diff options
| author | Marc Espie <espie@cvs.openbsd.org> | 2014-01-07 13:26:19 +0000 |
|---|---|---|
| committer | Marc Espie <espie@cvs.openbsd.org> | 2014-01-07 13:26:19 +0000 |
| commit | d6e6126abaeffefba50590c94b710a28f960e2e8 (patch) | |
| tree | 4ba19c763a50f8261bb7e42e09558149bff169c0 /usr.sbin | |
| parent | 06c435c63738a554c759c04a747e5b0455a5b96f (diff) | |
let's verify all checksums.
I forgot about special files, since they've been extracted early,
but they can be checked nonetheless.
(prevents people from tampering with DESC and the like)
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/Add.pm | 10 | ||||
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/PackingElement.pm | 26 | ||||
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/Replace.pm | 9 |
3 files changed, 42 insertions, 3 deletions
diff --git a/usr.sbin/pkg_add/OpenBSD/Add.pm b/usr.sbin/pkg_add/OpenBSD/Add.pm index fcbf9fffb50..922469b7f9e 100644 --- a/usr.sbin/pkg_add/OpenBSD/Add.pm +++ b/usr.sbin/pkg_add/OpenBSD/Add.pm @@ -1,5 +1,5 @@ # ex:ts=8 sw=4: -# $OpenBSD: Add.pm,v 1.136 2014/01/07 10:22:05 espie Exp $ +# $OpenBSD: Add.pm,v 1.137 2014/01/07 13:26:17 espie Exp $ # # Copyright (c) 2003-2007 Marc Espie <espie@openbsd.org> # @@ -709,6 +709,14 @@ sub copy_info $self->fullname, $dest, $!); } +sub install +{ + my ($self, $state) = @_; + if (!$state->{extracted_first}) { + $self->may_verify_digest($state); + } +} + package OpenBSD::PackingElement::FCONTENTS; sub copy_info { diff --git a/usr.sbin/pkg_add/OpenBSD/PackingElement.pm b/usr.sbin/pkg_add/OpenBSD/PackingElement.pm index 717ca72e7c0..7edf37cfd67 100644 --- a/usr.sbin/pkg_add/OpenBSD/PackingElement.pm +++ b/usr.sbin/pkg_add/OpenBSD/PackingElement.pm @@ -1,5 +1,5 @@ # ex:ts=8 sw=4: -# $OpenBSD: PackingElement.pm,v 1.220 2014/01/04 14:14:55 espie Exp $ +# $OpenBSD: PackingElement.pm,v 1.221 2014/01/07 13:26:18 espie Exp $ # # Copyright (c) 2003-2010 Marc Espie <espie@openbsd.org> # @@ -1663,6 +1663,26 @@ sub new &OpenBSD::PackingElement::UniqueOption::new; } +sub may_verify_digest +{ + my ($self, $state) = @_; + if (!$state->{check_digest}) { + return; + } + if (!defined $self->{d}) { + $state->log->fatal($state->f("#1 does not have a signature", + $self->fullname)); + } + my $d = $self->compute_digest($self->fullname); + if (!$d->equals($self->{d})) { + $state->log->fatal($state->f("checksum for #1 does not match", + $self->fullname)); + } + if ($state->verbose >= 3) { + $state->say("Checksum match for #1", $self->fullname); + } +} + package OpenBSD::PackingElement::FCONTENTS; our @ISA=qw(OpenBSD::PackingElement::SpecialFile); sub name() { OpenBSD::PackageInfo::CONTENTS } @@ -1678,6 +1698,10 @@ sub copy_deep_if { } +# CONTENTS doesn't have a checksum +sub may_verify_digest +{ +} package OpenBSD::PackingElement::FCOMMENT; our @ISA=qw(OpenBSD::PackingElement::SpecialFile); sub name() { OpenBSD::PackageInfo::COMMENT } diff --git a/usr.sbin/pkg_add/OpenBSD/Replace.pm b/usr.sbin/pkg_add/OpenBSD/Replace.pm index 9ab688218d3..dd01020877b 100644 --- a/usr.sbin/pkg_add/OpenBSD/Replace.pm +++ b/usr.sbin/pkg_add/OpenBSD/Replace.pm @@ -1,5 +1,5 @@ # ex:ts=8 sw=4: -# $OpenBSD: Replace.pm,v 1.84 2012/04/28 12:00:10 espie Exp $ +# $OpenBSD: Replace.pm,v 1.85 2014/01/07 13:26:18 espie Exp $ # # Copyright (c) 2004-2010 Marc Espie <espie@openbsd.org> # @@ -129,6 +129,13 @@ sub extract { } +package OpenBSD::PackingElement::SpecialFile; +sub extract +{ + my ($self, $state) = @_; + $self->may_verify_digest($state); +} + package OpenBSD::PackingElement::Exec; sub update_issue { |