[pacman-dev] [PATCH] Remove support for SHA1 from pacman.
Andrew Fyfe
andrew at neptune-one.net
Wed Jul 25 17:52:46 EDT 2007
There's no need for a second hashing algorithm. MD5 serves the purpose
of verifying that a package file hasn't been corrupted during download.
Signed-off-by: Andrew Fyfe <andrew at neptune-one.net>
---
contrib/vimproject | 2 -
lib/libalpm/Makefile.am | 1 -
lib/libalpm/add.c | 37 +----
lib/libalpm/alpm.h | 3 -
lib/libalpm/backup.c | 6 +-
lib/libalpm/be_files.c | 11 +-
lib/libalpm/package.c | 65 -------
lib/libalpm/package.h | 2 -
lib/libalpm/remove.c | 1 -
lib/libalpm/sha1.c | 431 -----------------------------------------------
lib/libalpm/sha1.h | 72 --------
lib/libalpm/sync.c | 20 +--
src/pacman/package.c | 21 +--
13 files changed, 22 insertions(+), 650 deletions(-)
diff --git a/contrib/vimproject b/contrib/vimproject
index f54c6c1..b9bd7a4 100644
--- a/contrib/vimproject
+++ b/contrib/vimproject
@@ -29,7 +29,6 @@ pacman=~/devel/pacman-lib CD=. flags=S {
provide.c
remove.c
server.c
- sha1.c
sync.c
trans.c
util.c
@@ -50,7 +49,6 @@ pacman=~/devel/pacman-lib CD=. flags=S {
provide.h
remove.h
server.h
- sha1.h
sync.h
trans.h
util.h
diff --git a/lib/libalpm/Makefile.am b/lib/libalpm/Makefile.am
index c5276f9..fd35426 100644
--- a/lib/libalpm/Makefile.am
+++ b/lib/libalpm/Makefile.am
@@ -29,7 +29,6 @@ libalpm_la_SOURCES = \
provide.h provide.c \
remove.h remove.c \
server.h server.c \
- sha1.h sha1.c \
sync.h sync.c \
trans.h trans.c \
util.h util.c
diff --git a/lib/libalpm/add.c b/lib/libalpm/add.c
index e532304..7a6446c 100644
--- a/lib/libalpm/add.c
+++ b/lib/libalpm/add.c
@@ -42,7 +42,6 @@
#include "error.h"
#include "cache.h"
#include "md5.h"
-#include "sha1.h"
#include "log.h"
#include "backup.h"
#include "package.h"
@@ -336,7 +335,6 @@ static int extract_single_file(struct archive *archive,
char filename[PATH_MAX]; /* the actual file we're extracting */
int needbackup = 0, notouch = 0;
char *hash_orig = NULL;
- int use_md5 = 0;
const int archive_flags = ARCHIVE_EXTRACT_OWNER |
ARCHIVE_EXTRACT_PERM |
ARCHIVE_EXTRACT_TIME;
@@ -485,10 +483,6 @@ static int extract_single_file(struct archive *archive,
/* case 5,8: don't need to do anything special */
}
- if(strlen(newpkg->sha1sum) == 0) {
- use_md5 = 1;
- }
-
if(needbackup) {
char *tempfile = NULL;
char *hash_local = NULL, *hash_pkg = NULL;
@@ -516,15 +510,10 @@ static int extract_single_file(struct archive *archive,
return(1);
}
- if(use_md5) {
- hash_local = _alpm_MDFile(filename);
- hash_pkg = _alpm_MDFile(tempfile);
- } else {
- hash_local = _alpm_SHAFile(filename);
- hash_pkg = _alpm_SHAFile(tempfile);
- }
+ hash_local = _alpm_MDFile(filename);
+ hash_pkg = _alpm_MDFile(tempfile);
- /* append the new md5 or sha1 hash to it's respective entry
+ /* append the new md5 hash to it's respective entry
* in newpkg's backup (it will be the new orginal) */
alpm_list_t *backups;
for(backups = alpm_pkg_get_backup(newpkg); backups;
@@ -534,14 +523,7 @@ static int extract_single_file(struct archive *archive,
return(0);
}
char *backup = NULL;
- int backup_len = strlen(oldbackup) + 2; /* tab char and null byte */
-
- if(use_md5) {
- backup_len += 32; /* MD5s are 32 chars in length */
- } else {
- backup_len += 40; /* SHA1s are 40 chars in length */
- }
-
+ int backup_len = strlen(oldbackup) + 34; /* tab char, null byte and MD5 (32 char) */
backup = malloc(backup_len);
if(!backup) {
RET_ERR(PM_ERR_MEMORY, -1);
@@ -673,21 +655,14 @@ static int extract_single_file(struct archive *archive,
for(b = alpm_pkg_get_backup(newpkg); b; b = b->next) {
char *backup = NULL, *hash = NULL;
char *oldbackup = alpm_list_getdata(b);
- int backup_len = strlen(oldbackup) + 2; /* tab char and null byte */
+ int backup_len = strlen(oldbackup) + 34; /* tab char, null byte and MD5 (32 char) */
