Просмотр исходного кода

(ABI break)
* merged apt--sha256 branch to fully support the new
sha256 checksums in the Packages and Release files
(ABI break)

Michael Vogt лет назад: 19
Родитель
Сommit
c3279b9d10

+ 59 - 74
apt-pkg/acquire-item.cc

@@ -95,7 +95,7 @@ void pkgAcquire::Item::Start(string /*Message*/,unsigned long Size)
 // Acquire::Item::Done - Item downloaded OK				/*{{{*/
 // Acquire::Item::Done - Item downloaded OK				/*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
 /* */
 /* */
-void pkgAcquire::Item::Done(string Message,unsigned long Size,string,
+void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash,
 			    pkgAcquire::MethodConfig *Cnf)
 			    pkgAcquire::MethodConfig *Cnf)
 {
 {
    // We just downloaded something..
    // We just downloaded something..
@@ -142,8 +142,9 @@ void pkgAcquire::Item::Rename(string From,string To)
  */
  */
 pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
 pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
 				 string URI,string URIDesc,string ShortDesc,
 				 string URI,string URIDesc,string ShortDesc,
-				 string ExpectedMD5)
-   : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5), Description(URIDesc)
+				 HashString ExpectedHash)
+   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
+     Description(URIDesc)
 {
 {
    
    
    Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
    Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
@@ -271,11 +272,11 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)
       if(found) 
       if(found) 
       {
       {
 	 // queue the diffs
 	 // queue the diffs
-	 unsigned int last_space = Description.rfind(" ");
+	 string::size_type last_space = Description.rfind(" ");
 	 if(last_space != string::npos)
 	 if(last_space != string::npos)
 	    Description.erase(last_space, Description.size()-last_space);
 	    Description.erase(last_space, Description.size()-last_space);
 	 new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
 	 new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
-			      ExpectedMD5, available_patches);
+			      ExpectedHash, available_patches);
 	 Complete = false;
 	 Complete = false;
 	 Status = StatDone;
 	 Status = StatDone;
 	 Dequeue();
 	 Dequeue();
@@ -298,7 +299,7 @@ void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 		<< "Falling back to normal index file aquire" << std::endl;
 		<< "Falling back to normal index file aquire" << std::endl;
 
 
    new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc, 
    new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc, 
-		   ExpectedMD5);
+		   ExpectedHash);
 
 
    Complete = false;
    Complete = false;
    Status = StatDone;
    Status = StatDone;
@@ -344,8 +345,9 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,
  */
  */
 pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
 pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
 				   string URI,string URIDesc,string ShortDesc,
 				   string URI,string URIDesc,string ShortDesc,
-				   string ExpectedMD5, vector<DiffInfo> diffs)
-   : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5), 
+				   HashString ExpectedMD5, 
+				   vector<DiffInfo> diffs)
+   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash), 
      available_patches(diffs)
      available_patches(diffs)
 {
 {
    
    
@@ -378,7 +380,7 @@ void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
       std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl
       std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl
 		<< "Falling back to normal index file aquire" << std::endl;
 		<< "Falling back to normal index file aquire" << std::endl;
    new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc, 
    new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc, 
-		   ExpectedMD5);
+		   ExpectedHash);
    Finish();
    Finish();
 }
 }
 
 
@@ -393,14 +395,7 @@ void pkgAcqIndexDiffs::Finish(bool allDone)
       DestFile = _config->FindDir("Dir::State::lists");
       DestFile = _config->FindDir("Dir::State::lists");
       DestFile += URItoFileName(RealURI);
       DestFile += URItoFileName(RealURI);
 
 
-      // do the final md5sum checking
-      MD5Summation sum;
-      FileFd Fd(DestFile, FileFd::ReadOnly);
-      sum.AddFD(Fd.Fd(), Fd.Size());
-      Fd.Close();
-      string MD5 = (string)sum.Result();
-
-      if (!ExpectedMD5.empty() && MD5 != ExpectedMD5)
+      if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
       {
       {
 	 Status = StatAuthError;
 	 Status = StatAuthError;
 	 ErrorText = _("MD5Sum mismatch");
 	 ErrorText = _("MD5Sum mismatch");
@@ -542,7 +537,7 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
       // see if there is more to download
       // see if there is more to download
       if(available_patches.size() > 0) {
       if(available_patches.size() > 0) {
 	 new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
 	 new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
-			      ExpectedMD5, available_patches);
+			      ExpectedHash, available_patches);
 	 return Finish();
 	 return Finish();
       } else 
       } else 
 	 return Finish(true);
 	 return Finish(true);
@@ -556,8 +551,8 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
    instantiated to fetch the revision file */   
    instantiated to fetch the revision file */   
 pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
 pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
 			 string URI,string URIDesc,string ShortDesc,
 			 string URI,string URIDesc,string ShortDesc,
-			 string ExpectedMD5, string comprExt)
-   : Item(Owner), RealURI(URI), ExpectedMD5(ExpectedMD5)
+			 HashString ExpectedHash, string comprExt)
+   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash)
 {
 {
    Decompression = false;
    Decompression = false;
    Erase = false;
    Erase = false;
@@ -608,7 +603,7 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 
 
