Added support to check the SHA256 hash for any binpkg before installation happens.

--HG-- extra : convert_revision : 4f812eb0cfb614461527e360db1692bd5f9c34aa
2009-03-02 23:38:24 +01:00 · 2009-03-02 23:38:24 +01:00 · 37e4be86f9
commit 37e4be86f9
parent 05f918ea93
6 changed files with 74 additions and 14 deletions
--- a/lib/util.c
+++ b/lib/util.c
@ -61,6 +61,53 @@ xbps_check_file_hash(const char *path, const char *sha256)
 	return rv;
 }

+int
+xbps_check_pkg_file_hash(prop_dictionary_t pkgd, const char *repoloc)
+{
+	const char *sha256, *arch, *filename;
+	char *binfile, *path;
+	int rv = 0;
+
+	assert(repoloc != NULL);
+
+	if (!prop_dictionary_get_cstring_nocopy(pkgd, "filename", &filename))
+		return EINVAL;
+
+	if (!prop_dictionary_get_cstring_nocopy(pkgd, "filename-sha256",
+	    &sha256))
+		return EINVAL;
+
+	if (!prop_dictionary_get_cstring_nocopy(pkgd, "architecture", &arch))
+		return EINVAL;
+
+	path = xbps_append_full_path(false, repoloc, arch);
+	if (path == NULL)
+		return EINVAL;
+
+	binfile = xbps_append_full_path(false, path, filename);
+	if (binfile == NULL) {
+		free(path);
+		return EINVAL;
+	}
+	free(path);
+
+	printf("Checking SHA256 for %s ... ", filename);
+	(void)fflush(stdout);
+
+	rv = xbps_check_file_hash(binfile, sha256);
+	if (rv != 0 && rv != ERANGE)
+		printf("failed (%s)\n", strerror(rv));
+	else if (rv == ERANGE)
+		printf("failed! aborting installation.\n");
+	else if (rv == 0)
+		printf("ok.\n");
+
+	(void)fflush(stdout);
+
+	free(binfile);
+	return rv;
+}
+
 int
 xbps_check_is_installed_pkg(const char *pkg)
 {