if(!oldbackup || strcmp(oldbackup, entryname) != 0) {
return(0);
}
_alpm_log(PM_LOG_DEBUG, "appending backup entry for %s", filename);
- if(use_md5) {
- backup_len += 32; /* MD5s are 32 chars in length */
- hash = _alpm_MDFile(filename);
- } else {
- backup_len += 40; /* SHA1s are 40 chars in length */
- hash = _alpm_SHAFile(filename);
- }
-
+ hash = _alpm_MDFile(filename);
backup = malloc(backup_len);
if(!backup) {
RET_ERR(PM_ERR_MEMORY, -1);
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index 9e641f3..a700f75 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -187,7 +187,6 @@ typedef enum _pmpkghasarch_t {
int alpm_pkg_load(const char *filename, pmpkg_t **pkg);
int alpm_pkg_free(pmpkg_t *pkg);
int alpm_pkg_checkmd5sum(pmpkg_t *pkg);
-int alpm_pkg_checksha1sum(pmpkg_t *pkg);
char *alpm_fetch_pkgurl(const char *url);
int alpm_pkg_vercmp(const char *ver1, const char *ver2);
char *alpm_pkg_name_hasarch(const char *pkgname);
@@ -202,7 +201,6 @@ const char *alpm_pkg_get_buildtype(pmpkg_t *pkg);
const char *alpm_pkg_get_installdate(pmpkg_t *pkg);
const char *alpm_pkg_get_packager(pmpkg_t *pkg);
const char *alpm_pkg_get_md5sum(pmpkg_t *pkg);
-const char *alpm_pkg_get_sha1sum(pmpkg_t *pkg);
const char *alpm_pkg_get_arch(pmpkg_t *pkg);
unsigned long alpm_pkg_get_size(pmpkg_t *pkg);
unsigned long alpm_pkg_get_isize(pmpkg_t *pkg);
@@ -381,7 +379,6 @@ const char *alpm_conflict_get_ctarget(pmconflict_t *conflict);
/* checksums */
char *alpm_get_md5sum(char *name);
-char *alpm_get_sha1sum(char *name);
/*
* Errors
diff --git a/lib/libalpm/backup.c b/lib/libalpm/backup.c
index ffd4508..9cdb794 100644
--- a/lib/libalpm/backup.c
+++ b/lib/libalpm/backup.c
@@ -34,7 +34,7 @@
#include "util.h"
/* Look for a filename in a pmpkg_t.backup list. If we find it,
- * then we return the md5 or sha1 hash (parsed from the same line)
+ * then we return the md5 hash (parsed from the same line)
*/
char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
{
@@ -46,7 +46,7 @@ char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
return(NULL);
}
- /* run through the backup list and parse out the md5 or sha1 hash for our file */
+ /* run through the backup list and parse out the md5 hash for our file */
for(lp = backup; lp; lp = lp->next) {
char *str = strdup(lp->data);
char *ptr;
@@ -59,7 +59,7 @@ char *_alpm_needbackup(const char *file, const alpm_list_t *backup)
}
*ptr = '\0';
ptr++;
- /* now str points to the filename and ptr points to the md5 or sha1 hash */
+ /* now str points to the filename and ptr points to the md5 hash */
if(strcmp(file, str) == 0) {
char *hash = strdup(ptr);
FREE(str);
diff --git a/lib/libalpm/be_files.c b/lib/libalpm/be_files.c
index ea00563..b3d06a9 100644
--- a/lib/libalpm/be_files.c
+++ b/lib/libalpm/be_files.c
@@ -391,12 +391,6 @@ int _alpm_db_read(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq)
}
_alpm_strtrim(tmp);
info->isize = atol(tmp);
- } else if(!strcmp(line, "%SHA1SUM%")) {
- /* SHA1SUM tag only appears in sync repositories,
- * not the local one. */
- if(fgets(info->sha1sum, sizeof(info->sha1sum), fp) == NULL) {
- goto error;
- }
} else if(!strcmp(line, "%MD5SUM%")) {
/* MD5SUM tag only appears in sync repositories,
* not the local one. */
@@ -607,10 +601,7 @@ int _alpm_db_write(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq)
fprintf(fp, "%%ISIZE%%\n"
"%lu\n\n", info->isize);
}
- if(info->sha1sum) {
- fprintf(fp, "%%SHA1SUM%%\n"
- "%s\n\n", info->sha1sum);
- } else if(info->md5sum) {
+ if(info->md5sum) {
fprintf(fp, "%%MD5SUM%%\n"
"%s\n\n", info->md5sum);
}
diff --git a/lib/libalpm/package.c b/lib/libalpm/package.c
index d5eca20..598979e 100644
--- a/lib/libalpm/package.c
+++ b/lib/libalpm/package.c
@@ -95,57 +95,6 @@ int SYMEXPORT alpm_pkg_free(pmpkg_t *pkg)
return(0);
}
-/** Check the integrity (with sha1) of a package from the sync cache.
