ExternalVendorCode/serval-dna
1
0
Fork 0
mirror of https://github.com/servalproject/serval-dna.git synced 2025-01-18 02:39:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Only assert the file hash matches the file if the payload is not encrypted

Browse Source
This commit is contained in:
Jeremy Lakeman 2012-12-31 13:07:52 +10:30
parent 5b48a85f7d
commit 26a4034688
1 changed files with 25 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
testdefs_rhizome.sh
View File

@ -77,10 +77,15 @@ assert_stdout_add_file() {
local filename="${1}"
shift
unpack_manifest_for_grep "$filename"
compute_filehash actual_filehash "$filename" actual_filesize
opt_name=false
if replayStdout | $GREP -q '^service:file$'; then
opt_name=true
fi
opt_filehash=true
if [ "$re_crypt" = 1 ]; then
opt_filehash=false
fi
fieldnames='service|manifestid|secret|filesize|filehash|name'
for arg; do
case "$arg" in
@ -101,11 +106,11 @@ assert_stdout_add_file() {
${opt_service:-true} && assertStdoutGrep --matches=1 "^service:$re_service\$"
${opt_manifestid:-true} && assertStdoutGrep --matches=1 "^manifestid:$re_manifestid\$"
${opt_secret:-true} && assertStdoutGrep --matches=1 "^secret:$re_secret\$"
${opt_filesize:-true} && assertStdoutGrep --matches=1 "^filesize:$re_filesize\$"
${opt_filesize:-true} && assertStdoutGrep --matches=1 "^filesize:$actual_filesize\$"
if replayStdout | $GREP -q '^filesize:0$'; then
assertStdoutGrep --matches=0 "^filehash:"
else
${opt_filehash:-true} && assertStdoutGrep --matches=1 "^filehash:$re_filehash\$"
${opt_filehash:-true} && assertStdoutGrep --matches=1 "^filehash:$actual_filehash\$"
fi
}
@ -123,36 +128,34 @@ unpack_manifest_for_grep() {
re_secret="$rexp_bundlesecret"
re_sender="\($rexp_sid\)\{0,1\}"
re_recipient="\($rexp_sid\)\{0,1\}"
re_filesize="$rexp_filesize"
re_filehash="$rexp_filehash"
re_name=$(escape_grep_basic "${filename##*/}")
local filesize=$($SED -n -e '/^filesize=/s///p' "$filename.manifest" 2>/dev/null)
if [ "$filesize" = 0 ]; then
re_filesize=0
re_filehash=
re_name="\($re_name\)\{0,1\}"
else
re_filesize=$(( $(cat "$filename" | wc -c) + 0 ))
compute_filehash re_filehash "$filename"
fi
# If there is a manifest file that looks like it matches this payload
# file, then use its file hash to check the rhizome list '' output.
local filehash=$($SED -n -e '/^filehash=/s///p' "$filename.manifest" 2>/dev/null)
if [ "$filehash" = "$re_filehash" ]; then
if [ -e "$filename.manifest" ]; then
re_filesize=$($SED -n -e '/^filesize=/s///p' "$filename.manifest")
if [ "$filesize" = 0 ]; then
re_filehash=
else
re_filehash=$($SED -n -e '/^filehash=/s///p' "$filename.manifest")
fi
re_secret="$rexp_bundlesecret"
re_service=$($SED -n -e '/^service=/s///p' "$filename.manifest")
re_service=$(escape_grep_basic "$re_service")
re_manifestid=$($SED -n -e '/^id=/s///p' "$filename.manifest")
re_version=$($SED -n -e '/^version=/s///p' "$filename.manifest")
re_date=$($SED -n -e '/^date=/s///p' "$filename.manifest")
re_crypt=$($SED -n -e '/^crypt=/s///p' "$filename.manifest")
re_name=$($SED -n -e '/^name=/s///p' "$filename.manifest")
re_name=$(escape_grep_basic "$re_name")
re_sender=$($SED -n -e '/^sender=/s///p' "$filename.manifest")
re_recipient=$($SED -n -e '/^recipient=/s///p' "$filename.manifest")
case "$re_service" in
file)
re_name=$($SED -n -e '/^name=/s///p' "$filename.manifest")
re_name=$(escape_grep_basic "$re_name")
re_sender=
re_recipient=
;;
*)
re_name=
re_sender="$rexp_sid"
re_recipient="$rexp_sid"
;;
esac
fi
@ -228,10 +231,13 @@ extract_manifest_version() {
compute_filehash() {
local _var="$1"
local _file="$2"
local _filesize="$3"
local _hash=$($servald rhizome hash file "$_file") || error "$servald failed to compute file hash"
[ -z "${_hash//[0-9a-fA-F]/}" ] || error "file hash contains non-hex: $_hash"
[ "${#_hash}" -eq 128 ] || error "file hash incorrect length: $_hash"
local _size=$(( $(cat "$filename" | wc -c) + 0 ))
[ -n "$_var" ] && eval $_var="\$_hash"
[ -n "$_filesize" ] && eval $_filesize="\$_size"
}
rhizome_http_server_started() {