From 8a8feb29265b3dfc27f82072563a641a7976752a Mon Sep 17 00:00:00 2001
From: Michael Vogt <michael.vogt@ubuntu.com>
Date: Mon, 30 Jul 2007 17:47:05 +0200
Subject: [PATCH] * apt-pkg/acquire-item.{cc,h}:   - rename "hash" into
 ExpectedHash in pkgAcqFile, pkgAcqIndex   - add missing HashSum() call to
 class pkgAcqIndex   - use the data provided by acquire-method (and send via
 the     {SHA256,SHA1,MD5Sum}-Hash tag when comparing the hash, this    
 avoids calculating the hash twice (just like old libapt) *
 apt-pkg/acquire-method.cc:   - send MD5Sum-Hash tag to libapt to be
 consistant with     HashString::SupportedHashes() *
 apt-pkg/acquire-worker.cc:   - check with "Owner->HashSum().HashType()" what
 hash the frontend     is expecting and pass it to pkgAcquireItem::Done() in
 the new     HashString format   - add some debugging output *
 apt-pkg/contrib/hashes.cc:   - fix off-by-one error when constructing a
 HashString from a single     input string * apt-pkg/contrib/hashes.h:   - add
 "HashType()" method * apt-pkg/init.h, apt-pkg/makefile, methods/makefile:   -
 break ABI

---
 apt-pkg/acquire-item.cc   | 18 +++++++++---------
 apt-pkg/acquire-item.h    |  9 +++++----
 apt-pkg/acquire-method.cc |  3 +++
 apt-pkg/acquire-worker.cc | 17 ++++++++++++++++-
 apt-pkg/contrib/hashes.cc |  2 +-
 apt-pkg/contrib/hashes.h  |  3 +++
 apt-pkg/init.h            |  2 +-
 apt-pkg/makefile          |  2 +-
 methods/makefile          |  2 +-
 9 files changed, 40 insertions(+), 18 deletions(-)

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index a7132ce1d..c48502bb9 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -641,7 +641,7 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
          std::cerr << "  Expected Hash: " << ExpectedHash.toStr() << std::endl;
       }
 
-      if (!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
+      if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash)
       {
          Status = StatAuthError;
          ErrorText = _("Hash Sum mismatch");
@@ -1296,11 +1296,11 @@ bool pkgAcqArchive::QueueNext()
       
       string PkgFile = Parse.FileName();
       if(Parse.SHA256Hash() != "")
-	 hash = HashString("SHA256", Parse.SHA256Hash());
+	 ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
       else if (Parse.SHA1Hash() != "")
-	 hash = HashString("SHA1", Parse.SHA1Hash());
+	 ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
       else 
-	 hash = HashString("MD5Sum", Parse.MD5Hash());
+	 ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
       if (PkgFile.empty() == true)
 	 return _error->Error(_("The package index files are corrupted. No Filename: "
 			      "field for package %s."),
@@ -1394,7 +1394,7 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash,
    }
    
    // Check the hash
-   if(!hash.VerifyFile(DestFile))
+   if(ExpectedHash.toStr() != CalcHash)
    {
       Status = StatError;
       ErrorText = _("Hash Sum mismatch");
@@ -1492,10 +1492,10 @@ void pkgAcqArchive::Finished()
 // AcqFile::pkgAcqFile - Constructor					/*{{{*/
 // ---------------------------------------------------------------------
 /* The file is added to the queue */
-pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
+pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
 		       unsigned long Size,string Dsc,string ShortDesc,
 		       const string &DestDir, const string &DestFilename) :
-                       Item(Owner), hash(MD5)
+                       Item(Owner), ExpectedHash(Hash)
 {
    Retries = _config->FindI("Acquire::Retries",0);
    
@@ -1537,8 +1537,8 @@ void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash,
 {
    Item::Done(Message,Size,CalcHash,Cnf);
 
-   // Check the md5
-   if(!hash.VerifyFile(DestFile))
+   // Check the hash
+   if(ExpectedHash.toStr() != CalcHash)
    {
       Status = StatError;
       ErrorText = "Hash Sum mismatch";
diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h
index 08b75c6d2..edd910230 100644
--- a/apt-pkg/acquire-item.h
+++ b/apt-pkg/acquire-item.h
@@ -523,6 +523,7 @@ class pkgAcqIndex : public pkgAcquire::Item
 		     pkgAcquire::MethodConfig *Cnf);
    virtual string Custom600Headers();
    virtual string DescURI() {return RealURI + CompressionExtension;};
+   virtual string HashSum() {return ExpectedHash.toStr(); };
 
    /** \brief Create a pkgAcqIndex.
     *
@@ -777,7 +778,7 @@ class pkgAcqArchive : public pkgAcquire::Item
    pkgRecords *Recs;
 
    /** \brief The hashsum of this package. */
-   HashString hash;
+   HashString ExpectedHash;
 
    /** \brief A location in which the actual filename of the package
     *  should be stored.
@@ -810,7 +811,7 @@ class pkgAcqArchive : public pkgAcquire::Item
    virtual string DescURI() {return Desc.URI;};
    virtual string ShortDesc() {return Desc.ShortDesc;};
    virtual void Finished();
-   virtual string HashSum() {return hash.toStr(); };
+   virtual string HashSum() {return ExpectedHash.toStr(); };
    virtual bool IsTrusted();
    
    /** \brief Create a new pkgAcqArchive.
@@ -848,7 +849,7 @@ class pkgAcqFile : public pkgAcquire::Item
    pkgAcquire::ItemDesc Desc;
 
    /** \brief The hashsum of the file to download, if it is known. */
-   HashString hash;
+   HashString ExpectedHash;
 