- * @param pkg package pointer
- * @return 0 on success, -1 on error (pm_errno is set accordingly)
- */
-int SYMEXPORT alpm_pkg_checksha1sum(pmpkg_t *pkg)
-{
- char path[PATH_MAX];
- struct stat buf;
- char *sha1sum = NULL;
- alpm_list_t *i;
- int retval = 0;
-
- ALPM_LOG_FUNC;
-
- ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1));
- /* We only inspect packages from sync repositories */
- ASSERT(pkg->origin == PKG_FROM_CACHE, RET_ERR(PM_ERR_PKG_INVALID, -1));
- ASSERT(pkg->data != handle->db_local, RET_ERR(PM_ERR_PKG_INVALID, -1));
-
- /* Loop through the cache dirs until we find a matching file */
- for(i = alpm_option_get_cachedirs(); i; i = alpm_list_next(i)) {
- snprintf(path, PATH_MAX, "%s%s-%s" PKGEXT, (char*)alpm_list_getdata(i),
- alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
- if(stat(path, &buf) == 0) {
- break;
- }
- }
-
- sha1sum = alpm_get_sha1sum(path);
- if(sha1sum == NULL) {
- _alpm_log(PM_LOG_ERROR, _("could not get sha1sum for package %s-%s"),
- alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
- pm_errno = PM_ERR_NOT_A_FILE;
- retval = -1;
- } else {
- if(strcmp(sha1sum, alpm_pkg_get_sha1sum(pkg)) == 0) {
- _alpm_log(PM_LOG_DEBUG, "sha1sums for package %s-%s match",
- alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
- } else {
- _alpm_log(PM_LOG_ERROR, _("sha1sums do not match for package %s-%s"),
- alpm_pkg_get_name(pkg), alpm_pkg_get_version(pkg));
- pm_errno = PM_ERR_PKG_INVALID;
- retval = -1;
- }
- }
-
- FREE(sha1sum);
-
- return(retval);
-}
-
/** Check the integrity (with md5) of a package from the sync cache.
* @param pkg package pointer
* @return 0 on success, -1 on error (pm_errno is set accordingly)
@@ -392,20 +341,6 @@ const char SYMEXPORT *alpm_pkg_get_md5sum(pmpkg_t *pkg)
return pkg->md5sum;
}
-const char SYMEXPORT *alpm_pkg_get_sha1sum(pmpkg_t *pkg)
-{
- ALPM_LOG_FUNC;
-
- /* Sanity checks */
- ASSERT(handle != NULL, return(NULL));
- ASSERT(pkg != NULL, return(NULL));
-
- if(pkg->origin == PKG_FROM_CACHE && !(pkg->infolevel & INFRQ_DESC)) {
- _alpm_db_read(pkg->data, pkg, INFRQ_DESC);
- }
- return pkg->sha1sum;
-}
-
const char SYMEXPORT *alpm_pkg_get_arch(pmpkg_t *pkg)
{
ALPM_LOG_FUNC;
diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h
index f704ab9..f6cb3d0 100644
--- a/lib/libalpm/package.h
+++ b/lib/libalpm/package.h
@@ -46,7 +46,6 @@ typedef enum _pmpkgfrom_t {
#define PKG_TYPE_LEN 32
#define PKG_PACKAGER_LEN 64
#define PKG_MD5SUM_LEN 33
-#define PKG_SHA1SUM_LEN 41
#define PKG_ARCH_LEN 32
struct __pmpkg_t {
@@ -59,7 +58,6 @@ struct __pmpkg_t {
char installdate[PKG_DATE_LEN];
char packager[PKG_PACKAGER_LEN];
char md5sum[PKG_MD5SUM_LEN];
- char sha1sum[PKG_SHA1SUM_LEN];
char arch[PKG_ARCH_LEN];
unsigned long size;
unsigned long isize;
diff --git a/lib/libalpm/remove.c b/lib/libalpm/remove.c
index 33c122d..22d209a 100644
--- a/lib/libalpm/remove.c
+++ b/lib/libalpm/remove.c
@@ -40,7 +40,6 @@
#include "util.h"
#include "error.h"
#include "md5.h"
-#include "sha1.h"
#include "log.h"
#include "backup.h"
#include "package.h"
diff --git a/lib/libalpm/sha1.c b/lib/libalpm/sha1.c
deleted file mode 100644
index a164a89..0000000
--- a/lib/libalpm/sha1.c
+++ /dev/null
@@ -1,431 +0,0 @@
-/* sha.c - Functions to compute SHA1 message digest of files or
- memory blocks according to the NIST specification FIPS-180-1.
