openwrt/package/system/opkg/patches/230-drop_md5_support.patch
John Crispin 1268b2e899 opkg: Fix handling of sha256sums for conffiles
MD5s are shorter than SHA256, so reading buffer has to be bigger to read the
whole hash.

Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>

SVN-Revision: 48917
2016-03-04 08:33:41 +00:00

193 lines
5.7 KiB
Diff

--- a/libopkg/conffile.c
+++ b/libopkg/conffile.c
@@ -36,7 +36,7 @@ void conffile_deinit(conffile_t *conffil
int conffile_has_been_modified(conffile_t *conffile)
{
- char *md5sum;
+ char *chksum;
char *filename = conffile->name;
char *root_filename;
int ret = 1;
@@ -48,16 +48,23 @@ int conffile_has_been_modified(conffile_
root_filename = root_filename_alloc(filename);
- md5sum = file_md5sum_alloc(root_filename);
-
- if (md5sum && (ret = strcmp(md5sum, conffile->value))) {
- opkg_msg(INFO, "Conffile %s:\n\told md5=%s\n\tnew md5=%s\n",
- conffile->name, md5sum, conffile->value);
+#ifdef HAVE_MD5
+ if(conffile->value && strlen(conffile->value) > 33) {
+ chksum = file_sha256sum_alloc(root_filename);
+ } else {
+ chksum = file_md5sum_alloc(root_filename);
+ }
+#else
+ chksum = file_sha256sum_alloc(root_filename);
+#endif
+ if (chksum && (ret = strcmp(chksum, conffile->value))) {
+ opkg_msg(INFO, "Conffile %s:\n\told chk=%s\n\tnew chk=%s\n",
+ conffile->name, chksum, conffile->value);
}
free(root_filename);
- if (md5sum)
- free(md5sum);
+ if (chksum)
+ free(chksum);
return ret;
}
--- a/libopkg/file_util.c
+++ b/libopkg/file_util.c
@@ -26,7 +26,9 @@
#include "sprintf_alloc.h"
#include "file_util.h"
+#ifdef HAVE_MD5
#include "md5.h"
+#endif
#include "libbb/libbb.h"
#if defined HAVE_SHA256
@@ -135,6 +137,7 @@ file_mkdir_hier(const char *path, long m
return make_directory(path, mode, FILEUTILS_RECUR);
}
+#ifdef HAVE_MD5
char *file_md5sum_alloc(const char *file_name)
{
static const int md5sum_bin_len = 16;
@@ -180,6 +183,7 @@ char *file_md5sum_alloc(const char *file
return md5sum_hex;
}
+#endif
#ifdef HAVE_SHA256
char *file_sha256sum_alloc(const char *file_name)
--- a/libopkg/opkg_install.c
+++ b/libopkg/opkg_install.c
@@ -1082,7 +1082,7 @@ resolve_conffiles(pkg_t *pkg)
conffile_list_elt_t *iter;
conffile_t *cf;
char *cf_backup;
- char *md5sum;
+ char *chksum;
if (conf->noaction) return 0;
@@ -1093,7 +1093,7 @@ resolve_conffiles(pkg_t *pkg)
/* Might need to initialize the md5sum for each conffile */
if (cf->value == NULL) {
- cf->value = file_md5sum_alloc(root_filename);
+ cf->value = file_sha256sum_alloc(root_filename);
}
if (!file_exists(root_filename)) {
@@ -1105,8 +1105,16 @@ resolve_conffiles(pkg_t *pkg)
if (file_exists(cf_backup)) {
/* Let's compute md5 to test if files are changed */
- md5sum = file_md5sum_alloc(cf_backup);
- if (md5sum && cf->value && strcmp(cf->value,md5sum) != 0 ) {
+#ifdef HAVE_MD5
+ if(cf->value && strlen(cf->value) > 33) {
+ chksum = file_sha256sum_alloc(cf_backup);
+ } else {
+ chksum = file_md5sum_alloc(cf_backup);
+ }
+#else
+ chksum = file_sha256sum_alloc(cf_backup);
+#endif
+ if (chksum && cf->value && strcmp(cf->value,chksum) != 0 ) {
if (conf->force_maintainer) {
opkg_msg(NOTICE, "Conffile %s using maintainer's setting.\n",
cf_backup);
@@ -1123,8 +1131,8 @@ resolve_conffiles(pkg_t *pkg)
}
}
unlink(cf_backup);
- if (md5sum)
- free(md5sum);
+ if (chksum)
+ free(chksum);
}
free(cf_backup);
@@ -1323,6 +1331,7 @@ opkg_install_pkg(pkg_t *pkg, int from_up
}
#endif
+#ifdef HAVE_MD5
/* Check for md5 values */
if (pkg->md5sum)
{
@@ -1346,6 +1355,7 @@ opkg_install_pkg(pkg_t *pkg, int from_up
if (file_md5)
free(file_md5);
}
+#endif
#ifdef HAVE_SHA256
/* Check for sha256 value */
--- a/libopkg/Makefile.am
+++ b/libopkg/Makefile.am
@@ -25,13 +25,16 @@ opkg_list_sources = conffile.c conffile.
pkg_src.c pkg_src.h pkg_src_list.c pkg_src_list.h \
str_list.c str_list.h void_list.c void_list.h \
active_list.c active_list.h list.h
-opkg_util_sources = file_util.c file_util.h opkg_message.h opkg_message.c md5.c md5.h \
+opkg_util_sources = file_util.c file_util.h opkg_message.h opkg_message.c \
parse_util.c parse_util.h \
sprintf_alloc.c sprintf_alloc.h \
xregex.c xregex.h xsystem.c xsystem.h
if HAVE_PATHFINDER
opkg_util_sources += opkg_pathfinder.c opkg_pathfinder.h
endif
+if HAVE_MD5
+opkg_util_sources += md5.c md5.h
+endif
if HAVE_SHA256
opkg_util_sources += sha256.c sha256.h
endif
--- a/configure.ac
+++ b/configure.ac
@@ -68,10 +68,19 @@ AC_ARG_ENABLE(sha256,
(sha256.{c,h} are GPLv3 licensed) [[default=no]] ]),
[want_sha256="$enableval"], [want_sha256="no"])
+AC_ARG_ENABLE(md5,
+ AC_HELP_STRING([--enable-md5], [Enable md5sum check
+ (md5.{c,h} are GPLv3 licensed) [[default=no]] ]),
+ [want_md5="$enableval"], [want_md5="yes"])
+
if test "x$want_sha256" = "xyes"; then
AC_DEFINE(HAVE_SHA256, 1, [Define if you want sha256 support])
fi
+if test "x$want_md5" = "xyes"; then
+ AC_DEFINE(HAVE_MD5, 1, [Define if you want md5 support])
+fi
AM_CONDITIONAL(HAVE_SHA256, test "x$want_sha256" = "xyes")
+AM_CONDITIONAL(HAVE_MD5, test "x$want_md5" = "xyes")
# check for openssl
AC_ARG_ENABLE(openssl,
--- a/libopkg/pkg_parse.c
+++ b/libopkg/pkg_parse.c
@@ -49,9 +49,9 @@ parse_status(pkg_t *pkg, const char *sst
static void
parse_conffiles(pkg_t *pkg, const char *cstr)
{
- char file_name[1024], md5sum[35];
+ char file_name[1024], md5sum[85];
- if (sscanf(cstr, "%1023s %34s", file_name, md5sum) != 2) {
+ if (sscanf(cstr, "%1023s %84s", file_name, md5sum) != 2) {
opkg_msg(ERROR, "Failed to parse Conffiles line for %s\n",
pkg->name);
return;