, hashsum));
+ }
+
if (FileExists(Path + ".ed") == true)
{
HashStringList const ExpectedHashes = ReadExpectedHashesForPatch(0, Message);
if (FileExists(Path + ".ed") == true)
{
HashStringList const ExpectedHashes = ReadExpectedHashesForPatch(0, Message);
return _error->Error("Failed to open out %s", Itm->DestFile.c_str());
}
return _error->Error("Failed to open out %s", Itm->DestFile.c_str());
}
- Hashes hash(Itm->ExpectedHashes);
- patch.apply_against_file(out, inp, &hash);
+ Hashes end_hash(Itm->ExpectedHashes);
+ if (StartHashes.usable())
+ {
+ Hashes start_hash(StartHashes);
+ patch.apply_against_file(out, inp, &start_hash, &end_hash);
+ if (start_hash.GetHashStringList() != StartHashes)
+ _error->Error("The input file hadn't the expected hash!");
+ }
+ else
+ patch.apply_against_file(out, inp, nullptr, &end_hash);
out.Close();
inp.Close();
out.Close();
inp.Close();
Res.LastModified = bufbase.st_mtime;
Res.Size = bufbase.st_size;
Res.LastModified = bufbase.st_mtime;
Res.Size = bufbase.st_size;
+ Res.TakeHashes(end_hash);
URIDone(Res);
return true;
URIDone(Res);
return true;
projects / apt.git / commitdiff