-
- Copyright (C) 2000, 2001, 2003 Free Software Foundation, Inc.
-
- This program is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by the
- Free Software Foundation; either version 2, or (at your option) any
- later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software Foundation,
- Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
-
-/* Written by Scott G. Miller
- Credits:
- Robert Klep <robert at ilse.nl> -- Expansion function fix
-*/
-
-#include "config.h"
-
-#include <sys/types.h>
-#include <stdlib.h>
-#include <string.h>
-
-/* libalpm */
-#include "sha1.h"
-#include "alpm.h"
-#include "log.h"
-#include "util.h"
-
-/*
- Not-swap is a macro that does an endian swap on architectures that are
- big-endian, as SHA needs some data in a little-endian format
-*/
-
-#ifdef WORDS_BIGENDIAN
-# define NOTSWAP(n) (n)
-# define SWAP(n) \
- (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
-#else
-# define NOTSWAP(n) \
- (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
-# define SWAP(n) (n)
-#endif
-
-#define BLOCKSIZE 4096
-/* Ensure that BLOCKSIZE is a multiple of 64. */
-#if BLOCKSIZE % 64 != 0
-/* FIXME-someday (soon?): use #error instead of this kludge. */
-"invalid BLOCKSIZE"
-#endif
-
-/* This array contains the bytes used to pad the buffer to the next
- 64-byte boundary. (RFC 1321, 3.1: Step 1) */
-static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
-
-
-/* Starting with the result of former calls of this function (or the
- initialization function update the context for the next LEN bytes
- starting at BUFFER.
- It is necessary that LEN is a multiple of 64!!! */
-static void sha_process_block (const void *buffer, size_t len,
- struct sha_ctx *ctx);
-
-/* Starting with the result of former calls of this function (or the
- initialization function update the context for the next LEN bytes
- starting at BUFFER.
- It is NOT required that LEN is a multiple of 64. */
-static void sha_process_bytes (const void *buffer, size_t len,
- struct sha_ctx *ctx);
-
-/* Put result from CTX in first 20 bytes following RESBUF. The result is
- always in little endian byte order, so that a byte-wise output yields
- to the wanted ASCII representation of the message digest.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-static void *sha_read_ctx (const struct sha_ctx *ctx, void *resbuf);
-
-/*
- Takes a pointer to a 160 bit block of data (five 32 bit ints) and
- intializes it to the start constants of the SHA1 algorithm. This
- must be called before using hash in the call to sha_hash
-*/
-static void
-sha_init_ctx (struct sha_ctx *ctx)
-{
- ctx->A = 0x67452301;
- ctx->B = 0xefcdab89;
- ctx->C = 0x98badcfe;
- ctx->D = 0x10325476;
- ctx->E = 0xc3d2e1f0;
-
- ctx->total[0] = ctx->total[1] = 0;
- ctx->buflen = 0;
-}
-
-/* Put result from CTX in first 20 bytes following RESBUF. The result
- must be in little endian byte order.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-static void *
-sha_read_ctx (const struct sha_ctx *ctx, void *resbuf)
-{
- ((sha_uint32 *) resbuf)[0] = NOTSWAP (ctx->A);
- ((sha_uint32 *) resbuf)[1] = NOTSWAP (ctx->B);
- ((sha_uint32 *) resbuf)[2] = NOTSWAP (ctx->C);
- ((sha_uint32 *) resbuf)[3] = NOTSWAP (ctx->D);
- ((sha_uint32 *) resbuf)[4] = NOTSWAP (ctx->E);
-
- return resbuf;
-}
-
-/* Process the remaining bytes in the internal buffer and the usual
- prolog according to the standard and write the result to RESBUF.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-static void *
-sha_finish_ctx (struct sha_ctx *ctx, void *resbuf)
-{
- /* Take yet unprocessed bytes into account. */
- sha_uint32 bytes = ctx->buflen;
- size_t pad;
-
- /* Now count remaining bytes. */
