From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-apps-cvs-return-1670-listarch-cygwin-apps-cvs=sourceware.org@sourceware.org>
Received: (qmail 105376 invoked by alias); 3 Aug 2015 21:19:35 -0000
Mailing-List: contact cygwin-apps-cvs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <cygwin-apps-cvs.sourceware.org>
List-Subscribe: <mailto:cygwin-apps-cvs-subscribe@sourceware.org>
List-Post: <mailto:cygwin-apps-cvs@sourceware.org>
List-Help: <mailto:cygwin-apps-cvs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: cygwin-apps-cvs-owner@sourceware.org
Received: (qmail 105356 invoked by uid 10076); 3 Aug 2015 21:19:34 -0000
Date: Mon, 03 Aug 2015 21:19:00 -0000
Message-ID: <20150803211934.105321.qmail@sourceware.org>
From: gratz@sourceware.org
To: cygwin-apps-cvs@sourceware.org
Subject: [setup] branch master, updated. release_2.871-14-gb53880e
X-Git-Refname: refs/heads/master
X-Git-Reftype: branch
X-Git-Oldrev: ec8ad645c451dd21e72f64d0fdc9f2141f75a8c6
X-Git-Newrev: b53880ee4155b8b281bf4eaa2d494dd4e01a1390
X-SW-Source: 2015-q3/txt/msg00003.txt.bz2




https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=b53880ee4155b8b281bf4eaa2d494dd4e01a1390

commit b53880ee4155b8b281bf4eaa2d494dd4e01a1390
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date:   Mon Aug 3 21:23:37 2015 +0200

    Simplify parser, both SHA512 checksum types can parse to the same token
    
    	* inilex.ll: Introduce HEX and B64 definitions, use them in the
    	rules section.  Parse both SHA512 and SHA512-Base64URL checksums
    	to the SHA512 token.
    	* iniparse.yy (packagedata): Remove all occurences of the
    	SHA512B64URL token.

https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=da1ab5671b98ac3a8a705c39e986151e0d5fe0ca

commit da1ab5671b98ac3a8a705c39e986151e0d5fe0ca
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date:   Mon Aug 3 21:19:53 2015 +0200

    If MD5 checksum is missing then SHA512 must always be checked
    
    	* install.cc (chksum_one): If MD5 checksum is not available, then
    	SHA512 must always be checked even if just against the zeroed
    	digest as initialized.  Otherwise a package with no checksum would
    	be treated as valid.

https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=159763b27b31f7a899b81d4b3b9c26be72e64a10

commit 159763b27b31f7a899b81d4b3b9c26be72e64a10
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date:   Mon Aug 3 21:04:10 2015 +0200

    Fix bug in nibbled1 and use character types throughout
    
    	* ini.h (nibbled1): Fix a thinko in this macro that made the
    	result always zero.
    	(hexnibble, nibbled1, b64url, b64d1, b64d2, b64d3): Use character
    	literals for all numeric constants dealing with characters.
    	Remove trailing semicolons.

https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=c7ad9a642a51753344a841c1718efd963af82505

commit c7ad9a642a51753344a841c1718efd963af82505
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date:   Mon Aug 3 20:15:51 2015 +0200

    Fix MD5sum.str () formatting bug
    
    	* csu_util/MD5Sum.cc (str): The stream modifiers are not sticky
    	and must be applied for each conversion.


Diff:
---
 ChangeLog          |   28 ++++++++++++++++++++++++++++
 csu_util/MD5Sum.cc |    4 ++--
 ini.h              |   20 ++++++++++----------
 inilex.ll          |   10 ++++++----
 iniparse.yy        |    7 ++-----
 install.cc         |    6 +++---
 6 files changed, 51 insertions(+), 24 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 7d14458..355fd23 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,31 @@
+2015-08-03  Achim Gratz  <ASSI <Stromeko@NexGo.DE>>
+
+	* inilex.ll: Introduce HEX and B64 definitions, use them in the
+	rules section.  Parse both SHA512 and SHA512-Base64URL checksums
+	to the SHA512 token.
+	* iniparse.yy (packagedata): Remove all occurences of the
+	SHA512B64URL token.
+
+2015-08-03  Achim Gratz  <Stromeko@NexGo.DE>
+
+	* install.cc (chksum_one): If MD5 checksum is not available, then
+	SHA512 must always be checked even if just against the zeroed
+	digest as initialized.  Otherwise a package with no checksum would
+	be treated as valid.
+
+2015-08-03  Achim Gratz  <Stromeko@NexGo.DE>
+
+	* ini.h (nibbled1): Fix a thinko in this macro that made the
+	result always zero.
+	(hexnibble, nibbled1, b64url, b64d1, b64d2, b64d3): Use character
+	literals for all numeric constants dealing with characters.
+	Remove trailing semicolons.
+
+2015-08-03  Achim Gratz  <Stromeko@NexGo.DE>
+
+	* csu_util/MD5Sum.cc (str): The stream modifiers are not sticky
+	and must be applied for each conversion.
+
 2015-08-01 David Hoke  <d_hoke@hotmail.com>
 