       // retry with a gzip one 
       // retry with a gzip one 
       new pkgAcqIndex(Owner, RealURI, Desc.Description,Desc.ShortDesc, 
       new pkgAcqIndex(Owner, RealURI, Desc.Description,Desc.ShortDesc, 
-		      ExpectedMD5, string(".gz"));
+		      ExpectedHash, string(".gz"));
       Status = StatDone;
       Status = StatDone;
       Complete = false;
       Complete = false;
       Dequeue();
       Dequeue();
@@ -633,32 +628,23 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    to the uncompressed version of the file. If this is so the file
    to the uncompressed version of the file. If this is so the file
    is copied into the partial directory. In all other cases the file
    is copied into the partial directory. In all other cases the file
    is decompressed with a gzip uri. */
    is decompressed with a gzip uri. */
-void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5,
+void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
 		       pkgAcquire::MethodConfig *Cfg)
 		       pkgAcquire::MethodConfig *Cfg)
 {
 {
-   Item::Done(Message,Size,MD5,Cfg);
+   Item::Done(Message,Size,Hash,Cfg);
 
 
    if (Decompression == true)
    if (Decompression == true)
    {
    {
       if (_config->FindB("Debug::pkgAcquire::Auth", false))
       if (_config->FindB("Debug::pkgAcquire::Auth", false))
       {
       {
-         std::cerr << std::endl << RealURI << ": Computed MD5: " << MD5;
-         std::cerr << "  Expected MD5: " << ExpectedMD5 << std::endl;
+         std::cerr << std::endl << RealURI << ": Computed Hash: " << Hash;
+         std::cerr << "  Expected Hash: " << ExpectedHash.toStr() << std::endl;
       }
       }
 
 
-      if (MD5.empty())
-      {
-         MD5Summation sum;
-         FileFd Fd(DestFile, FileFd::ReadOnly);
-         sum.AddFD(Fd.Fd(), Fd.Size());
-         Fd.Close();
-         MD5 = (string)sum.Result();
-      }
-
-      if (!ExpectedMD5.empty() && MD5 != ExpectedMD5)
+      if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash)
       {
       {
          Status = StatAuthError;
          Status = StatAuthError;
-         ErrorText = _("MD5Sum mismatch");
+         ErrorText = _("Hash Sum mismatch");
          Rename(DestFile,DestFile + ".FAILED");
          Rename(DestFile,DestFile + ".FAILED");
          return;
          return;
       }
       }
@@ -742,8 +728,8 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string MD5,
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
 /* The Translation file is added to the queue */
 /* The Translation file is added to the queue */
 pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner,
 pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner,
-			    string URI,string URIDesc,string ShortDesc) :
-                      pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, "", "")
+			    string URI,string URIDesc,string ShortDesc) 
+  : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "")
 {
 {
 }
 }
 
 
@@ -920,10 +906,10 @@ string pkgAcqMetaIndex::Custom600Headers()
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
 }
 
 
-void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string MD5,
+void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,
 			   pkgAcquire::MethodConfig *Cfg)
 			   pkgAcquire::MethodConfig *Cfg)
 {
 {
-   Item::Done(Message,Size,MD5,Cfg);
+   Item::Done(Message,Size,Hash,Cfg);
 
