AC_DEFINE(HAVE_CURL, 1, [Define if you want CURL support])
fi
+# check for sha256
+AC_ARG_ENABLE(sha256,
+ AC_HELP_STRING([--enable-sha256], [Enable sha256sum check
+ [[default=yes]] ]),
+ [want_sha256="$enableval"], [want_sha256="yes"])
+
+if test "x$want_sha256" = "xyes"; then
+ AC_DEFINE(HAVE_SHA256, 1, [Define if you want sha256 support])
+fi
+AM_CONDITIONAL(HAVE_SHA256, test "x$want_sha256" = "xyes")
+
dnl **********
dnl GPGME
sprintf_alloc.c sprintf_alloc.h str_util.c str_util.h \
xregex.c xregex.h xsystem.c xsystem.h
+if HAVE_SHA256
+opkg_util_sources += sha256.c sha256.h
+endif
+
lib_LTLIBRARIES = libopkg.la
libopkg_la_SOURCES = \
$(opkg_libcore_sources) \
#include "libbb/libbb.h"
#undef strlen
+#if defined HAVE_SHA256
+#include "sha256.h"
+#endif
+
int file_exists(const char *file_name)
{
int err;
return md5sum_hex;
}
+#ifdef HAVE_SHA256
+char *file_sha256sum_alloc(const char *file_name)
+{
+ static const int sha256sum_bin_len = 32;
+ static const int sha256sum_hex_len = 64;
+
+ static const unsigned char bin2hex[16] = {
+ '0', '1', '2', '3',
+ '4', '5', '6', '7',
+ '8', '9', 'a', 'b',
+ 'c', 'd', 'e', 'f'
+ };
+
+ int i, err;
+ FILE *file;
+ char *sha256sum_hex;
+ unsigned char sha256sum_bin[sha256sum_bin_len];
+
+ sha256sum_hex = calloc(1, sha256sum_hex_len + 1);
+ if (sha256sum_hex == NULL) {
+ fprintf(stderr, "%s: out of memory\n", __FUNCTION__);
+ return strdup("");
+ }
+
+ file = fopen(file_name, "r");
+ if (file == NULL) {
+ fprintf(stderr, "%s: Failed to open file %s: %s\n",
+ __FUNCTION__, file_name, strerror(errno));
+ return strdup("");
+ }
+
+ err = sha256_stream(file, sha256sum_bin);
+ if (err) {
+ fprintf(stderr, "%s: ERROR computing sha256sum for %s: %s\n",
+ __FUNCTION__, file_name, strerror(err));
+ return strdup("");
+ }
+
+ fclose(file);
+
+ for (i=0; i < sha256sum_bin_len; i++) {
+ sha256sum_hex[i*2] = bin2hex[sha256sum_bin[i] >> 4];
+ sha256sum_hex[i*2+1] = bin2hex[sha256sum_bin[i] & 0xf];
+ }
+
+ sha256sum_hex[sha256sum_hex_len] = '\0';
+
+ return sha256sum_hex;
+}
+
+#endif
int file_copy(const char *src, const char *dest);
int file_mkdir_hier(const char *path, long mode);
char *file_md5sum_alloc(const char *file_name);
+char *file_sha256sum_alloc(const char *file_name);
#endif
case OPKG_INSTALL_ERR_ALREADY_INSTALLED: return OPKG_PACKAGE_ALREADY_INSTALLED;
case OPKG_INSTALL_ERR_SIGNATURE: return OPKG_GPG_ERROR;
case OPKG_INSTALL_ERR_MD5: return OPKG_MD5_ERROR;
+ case OPKG_INSTALL_ERR_SHA256: return OPKG_SHA256_ERROR;
default: return OPKG_UNKNOWN_ERROR;
}
}
case OPKG_INSTALL_ERR_ALREADY_INSTALLED: return OPKG_PACKAGE_ALREADY_INSTALLED;
case OPKG_INSTALL_ERR_SIGNATURE: return OPKG_GPG_ERROR;
case OPKG_INSTALL_ERR_MD5: return OPKG_MD5_ERROR;
+ case OPKG_INSTALL_ERR_SHA256: return OPKG_SHA256_ERROR;
default: return OPKG_UNKNOWN_ERROR;
}
}
OPKG_PACKAGE_NOT_FOUND,
OPKG_PACKAGE_NOT_INSTALLED,
OPKG_GPG_ERROR,
- OPKG_MD5_ERROR
+ OPKG_MD5_ERROR,