- ctx->total[0] += bytes;
- if (ctx->total[0] < bytes)
- ++ctx->total[1];
-
- pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
- memcpy (&ctx->buffer[bytes], fillbuf, pad);
-
- /* Put the 64-bit file length in *bits* at the end of the buffer. */
- *(sha_uint32 *) &ctx->buffer[bytes + pad + 4] = NOTSWAP (ctx->total[0] << 3);
- *(sha_uint32 *) &ctx->buffer[bytes + pad] = NOTSWAP ((ctx->total[1] << 3) |
- (ctx->total[0] >> 29));
-
- /* Process last bytes. */
- sha_process_block (ctx->buffer, bytes + pad + 8, ctx);
-
- return sha_read_ctx (ctx, resbuf);
-}
-
-static void
-sha_process_bytes (const void *buffer, size_t len, struct sha_ctx *ctx)
-{
- /* When we already have some bits in our internal buffer concatenate
- both inputs first. */
- if (ctx->buflen != 0)
- {
- size_t left_over = ctx->buflen;
- size_t add = 128 - left_over > len ? len : 128 - left_over;
-
- memcpy (&ctx->buffer[left_over], buffer, add);
- ctx->buflen += add;
-
- if (ctx->buflen > 64)
- {
- sha_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
-
- ctx->buflen &= 63;
- /* The regions in the following copy operation cannot overlap. */
- memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
- ctx->buflen);
- }
-
- buffer = (const char *) buffer + add;
- len -= add;
- }
-
- /* Process available complete blocks. */
- if (len >= 64)
- {
-#if !_STRING_ARCH_unaligned
-/* To check alignment gcc has an appropriate operator. Other
- compilers don't. */
-# if __GNUC__ >= 2
-# define UNALIGNED_P(p) (((sha_uintptr) p) % __alignof__ (sha_uint32) != 0)
-# else
-# define UNALIGNED_P(p) (((sha_uintptr) p) % sizeof (sha_uint32) != 0)
-# endif
- if (UNALIGNED_P (buffer))
- while (len > 64)
- {
- sha_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
- buffer = (const char *) buffer + 64;
- len -= 64;
- }
- else
-#endif
- {
- sha_process_block (buffer, len & ~63, ctx);
- buffer = (const char *) buffer + (len & ~63);
- len &= 63;
- }
- }
-
- /* Move remaining bytes in internal buffer. */
- if (len > 0)
- {
- size_t left_over = ctx->buflen;
-
- memcpy (&ctx->buffer[left_over], buffer, len);
- left_over += len;
- if (left_over >= 64)
- {
- sha_process_block (ctx->buffer, 64, ctx);
- left_over -= 64;
- memcpy (ctx->buffer, &ctx->buffer[64], left_over);
- }
- ctx->buflen = left_over;
- }
-}
-
-/* --- Code below is the primary difference between md5.c and sha.c --- */
-
-/* SHA1 round constants */
-#define K1 0x5a827999L
-#define K2 0x6ed9eba1L
-#define K3 0x8f1bbcdcL
-#define K4 0xca62c1d6L
-
-/* Round functions. Note that F2 is the same as F4. */
-#define F1(B,C,D) ( D ^ ( B & ( C ^ D ) ) )
-#define F2(B,C,D) (B ^ C ^ D)
-#define F3(B,C,D) ( ( B & C ) | ( D & ( B | C ) ) )
-#define F4(B,C,D) (B ^ C ^ D)
-
-/* Process LEN bytes of BUFFER, accumulating context into CTX.
- It is assumed that LEN % 64 == 0.
- Most of this code comes from GnuPG's cipher/sha1.c. */
-
-static void
-sha_process_block (const void *buffer, size_t len, struct sha_ctx *ctx)
-{
- const sha_uint32 *words = buffer;
- size_t nwords = len / sizeof (sha_uint32);
- const sha_uint32 *endp = words + nwords;
- sha_uint32 x[16];
- sha_uint32 a = ctx->A;
- sha_uint32 b = ctx->B;
- sha_uint32 c = ctx->C;
- sha_uint32 d = ctx->D;
- sha_uint32 e = ctx->E;
-
- /* First increment the byte count. RFC 1321 specifies the possible
- length of the file up to 2^64 bits. Here we only compute the
- number of bytes. Do a double word increment. */
- ctx->total[0] += len;
- if (ctx->total[0] < len)
- ++ctx->total[1];
-
-#define M(I) ( tm = x[I&0x0f] ^ x[(I-14)&0x0f] \
- ^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \
- , (x[I&0x0f] = rol(tm, 1)) )
-
-#define R(A,B,C,D,E,F,K,M) do { E += rol( A, 5 ) \