 
    // MetaIndexes are done in two passes: one to download the
    // MetaIndexes are done in two passes: one to download the
    // metaindex with an appropriate method, and a second to verify it
    // metaindex with an appropriate method, and a second to verify it
@@ -1041,7 +1027,7 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
         Target != IndexTargets->end();
         Target != IndexTargets->end();
         Target++)
         Target++)
    {
    {
-      string ExpectedIndexMD5;
+      HashString ExpectedIndexHash;
       if (verify)
       if (verify)
       {
       {
          const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
          const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
@@ -1052,16 +1038,16 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
                + (*Target)->MetaKey + " in Meta-index file (malformed Release file?)";
                + (*Target)->MetaKey + " in Meta-index file (malformed Release file?)";
             return;
             return;
          }
          }
-         ExpectedIndexMD5 = Record->MD5Hash;
+         ExpectedIndexHash = Record->Hash;
          if (_config->FindB("Debug::pkgAcquire::Auth", false))
          if (_config->FindB("Debug::pkgAcquire::Auth", false))
          {
          {
             std::cerr << "Queueing: " << (*Target)->URI << std::endl;
             std::cerr << "Queueing: " << (*Target)->URI << std::endl;
-            std::cerr << "Expected MD5: " << ExpectedIndexMD5 << std::endl;
+            std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
          }
          }
-         if (ExpectedIndexMD5.empty())
+         if (ExpectedIndexHash.empty())
          {
          {
             Status = StatAuthError;
             Status = StatAuthError;
-            ErrorText = "Unable to find MD5 sum for "
+            ErrorText = "Unable to find hash sum for "
                + (*Target)->MetaKey + " in Meta-index file";
                + (*Target)->MetaKey + " in Meta-index file";
             return;
             return;
          }
          }
@@ -1071,10 +1057,10 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)
       // on the users option)
       // on the users option)
       if(_config->FindB("Acquire::PDiffs",true) == true) 
       if(_config->FindB("Acquire::PDiffs",true) == true) 
 	 new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
 	 new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
-			     (*Target)->ShortDesc, ExpectedIndexMD5);
+			     (*Target)->ShortDesc, ExpectedIndexHash);
       else 
       else 
 	 new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
 	 new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
-			    (*Target)->ShortDesc, ExpectedIndexMD5);
+			    (*Target)->ShortDesc, ExpectedIndexHash);
    }
    }
 }
 }
 
 
@@ -1314,7 +1300,12 @@ bool pkgAcqArchive::QueueNext()
 	 return false;
 	 return false;
       
       
       string PkgFile = Parse.FileName();
       string PkgFile = Parse.FileName();
-      MD5 = Parse.MD5Hash();
+      if(Parse.SHA256Hash() != "")
+	 ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
+      else if (Parse.SHA1Hash() != "")
+	 ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
+      else 
+	 ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
       if (PkgFile.empty() == true)
       if (PkgFile.empty() == true)
 	 return _error->Error(_("The package index files are corrupted. No Filename: "
 	 return _error->Error(_("The package index files are corrupted. No Filename: "
 			      "field for package %s."),
 			      "field for package %s."),
@@ -1394,10 +1385,10 @@ bool pkgAcqArchive::QueueNext()
 // AcqArchive::Done - Finished fetching					/*{{{*/
 // AcqArchive::Done - Finished fetching					/*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
 /* */
 /* */
-void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash,
+void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash,
 			 pkgAcquire::MethodConfig *Cfg)
 			 pkgAcquire::MethodConfig *Cfg)
 {
 {
-   Item::Done(Message,Size,Md5Hash,Cfg);
+   Item::Done(Message,Size,CalcHash,Cfg);
    
    
    // Check the size
    // Check the size
    if (Size != Version->Size)
    if (Size != Version->Size)
@@ -1407,17 +1398,14 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string Md5Hash,
       return;
       return;
    }
    }
    
    
-   // Check the md5
-   if (Md5Hash.empty() == false && MD5.empty() == false)
+   // Check the hash
+   if(ExpectedHash.toStr() != CalcHash)
    {
    {
-      if (Md5Hash != MD5)
-      {
-	 Status = StatError;
-	 ErrorText = _("MD5Sum mismatch");
-	 if(FileExists(DestFile))
-	    Rename(DestFile,DestFile + ".FAILED");
-	 return;
-      }
+      Status = StatError;
+      ErrorText = _("Hash Sum mismatch");
+      if(FileExists(DestFile))
+	 Rename(DestFile,DestFile + ".FAILED");
+      return;
    }
    }
 
