From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 73273 invoked by alias); 6 Aug 2015 15:47:44 -0000 Mailing-List: contact cygwin-apps-cvs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: cygwin-apps-cvs-owner@sourceware.org Received: (qmail 73243 invoked by uid 10076); 6 Aug 2015 15:47:42 -0000 Date: Thu, 06 Aug 2015 15:47:00 -0000 Message-ID: <20150806154742.73214.qmail@sourceware.org> From: gratz@sourceware.org To: cygwin-apps-cvs@sourceware.org Subject: [setup] branch master, updated. release_2.871-16-ge9c1444 X-Git-Refname: refs/heads/master X-Git-Reftype: branch X-Git-Oldrev: b53880ee4155b8b281bf4eaa2d494dd4e01a1390 X-Git-Newrev: e9c1444dee042c23856630fc7a87a85e35ee1366 X-SW-Source: 2015-q3/txt/msg00004.txt.bz2 https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=e9c1444dee042c23856630fc7a87a85e35ee1366 commit e9c1444dee042c23856630fc7a87a85e35ee1366 Author: Achim Gratz Date: Tue Aug 4 19:48:56 2015 +0200 Properly record SHA512 checksum presence and skip validation for ad-hoc installs * package_source.h (packagesource): Add boolean member variable sha512_isSet to record whether an SHA512 checksum has been set. (packagesource): Initialize sha512_isSet to false. * IniDBBuilderPackage.cc (buildInstallSHA512, buildSourceSHA512): Only set the SHA512 checksum when it was previously unset like it is done for MD5 checksums. That will generally be the checksum recorded on the package line in setup.ini, any further checksums in separate lines will thus be ignored. * install.cc (chksum_one): Conditionalize the comparison of the SHA512 checksum on whether or not it was previously set. Check SHA512 checksum first since it is the default now. This is necessary for ad-hoc installs from local disk without a setup.ini file. Output a warning when the checksum was not be verified because neither a MD5 nor a SHA512 checksum was set. https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=9de3a769ae38b1e54ec99e5f105f832a74becfab commit 9de3a769ae38b1e54ec99e5f105f832a74becfab Author: Achim Gratz Date: Tue Aug 4 19:39:23 2015 +0200 Increase read buffer size for MD5 checksumming to 64kiB * install.cc (md5_one): Change buffer size from 16kiB to 64kiB for faster reading. Diff: --- ChangeLog | 26 +++++++++++++++++++++++++- IniDBBuilderPackage.cc | 8 ++++++-- install.cc | 10 +++++++--- package_source.h | 2 ++ 4 files changed, 40 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 355fd23..03f91b4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,28 @@ -2015-08-03 Achim Gratz > +2015-08-04 Achim Gratz + + * package_source.h (packagesource): Add boolean member variable + sha512_isSet to record whether an SHA512 checksum has been set. + (packagesource): Initialize sha512_isSet to false. + + * IniDBBuilderPackage.cc (buildInstallSHA512, buildSourceSHA512): + Only set the SHA512 checksum when it was previously unset like it + is done for MD5 checksums. That will generally be the checksum + recorded on the package line in setup.ini, any further checksums + in separate lines will thus be ignored. + + * install.cc (chksum_one): Conditionalize the comparison of the + SHA512 checksum on whether or not it was previously set. Check + SHA512 checksum first since it is the default now. This is + necessary for ad-hoc installs from local disk without a setup.ini + file. Output a warning when the checksum was not be verified + because neither a MD5 nor a SHA512 checksum was set. + +2015-08-04 Achim Gratz + + * install.cc (md5_one): Change buffer size from 16kiB to 64kiB for + faster reading. + +2015-08-03 Achim Gratz * inilex.ll: Introduce HEX and B64 definitions, use them in the rules section. Parse both SHA512 and SHA512-Base64URL checksums diff --git a/IniDBBuilderPackage.cc b/IniDBBuilderPackage.cc index 7ee2af4..ff92ec2 100644 --- a/IniDBBuilderPackage.cc +++ b/IniDBBuilderPackage.cc @@ -268,15 +268,19 @@ IniDBBuilderPackage::buildInstallSize (const std::string &size) void IniDBBuilderPackage::buildInstallSHA512 (unsigned char const *sha512) { - if (sha512) + if (sha512 && !cbpv.source()->sha512_isSet) { memcpy (cbpv.source()->sha512sum, sha512, sizeof cbpv.source()->sha512sum); + cbpv.source()->sha512_isSet = true; + } } void IniDBBuilderPackage::buildSourceSHA512 (unsigned char const *sha512) { - if (sha512) + if (sha512 && !cbpv.source()->sha512_isSet) { memcpy (cspv.source()->sha512sum, sha512, sizeof cspv.source()->sha512sum); + cbpv.source()->sha512_isSet = true; + } } void diff --git a/install.cc b/install.cc index 1e69564..a5c4b10 100644 --- a/install.cc +++ b/install.cc @@ -1010,7 +1010,7 @@ md5_one (const packagesource& pkgsource) Progress.SetText4 ("Progress:"); Progress.SetBar1 (0); - unsigned char buffer[16384]; + unsigned char buffer[64 * 1024]; ssize_t count; while ((count = thefile->read (buffer, sizeof (buffer))) > 0) { @@ -1044,8 +1044,12 @@ chksum_one (const packagesource& pkgsource) { if (!pkgsource.Cached ()) return; - if (pkgsource.md5.isSet()) + if (pkgsource.sha512_isSet) + sha512_one (pkgsource); + else if (pkgsource.md5.isSet()) md5_one (pkgsource); else - sha512_one (pkgsource); + Log (LOG_BABBLE) << "No checksum recorded for " << pkgsource.Base () + << ", cannot determine integrity of package!" + << endLog; } diff --git a/package_source.h b/package_source.h index 79d357b..997ccf8 100644 --- a/package_source.h +++ b/package_source.h @@ -62,6 +62,7 @@ public: _installedSize (0) { memset (sha512sum, 0, sizeof sha512sum); + sha512_isSet = false; }; /* how big is the source file */ size_t size; @@ -107,6 +108,7 @@ public: virtual void set_canonical (char const *); virtual void set_cached (const std::string& ); unsigned char sha512sum[SHA512_DIGEST_LENGTH]; + bool sha512_isSet; MD5Sum md5; typedef std::vector sitestype; sitestype sites;