- + F( B, C, D ) \
- + K \
- + M; \
- B = rol( B, 30 ); \
- } while(0)
-
- while (words < endp)
- {
- sha_uint32 tm;
- int t;
- /* FIXME: see sha1.c for a better implementation. */
- for (t = 0; t < 16; t++)
- {
- x[t] = NOTSWAP (*words);
- words++;
- }
-
- R( a, b, c, d, e, F1, K1, x[ 0] );
- R( e, a, b, c, d, F1, K1, x[ 1] );
- R( d, e, a, b, c, F1, K1, x[ 2] );
- R( c, d, e, a, b, F1, K1, x[ 3] );
- R( b, c, d, e, a, F1, K1, x[ 4] );
- R( a, b, c, d, e, F1, K1, x[ 5] );
- R( e, a, b, c, d, F1, K1, x[ 6] );
- R( d, e, a, b, c, F1, K1, x[ 7] );
- R( c, d, e, a, b, F1, K1, x[ 8] );
- R( b, c, d, e, a, F1, K1, x[ 9] );
- R( a, b, c, d, e, F1, K1, x[10] );
- R( e, a, b, c, d, F1, K1, x[11] );
- R( d, e, a, b, c, F1, K1, x[12] );
- R( c, d, e, a, b, F1, K1, x[13] );
- R( b, c, d, e, a, F1, K1, x[14] );
- R( a, b, c, d, e, F1, K1, x[15] );
- R( e, a, b, c, d, F1, K1, M(16) );
- R( d, e, a, b, c, F1, K1, M(17) );
- R( c, d, e, a, b, F1, K1, M(18) );
- R( b, c, d, e, a, F1, K1, M(19) );
- R( a, b, c, d, e, F2, K2, M(20) );
- R( e, a, b, c, d, F2, K2, M(21) );
- R( d, e, a, b, c, F2, K2, M(22) );
- R( c, d, e, a, b, F2, K2, M(23) );
- R( b, c, d, e, a, F2, K2, M(24) );
- R( a, b, c, d, e, F2, K2, M(25) );
- R( e, a, b, c, d, F2, K2, M(26) );
- R( d, e, a, b, c, F2, K2, M(27) );
- R( c, d, e, a, b, F2, K2, M(28) );
- R( b, c, d, e, a, F2, K2, M(29) );
- R( a, b, c, d, e, F2, K2, M(30) );
- R( e, a, b, c, d, F2, K2, M(31) );
- R( d, e, a, b, c, F2, K2, M(32) );
- R( c, d, e, a, b, F2, K2, M(33) );
- R( b, c, d, e, a, F2, K2, M(34) );
- R( a, b, c, d, e, F2, K2, M(35) );
- R( e, a, b, c, d, F2, K2, M(36) );
- R( d, e, a, b, c, F2, K2, M(37) );
- R( c, d, e, a, b, F2, K2, M(38) );
- R( b, c, d, e, a, F2, K2, M(39) );
- R( a, b, c, d, e, F3, K3, M(40) );
- R( e, a, b, c, d, F3, K3, M(41) );
- R( d, e, a, b, c, F3, K3, M(42) );
- R( c, d, e, a, b, F3, K3, M(43) );
- R( b, c, d, e, a, F3, K3, M(44) );
- R( a, b, c, d, e, F3, K3, M(45) );
- R( e, a, b, c, d, F3, K3, M(46) );
- R( d, e, a, b, c, F3, K3, M(47) );
- R( c, d, e, a, b, F3, K3, M(48) );
- R( b, c, d, e, a, F3, K3, M(49) );
- R( a, b, c, d, e, F3, K3, M(50) );
- R( e, a, b, c, d, F3, K3, M(51) );
- R( d, e, a, b, c, F3, K3, M(52) );
- R( c, d, e, a, b, F3, K3, M(53) );
- R( b, c, d, e, a, F3, K3, M(54) );
- R( a, b, c, d, e, F3, K3, M(55) );
- R( e, a, b, c, d, F3, K3, M(56) );
- R( d, e, a, b, c, F3, K3, M(57) );
- R( c, d, e, a, b, F3, K3, M(58) );
- R( b, c, d, e, a, F3, K3, M(59) );
- R( a, b, c, d, e, F4, K4, M(60) );
- R( e, a, b, c, d, F4, K4, M(61) );
- R( d, e, a, b, c, F4, K4, M(62) );
- R( c, d, e, a, b, F4, K4, M(63) );
- R( b, c, d, e, a, F4, K4, M(64) );
- R( a, b, c, d, e, F4, K4, M(65) );
- R( e, a, b, c, d, F4, K4, M(66) );
- R( d, e, a, b, c, F4, K4, M(67) );
- R( c, d, e, a, b, F4, K4, M(68) );
- R( b, c, d, e, a, F4, K4, M(69) );
- R( a, b, c, d, e, F4, K4, M(70) );
- R( e, a, b, c, d, F4, K4, M(71) );
- R( d, e, a, b, c, F4, K4, M(72) );
- R( c, d, e, a, b, F4, K4, M(73) );
- R( b, c, d, e, a, F4, K4, M(74) );
- R( a, b, c, d, e, F4, K4, M(75) );
- R( e, a, b, c, d, F4, K4, M(76) );
- R( d, e, a, b, c, F4, K4, M(77) );
- R( c, d, e, a, b, F4, K4, M(78) );
- R( b, c, d, e, a, F4, K4, M(79) );
-
- a = ctx->A += a;
- b = ctx->B += b;
- c = ctx->C += c;
- d = ctx->D += d;
- e = ctx->E += e;
- }
-}
-
-/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
-rights reserved.
-
-RSA Data Security, Inc. makes no representations concerning either
-the merchantability of this software or the suitability of this
-software for any particular purpose. It is provided "as is"
-without express or implied warranty of any kind.