 	* download.cc (IncludeSource): New command line switch
diff --git a/csu_util/MD5Sum.cc b/csu_util/MD5Sum.cc
index 1d9c362..596089d 100644
--- a/csu_util/MD5Sum.cc
+++ b/csu_util/MD5Sum.cc
@@ -85,9 +85,9 @@ MD5Sum::str() const
 {
   std::ostringstream hexdigest;
 
-  hexdigest << std::hex << std::setfill('0') << std::setw(2);
   for (int i=0; i<16; ++i )
-    hexdigest << static_cast<unsigned int>(digest[i]);
+    hexdigest << std::hex << std::setfill('0') << std::setw(2)
+	      << static_cast<unsigned int>(digest[i]);
   return hexdigest.str();
 }
 
diff --git a/ini.h b/ini.h
index 164e3d2..7f6db22 100644
--- a/ini.h
+++ b/ini.h
@@ -59,16 +59,16 @@ extern int yyerror_count;             /* number of parse errors */
 
 /* The following definitions are used in the parser implementation */
 
-#define hexnibble(val) (255 & (val > '9') ? val - 'a' + 10 : val - '0');
-#define nibbled1(v1,v2) (255 & ((v1 << 4) & v2));
+#define hexnibble(val)  ('\xff' & (val > '9') ? val - 'a' + 10 : val - '0')
+#define nibbled1(v1,v2) ('\xff' & ((v1 << 4) | v2))
 #define b64url(val)						\
-  (63 & ((  val == '_') ? 63					\
-	 : (val == '-') ? 62					\
-	 : (val >= 'a') ? val - 'a' + 26			\
-	 : (val >= 'A') ? val - 'A' +  0			\
-	 :                val - '0' + 52))
-#define b64d1(v1,v2,v3,v4) (255 & ((v1 << 2) | (v2 >> 4)));
-#define b64d2(v1,v2,v3,v4) (255 & ((v2 << 4) | (v3 >> 2)));
-#define b64d3(v1,v2,v3,v4) (255 & ((v3 << 6) |  v4));
+  ('\x3f' & ((  val == '_') ? '\x3f'				\
+	     : (val == '-') ? '\x3e'				\
+	     : (val >= 'a') ? val - 'a' + '\x1a'		\
+	     : (val >= 'A') ? val - 'A' + '\x00'		\
+	     :                val - '0' + '\x34'))
+#define b64d1(v1,v2,v3,v4) ('\xff' & ((v1 << 2) | (v2 >> 4)))
+#define b64d2(v1,v2,v3,v4) ('\xff' & ((v2 << 4) | (v3 >> 2)))
+#define b64d3(v1,v2,v3,v4) ('\xff' & ((v3 << 6) |  v4))
 
 #endif /* SETUP_INI_H */
diff --git a/inilex.ll b/inilex.ll
index 86100ae..67764f0 100644
--- a/inilex.ll
+++ b/inilex.ll
@@ -46,10 +46,12 @@ static void ignore_line (void);
 %x eolstate
 
 STR	[!a-zA-Z0-9_./:\+~-]+
+HEX	[0-9a-f]
+B64	[a-zA-Z0-9_-]
 
 %%
 
-[0-9a-f]{32} {
+{HEX}{32} {
     yylval = (char *) new unsigned char[16];
     memset (yylval, 0, 16);
     int i, j;
@@ -63,7 +65,7 @@ STR	[!a-zA-Z0-9_./:\+~-]+
     return MD5;
 }
 