 
    // Grab the output filename
    // Grab the output filename
@@ -1509,10 +1497,10 @@ void pkgAcqArchive::Finished()
 // AcqFile::pkgAcqFile - Constructor					/*{{{*/
 // AcqFile::pkgAcqFile - Constructor					/*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
 /* The file is added to the queue */
 /* The file is added to the queue */
-pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
+pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
 		       unsigned long Size,string Dsc,string ShortDesc,
 		       unsigned long Size,string Dsc,string ShortDesc,
 		       const string &DestDir, const string &DestFilename) :
 		       const string &DestDir, const string &DestFilename) :
-                       Item(Owner), Md5Hash(MD5)
+                       Item(Owner), ExpectedHash(Hash)
 {
 {
    Retries = _config->FindI("Acquire::Retries",0);
    Retries = _config->FindI("Acquire::Retries",0);
    
    
@@ -1549,23 +1537,20 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string MD5,
 // AcqFile::Done - Item downloaded OK					/*{{{*/
 // AcqFile::Done - Item downloaded OK					/*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
 /* */
 /* */
-void pkgAcqFile::Done(string Message,unsigned long Size,string MD5,
+void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash,
 		      pkgAcquire::MethodConfig *Cnf)
 		      pkgAcquire::MethodConfig *Cnf)
 {
 {
-   // Check the md5
-   if (Md5Hash.empty() == false && MD5.empty() == false)
+   Item::Done(Message,Size,CalcHash,Cnf);
+
+   // Check the hash
+   if(!ExpectedHash.empty() && ExpectedHash.toStr() != CalcHash)
    {
    {
-      if (Md5Hash != MD5)
-      {
-	 Status = StatError;
-	 ErrorText = "MD5Sum mismatch";
-	 Rename(DestFile,DestFile + ".FAILED");
-	 return;
-      }
+      Status = StatError;
+      ErrorText = "Hash Sum mismatch";
+      Rename(DestFile,DestFile + ".FAILED");
+      return;
    }
    }
    
    
-   Item::Done(Message,Size,MD5,Cnf);
-
    string FileName = LookupTag(Message,"Filename");
    string FileName = LookupTag(Message,"Filename");
    if (FileName.empty() == true)
    if (FileName.empty() == true)
    {
    {

+ 38 - 38
apt-pkg/acquire-item.h

@@ -12,7 +12,7 @@
    Three item classes are provided to provide functionality for
    Three item classes are provided to provide functionality for
    downloading of Index, Translation and Packages files.
    downloading of Index, Translation and Packages files.
    
    
-   A Archive class is provided for downloading .deb files. It does Md5
+   A Archive class is provided for downloading .deb files. It does Hash
    checking and source location as well as a retry algorithm.
    checking and source location as well as a retry algorithm.
    
    
    ##################################################################### */
    ##################################################################### */
@@ -26,7 +26,7 @@
 #include <apt-pkg/sourcelist.h>
 #include <apt-pkg/sourcelist.h>
 #include <apt-pkg/pkgrecords.h>
 #include <apt-pkg/pkgrecords.h>
 #include <apt-pkg/indexrecords.h>
 #include <apt-pkg/indexrecords.h>
-
+#include <apt-pkg/hashes.h>
 
 
 /** \addtogroup acquire
 /** \addtogroup acquire
  *  @{
  *  @{
@@ -187,12 +187,12 @@ class pkgAcquire::Item
     *  \param Message Data from the acquire method.  Use LookupTag()
     *  \param Message Data from the acquire method.  Use LookupTag()
     *  to parse it.
     *  to parse it.
     *  \param Size The size of the object that was fetched.
     *  \param Size The size of the object that was fetched.
-    *  \param Md5Hash The MD5Sum of the object that was fetched.
+    *  \param Hash The HashSum of the object that was fetched.
     *  \param Cnf The method via which the object was fetched.
     *  \param Cnf The method via which the object was fetched.
     *
     *
     *  \sa pkgAcqMethod
     *  \sa pkgAcqMethod
     */
     */
-   virtual void Done(string Message,unsigned long Size,string Md5Hash,
+   virtual void Done(string Message,unsigned long Size,string Hash,
 		     pkgAcquire::MethodConfig *Cnf);
 		     pkgAcquire::MethodConfig *Cnf);
 
 
    /** \brief Invoked when the worker starts to fetch this object.
    /** \brief Invoked when the worker starts to fetch this object.
@@ -230,12 +230,12 @@ class pkgAcquire::Item
    /** \brief Invoked by the worker when the download is completely done. */
    /** \brief Invoked by the worker when the download is completely done. */
    virtual void Finished() {};
    virtual void Finished() {};
    