    /** \brief How many times to retry the download, set from
     *  Acquire::Retries.
@@ -861,8 +862,8 @@ class pkgAcqFile : public pkgAcquire::Item
    virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
    virtual void Done(string Message,unsigned long Size,string CalcHash,
 		     pkgAcquire::MethodConfig *Cnf);
-   virtual string HashSum() {return hash.toStr(); };
    virtual string DescURI() {return Desc.URI;};
+   virtual string HashSum() {return ExpectedHash.toStr(); };
 
    /** \brief Create a new pkgAcqFile object.
     *
diff --git a/apt-pkg/acquire-method.cc b/apt-pkg/acquire-method.cc
index 7dee7d3e7..bc29417f7 100644
--- a/apt-pkg/acquire-method.cc
+++ b/apt-pkg/acquire-method.cc
@@ -176,7 +176,10 @@ void pkgAcqMethod::URIDone(FetchResult &Res, FetchResult *Alt)
 		      TimeRFC1123(Res.LastModified).c_str());
 
    if (Res.MD5Sum.empty() == false)
+   {
       End += snprintf(End,sizeof(S)-50 - (End - S),"MD5-Hash: %s\n",Res.MD5Sum.c_str());
+      End += snprintf(End,sizeof(S)-50 - (End - S),"MD5Sum-Hash: %s\n",Res.MD5Sum.c_str());
+   }
    if (Res.SHA1Sum.empty() == false)
       End += snprintf(End,sizeof(S)-50 - (End - S),"SHA1-Hash: %s\n",Res.SHA1Sum.c_str());
    if (Res.SHA256Sum.empty() == false)
diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc
index 25d40ef54..460f59961 100644
--- a/apt-pkg/acquire-worker.cc
+++ b/apt-pkg/acquire-worker.cc
@@ -267,8 +267,23 @@ bool pkgAcquire::Worker::RunMessages()
 	       _error->Warning("Bizarre Error - File size is not what the server reported %s %lu",
 			       LookupTag(Message,"Size","0").c_str(),TotalSize);
 
+	    // see if there is a hash to verify
+	    string RecivedHash;
+	    HashString expectedHash(Owner->HashSum());
+	    if(!expectedHash.empty()) 
+	    {
+	       string hashTag = expectedHash.HashType()+"-Hash";
+	       RecivedHash = expectedHash.HashType() + ":" + LookupTag(Message, hashTag.c_str());
+	       if(_config->FindB("Debug::pkgAcquire::Auth", false) == true)
+	       {
+		  clog << "201 URI Done: " << Owner->DescURI() << endl
+		       << "RecivedHash: " << RecivedHash << endl
+		       << "ExpectedHash: " << expectedHash.toStr() 
+		       << endl << endl;
+	       }
+	    }
 	    Owner->Done(Message,atoi(LookupTag(Message,"Size","0").c_str()),
-			LookupTag(Message,"MD5-Hash"),Config);
+			RecivedHash.c_str(), Config);
 	    ItemDone();
 	    
 	    // Log that we are done
diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc
index da714f997..fcc2f887c 100644
--- a/apt-pkg/contrib/hashes.cc
+++ b/apt-pkg/contrib/hashes.cc
@@ -44,7 +44,7 @@ HashString::HashString(string StringedHash)
       return;
    }
    string::size_type pos = StringedHash.find(":");
-   Type = StringedHash.substr(0,pos-1);
+   Type = StringedHash.substr(0,pos);
    Hash = StringedHash.substr(pos+1, StringedHash.size() - pos);
 
    if(_config->FindB("Debug::Hashes",false) == true)
diff --git a/apt-pkg/contrib/hashes.h b/apt-pkg/contrib/hashes.h
index 86c0eb2ad..93e7b25d9 100644
--- a/apt-pkg/contrib/hashes.h
+++ b/apt-pkg/contrib/hashes.h
@@ -38,6 +38,9 @@ class HashString
    HashString(string StringedHashString);  // init from str as "type:hash"
    HashString();
 
+   // get hash type used
+   string HashType() { return Type; };
+
    // verify the given filename against the currently loaded hash
    bool VerifyFile(string filename) const;
 
diff --git a/apt-pkg/init.h b/apt-pkg/init.h
index bc0e55036..801c7cfd0 100644
--- a/apt-pkg/init.h
+++ b/apt-pkg/init.h
@@ -18,7 +18,7 @@
 
 // See the makefile
 #define APT_PKG_MAJOR 4
-#define APT_PKG_MINOR 4
+#define APT_PKG_MINOR 5
 #define APT_PKG_RELEASE 0
     
 extern const char *pkgVersion;
diff --git a/apt-pkg/makefile b/apt-pkg/makefile
index df9954f67..78c24fe83 100644
--- a/apt-pkg/makefile
+++ b/apt-pkg/makefile
@@ -13,7 +13,7 @@ include ../buildlib/defaults.mak
 # methods/makefile - FIXME
 LIBRARY=apt-pkg
 LIBEXT=$(GLIBC_VER)$(LIBSTDCPP_VER)
-MAJOR=4.4
+MAJOR=4.5
 MINOR=0
 SLIBS=$(PTHREADLIB) $(INTLLIBS)
 APT_DOMAIN:=libapt-pkg$(MAJOR)
diff --git a/methods/makefile b/methods/makefile
index f178cbbea..16900116a 100644
--- a/methods/makefile
+++ b/methods/makefile
@@ -7,7 +7,7 @@ include ../buildlib/defaults.mak
 BIN := $(BIN)/methods
 
 # FIXME..
-LIB_APT_PKG_MAJOR = 4.4
+LIB_APT_PKG_MAJOR = 4.5
 APT_DOMAIN := libapt-pkg$(LIB_APT_PKG_MAJOR)
 
 # The file method
-- 
2.45.2