-
-These notices must be retained in any copies of any part of this
-documentation and/or software.
- */
-
-/** Get the sha1 sum of file.
- * @param name name of the file
- * @return the checksum on success, NULL on error
- * @addtogroup alpm_misc
- */
-char SYMEXPORT *alpm_get_sha1sum(char *name)
-{
- ALPM_LOG_FUNC;
-
- ASSERT(name != NULL, return(NULL));
-
- return(_alpm_SHAFile(name));
-}
-
-char* _alpm_SHAFile(char *filename) {
- FILE *file;
- struct sha_ctx context;
- int len, i;
- char hex[3];
- unsigned char buffer[1024], digest[20];
- char *ret;
-
- ALPM_LOG_FUNC;
-
- if((file = fopen(filename, "rb")) == NULL) {
- _alpm_log(PM_LOG_ERROR, _("sha1: %s can't be opened\n"), filename);
- } else {
- sha_init_ctx(&context);
- while((len = fread(buffer, 1, 1024, file))) {
- sha_process_bytes(buffer, len, &context);
- }
- sha_finish_ctx(&context, digest);
- fclose(file);
-
- ret = (char*)malloc(41);
- ret[0] = '\0';
- for(i = 0; i < 20; i++) {
- snprintf(hex, 3, "%02x", digest[i]);
- strncat(ret, hex, 2);
- }
- _alpm_log(PM_LOG_DEBUG, "sha1(%s) = %s", filename, ret);
- return(ret);
- }
-
- return(NULL);
-}
-
-/* vim: set ts=2 sw=2 noet: */
diff --git a/lib/libalpm/sha1.h b/lib/libalpm/sha1.h
deleted file mode 100644
index fc0aa23..0000000
--- a/lib/libalpm/sha1.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/* Declarations of functions and data types used for SHA1 sum
- library functions.
- Copyright (C) 2000, 2001, 2003 Free Software Foundation, Inc.
-
- This program is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by the
- Free Software Foundation; either version 2, or (at your option) any
- later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software Foundation,
- Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
-#ifndef _ALPM_SHA1_H
-#define _ALPM_SHA1_H
-
-#include <stdio.h>
-#include <limits.h>
-
-#define rol(x,n) ( ((x) << (n)) | ((x) >> (32 -(n))) )
-/* TODO check this comment */
-/* The code below is from md5.h (from coreutils), little modifications */
-#define UINT_MAX_32_BITS 4294967295U
-
-/* This new ifdef allows splint to not fail on its static code check */
-#ifdef S_SPLINT_S
- typedef unsigned int sha_uint32;
-#else
-#if UINT_MAX == UINT_MAX_32_BITS
- typedef unsigned int sha_uint32;
-#else
-#if USHRT_MAX == UINT_MAX_32_BITS
- typedef unsigned short sha_uint32;
-#else
-#if ULONG_MAX == UINT_MAX_32_BITS
- typedef unsigned long sha_uint32;
-#else
- /* The following line is intended to evoke an error. Using #error is not portable enough. */
-#error "Cannot determine unsigned 32-bit data type"
-#endif /* ULONG_MAX */
-#endif /* USHRT_MAX */
-#endif /* UINT_MAX */
-#endif /* S_SPLINT_S */
-/* We have to make a guess about the integer type equivalent in size
- to pointers which should always be correct. */
-typedef unsigned long int sha_uintptr;
-
-/* Structure to save state of computation between the single steps. */
-struct sha_ctx
-{
- sha_uint32 A;
- sha_uint32 B;
- sha_uint32 C;
- sha_uint32 D;
- sha_uint32 E;
-
- sha_uint32 total[2];
- sha_uint32 buflen;
- char buffer[128];
-};
-
-
-/* Needed for pacman */
-char *_alpm_SHAFile (char *);
-
-#endif /* _ALPM_SHA1_H */
-
-/* vim: set ts=2 sw=2 noet: */
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 005123d..a456aae 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -48,7 +48,6 @@
#include "handle.h"
#include "alpm.h"
#include "md5.h"
-#include "sha1.h"
#include "server.h"
pmsyncpkg_t *_alpm_sync_new(int type, pmpkg_t *spkg, void *data)
@@ -808,19 +807,18 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
char str[PATH_MAX];
struct stat buf;
const char *pkgname;
- char *md5sum1, *md5sum2, *sha1sum1, *sha1sum2;
+ char *md5sum1, *md5sum2;
char *ptr=NULL;
pkgname = alpm_pkg_get_filename(spkg);
md5sum1 = spkg->md5sum;