+ OPKG_SHA256_ERROR
};
struct _opkg_package_t
OPKG_INSTALL_ERR_SIGNATURE,
OPKG_INSTALL_ERR_MD5,
OPKG_INSTALL_ERR_INTERNAL,
+ OPKG_INSTALL_ERR_SHA256,
};
typedef enum opkg_error opkg_error_t;
abstract_pkg_t *ab_pkg = NULL;
int old_state_flag;
char* file_md5;
+#ifdef HAVE_SHA256
+ char* file_sha256;
+#endif
char *pkgid;
if ( from_upgrade )
free(file_md5);
}
+#ifdef HAVE_SHA256
+ /* Check for sha256 value */
+ if(pkg->sha256sum)
+ {
+ file_sha256 = file_sha256sum_alloc(pkg->local_filename);
+ if (strcmp(file_sha256, pkg->sha256sum))
+ {
+ opkg_message(conf, OPKG_ERROR,
+ "Package %s sha256sum mismatch. Either the opkg or the package index are corrupt. Try 'opkg update'.\n",
+ pkg->name);
+ free(file_sha256);
+ return OPKG_INSTALL_ERR_SHA256;
+ }
+ }
+#endif
+
if (pkg->tmp_unpack_dir == NULL) {
unpack_pkg_control_files(conf, pkg);
}
pkg->local_filename = NULL;
pkg->tmp_unpack_dir = NULL;
pkg->md5sum = NULL;
+#if defined HAVE_SHA256
+ pkg->sha256sum = NULL;
+#endif
pkg->size = NULL;
pkg->installed_size = NULL;
pkg->priority = NULL;
pkg->tmp_unpack_dir = NULL;
free(pkg->md5sum);
pkg->md5sum = NULL;
+#if defined HAVE_SHA256
+ free(pkg->sha256sum);
+ pkg->sha256sum = NULL;
+#endif
free(pkg->size);
pkg->size = NULL;
free(pkg->installed_size);
oldpkg->tmp_unpack_dir = str_dup_safe(newpkg->tmp_unpack_dir);
if (!oldpkg->md5sum)
oldpkg->md5sum = str_dup_safe(newpkg->md5sum);
+#if defined HAVE_SHA256
+ if (!oldpkg->sha256sum)
+ oldpkg->sha256sum = str_dup_safe(newpkg->sha256sum);
+#endif
if (!oldpkg->size)
oldpkg->size = str_dup_safe(newpkg->size);
if (!oldpkg->installed_size)
break;
case 's':
case 'S': {
- /* Section | Size | Source | Status | Suggests */
+ /* Section | SHA256sum | Size | Source | Status | Suggests */
if (strcasecmp(field, "Section") == 0) {
/* Section */
if (pkg->section) {
temp[0]='\0';
snprintf(temp, (strlen(pkg->section)+11), "Section: %s\n", pkg->section);
}
+#if defined HAVE_SHA256
+ } else if (strcasecmp(field, "SHA256sum") == 0) {
+ /* SHA256sum */
+ if (pkg->sha256sum) {
+ temp = (char *)realloc(temp,strlen(pkg->sha256sum)+13);
+ if ( temp == NULL ){
+ fprintf(stderr, "%s: out of memory\n", __FUNCTION__);
+ return NULL;
+ }
+ temp[0]='\0';
+ snprintf(temp, (strlen(pkg->sha256sum)+13), "SHA256sum: %s\n", pkg->sha256sum);
+ }
+#endif
} else if (strcasecmp(field, "Size") == 0) {
/* Size */
if (pkg->size) {
char *url;
char *tmp_unpack_dir;
char *md5sum;
+#if defined HAVE_SHA256
+ char *sha256sum;
+#endif
char *size;
char *installed_size;
char *priority;
case 'S':
if(isGenericFieldType("Section:", *lines))
pkg->section = parseGenericFieldType("Section", *lines);
+#ifdef HAVE_SHA256
+ else if(isGenericFieldType("SHA256sum:", *lines))
+ pkg->sha256sum = parseGenericFieldType("SHA256sum", *lines);
+#endif
else if(isGenericFieldType("Size:", *lines))
pkg->size = parseGenericFieldType("Size", *lines);
else if(isGenericFieldType("Source:", *lines))