-[0-9a-f]{128} {
+{HEX}{128} {
     yylval = (char *) new unsigned char[SHA512_DIGEST_LENGTH];
     memset (yylval, 0, SHA512_DIGEST_LENGTH);
     int i, j;
@@ -77,7 +79,7 @@ STR	[!a-zA-Z0-9_./:\+~-]+
     return SHA512;
 }
 
-[a-zA-Z0-9_-]{86} {
+{B64}{86} {
     /* base64url as defined in RFC4648 */
     yylval = (char *) new unsigned char[SHA512_DIGEST_LENGTH];
     memset (yylval, 0, SHA512_DIGEST_LENGTH);
@@ -98,7 +100,7 @@ STR	[!a-zA-Z0-9_./:\+~-]+
     v3 = 0;
     v4 = 0;
     ((unsigned char *) yylval) [j+0] = b64d1(v1, v2, v3, v4);
-    return SHA512B64URL;
+    return SHA512;
 }
 
 \"[^"]*\"		{ yylval = new char [strlen (yytext+1) + 1];
diff --git a/iniparse.yy b/iniparse.yy
index 442135d..5fd6c3f 100644
--- a/iniparse.yy
+++ b/iniparse.yy
@@ -42,8 +42,8 @@ void add_correct_version();
 %token CATEGORY DEPENDS REQUIRES
 %token APATH PPATH INCLUDE_SETUP EXCLUDE_PACKAGE DOWNLOAD_URL
 %token T_PREV T_CURR T_TEST
-%token SHA512 SHA512B64URL MD5 INSTALLEDSIZE MAINTAINER PRIORITY
-%token MD5LINE SHA512LINE
+%token INSTALLEDSIZE MAINTAINER PRIORITY
+%token MD5 MD5LINE SHA512 SHA512LINE
 %token DESCTAG DESCRIPTION FILESIZE ARCHITECTURE SOURCEPACKAGE
 %token RECOMMENDS PREDEPENDS
 %token SUGGESTS CONFLICTS REPLACES PROVIDES PACKAGENAME STRTOEOL PARAGRAPH
@@ -109,7 +109,6 @@ singleitem /* non-empty */
  | STANDARDSVERSION STRING NL	{ /* TODO */ }
  | MD5LINE MD5 NL	{ iniBuilder->buildInstallMD5 ((unsigned char *)$2); }
  | SHA512LINE SHA512 NL		{ iniBuilder->buildInstallSHA512 ((unsigned char *)$2); }
- | SHA512LINE SHA512B64URL NL	{ iniBuilder->buildInstallSHA512 ((unsigned char *)$2); }
  | SOURCEPACKAGE source NL
  | CATEGORY categories NL
  | INSTALL STRING { iniBuilder->buildPackageInstall ($2); } installmeta NL
@@ -149,13 +148,11 @@ installmeta: /* empty */
 installchksum: /* empty */
  | MD5 			{ iniBuilder->buildInstallMD5 ((unsigned char *)$1);}
  | SHA512		{ iniBuilder->buildInstallSHA512 ((unsigned char *)$1);}
- | SHA512B64URL		{ iniBuilder->buildInstallSHA512 ((unsigned char *)$1);}
  ;
 
 sourcechksum: /* empty */
  | MD5 			{ iniBuilder->buildSourceMD5 ((unsigned char *)$1); }
  | SHA512 		{ iniBuilder->buildSourceSHA512 ((unsigned char *)$1); }
- | SHA512B64URL		{ iniBuilder->buildSourceSHA512 ((unsigned char *)$1); }
  ;
 
 source /* non-empty */
diff --git a/install.cc b/install.cc
index 4274715..1e69564 100644
--- a/install.cc
+++ b/install.cc
@@ -1044,8 +1044,8 @@ chksum_one (const packagesource& pkgsource)
 {
   if (!pkgsource.Cached ())
     return;
-  if (pkgsource.sha512sum[0])
-    sha512_one (pkgsource);
-  else if (pkgsource.md5.isSet())
+  if (pkgsource.md5.isSet())
     md5_one (pkgsource);
+  else
+    sha512_one (pkgsource);
 }