- sha1sum1 = spkg->sha1sum;
- if((md5sum1 == NULL) && (sha1sum1 == NULL)) {
+ if(md5sum1 == NULL) {
/* TODO wtf is this? malloc'd strings for error messages? */
if((ptr = calloc(512, sizeof(char))) == NULL) {
RET_ERR(PM_ERR_MEMORY, -1);
}
- snprintf(ptr, 512, _("can't get md5 or sha1 checksum for package %s\n"), pkgname);
+ snprintf(ptr, 512, _("can't get md5 checksum for package %s\n"), pkgname);
*data = alpm_list_add(*data, ptr);
retval = 1;
continue;
@@ -837,17 +835,16 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
}
md5sum2 = alpm_get_md5sum(str);
- sha1sum2 = alpm_get_sha1sum(str);
- if(md5sum2 == NULL && sha1sum2 == NULL) {
+ if(md5sum2 == NULL) {
if((ptr = calloc(512, sizeof(char))) == NULL) {
RET_ERR(PM_ERR_MEMORY, -1);
}
- snprintf(ptr, 512, _("can't get md5 or sha1 checksum for package %s\n"), pkgname);
+ snprintf(ptr, 512, _("can't get md5 checksum for package %s\n"), pkgname);
*data = alpm_list_add(*data, ptr);
retval = 1;
continue;
}
- if((strcmp(md5sum1, md5sum2) != 0) && (strcmp(sha1sum1, sha1sum2) != 0)) {
+ if(strcmp(md5sum1, md5sum2) != 0) {
int doremove=0;
if((ptr = calloc(512, sizeof(char))) == NULL) {
RET_ERR(PM_ERR_MEMORY, -1);
@@ -855,15 +852,14 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
QUESTION(trans, PM_TRANS_CONV_CORRUPTED_PKG, (char *)pkgname, NULL, NULL, &doremove);
if(doremove) {
unlink(str);
- snprintf(ptr, 512, _("archive %s was corrupted (bad MD5 or SHA1 checksum)\n"), pkgname);
+ snprintf(ptr, 512, _("archive %s was corrupted (bad MD5 checksum)\n"), pkgname);
} else {
- snprintf(ptr, 512, _("archive %s is corrupted (bad MD5 or SHA1 checksum)\n"), pkgname);
+ snprintf(ptr, 512, _("archive %s is corrupted (bad MD5 checksum)\n"), pkgname);
}
*data = alpm_list_add(*data, ptr);
retval = 1;
}
FREE(md5sum2);
- FREE(sha1sum2);
}
if(retval) {
pm_errno = PM_ERR_PKG_CORRUPTED;
diff --git a/src/pacman/package.c b/src/pacman/package.c
index 3a3381f..86d91ec 100644
--- a/src/pacman/package.c
+++ b/src/pacman/package.c
@@ -110,7 +110,7 @@ void dump_pkg_full(pmpkg_t *pkg, int level)
*/
void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
{
- const char *descheader, *md5sum, *sha1sum;
+ const char *descheader, *md5sum;
if(pkg == NULL) {
return;
}
@@ -118,7 +118,6 @@ void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
descheader = _("Description : ");
md5sum = alpm_pkg_get_md5sum(pkg);
- sha1sum = alpm_pkg_get_sha1sum(pkg);
printf(_("Repository : %s\n"), treename);
printf(_("Name : %s\n"), (char *)alpm_pkg_get_name(pkg));
@@ -139,9 +138,6 @@ void dump_pkg_sync(pmpkg_t *pkg, const char *treename)
if (md5sum != NULL && md5sum[0] != '\0') {
printf(_("MD5 Sum : %s"), md5sum);
}
- if (sha1sum != NULL && sha1sum[0] != '\0') {
- printf(_("SHA1 Sum : %s"), sha1sum);
- }
printf("\n");
}
@@ -168,31 +164,22 @@ void dump_pkg_backups(pmpkg_t *pkg)
snprintf(path, PATH_MAX-1, "%s%s", root, str);
/* if we find the file, calculate checksums, otherwise it is missing */
if(!stat(path, &buf)) {
- char *sum;
char *md5sum = alpm_get_md5sum(path);
- char *sha1sum = alpm_get_sha1sum(path);
- if(md5sum == NULL || sha1sum == NULL) {
+ if(md5sum == NULL) {
fprintf(stderr, _("error: could not calculate checksums for %s\n"),
path);
free(str);
continue;
}
- /* TODO Is this a good way to check type of backup stored?
- * We aren't storing it anywhere in the database. */
- if (strlen(ptr) == 32) {
- sum = md5sum;
- } else { /*if (strlen(ptr) == 40) */
- sum = sha1sum;
- }
+
/* if checksums don't match, file has been modified */
- if (strcmp(sum, ptr)) {
+ if (strcmp(md5sum, ptr)) {
printf(_("MODIFIED\t%s\n"), path);
} else {
printf(_("Not Modified\t%s\n"), path);
}
free(md5sum);
- free(sha1sum);
} else {
printf(_("MISSING\t\t%s\n"), path);
}
--
1.5.2.4
More information about the pacman-dev
mailing list