    
-   /** \brief MD5Sum.
+   /** \brief HashSum 
     *
     *
-    *  \return the MD5Sum of this object, if applicable; otherwise, an
+    *  \return the HashSum of this object, if applicable; otherwise, an
     *  empty string.
     *  empty string.
     */
     */
-   virtual string MD5Sum() {return string();};
+   virtual string HashSum() {return string();};
 
 
    /** \return the acquire process with which this item is associated. */
    /** \return the acquire process with which this item is associated. */
    pkgAcquire *GetOwner() {return Owner;};
    pkgAcquire *GetOwner() {return Owner;};
@@ -297,10 +297,10 @@ class pkgAcqDiffIndex : public pkgAcquire::Item
     */
     */
    string RealURI;
    string RealURI;
 
 
-   /** \brief The MD5Sum that the real index file should have after
+   /** \brief The Hash that the real index file should have after
     *  all patches have been applied.
     *  all patches have been applied.
     */
     */
-   string ExpectedMD5;
+   HashString ExpectedHash;
 
 
    /** \brief The index file which will be patched to generate the new
    /** \brief The index file which will be patched to generate the new
     *  file.
     *  file.
@@ -343,10 +343,10 @@ class pkgAcqDiffIndex : public pkgAcquire::Item
     *
     *
     *  \param ShortDesc A short description of the list file to download.
     *  \param ShortDesc A short description of the list file to download.
     *
     *
-    *  \param ExpectedMD5 The list file's MD5 signature.
+    *  \param ExpectedHash The list file's MD5 signature.
     */
     */
    pkgAcqDiffIndex(pkgAcquire *Owner,string URI,string URIDesc,
    pkgAcqDiffIndex(pkgAcquire *Owner,string URI,string URIDesc,
-		   string ShortDesc, string ExpectedMD5);
+		   string ShortDesc, HashString ExpectedHash);
 };
 };
 
 
 /** \brief An item that is responsible for fetching all the patches
 /** \brief An item that is responsible for fetching all the patches
@@ -379,7 +379,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
     *  finishes downloading.
     *  finishes downloading.
     *
     *
     *  Dequeues the item and checks the resulting file's md5sum
     *  Dequeues the item and checks the resulting file's md5sum
-    *  against ExpectedMD5 after the last patch was applied.
+    *  against ExpectedHash after the last patch was applied.
     *  There is no need to check the md5/sha1 after a "normal" 
     *  There is no need to check the md5/sha1 after a "normal" 
     *  patch because QueueNextDiff() will check the sha1 later.
     *  patch because QueueNextDiff() will check the sha1 later.
     *
     *
@@ -405,10 +405,10 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
     */
     */
    string RealURI;
    string RealURI;
 
 
-   /** \brief The MD5Sum of the package index file that is being
+   /** \brief The HashSum of the package index file that is being
     *  reconstructed.
     *  reconstructed.
     */
     */
-   string ExpectedMD5;
+   HashString ExpectedHash;
 
 
    /** A description of the file being downloaded. */
    /** A description of the file being downloaded. */
    string Description;
    string Description;
@@ -465,7 +465,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
     *
     *
     *  \param ShortDesc A brief description of this item.
     *  \param ShortDesc A brief description of this item.
     *
     *
-    *  \param ExpectedMD5 The expected md5sum of the completely
+    *  \param ExpectedHash The expected md5sum of the completely
     *  reconstructed package index file; the index file will be tested
     *  reconstructed package index file; the index file will be tested
     *  against this value when it is entirely reconstructed.
     *  against this value when it is entirely reconstructed.
     *
     *
@@ -474,7 +474,7 @@ class pkgAcqIndexDiffs : public pkgAcquire::Item
     *  that depends on it.
     *  that depends on it.
     */
     */
    pkgAcqIndexDiffs(pkgAcquire *Owner,string URI,string URIDesc,
    pkgAcqIndexDiffs(pkgAcquire *Owner,string URI,string URIDesc,
-		    string ShortDesc, string ExpectedMD5,
+		    string ShortDesc, HashString ExpectedHash,
 		    vector<DiffInfo> diffs=vector<DiffInfo>());
 		    vector<DiffInfo> diffs=vector<DiffInfo>());
 };
 };
 
 
@@ -507,8 +507,8 @@ class pkgAcqIndex : public pkgAcquire::Item
     */
     */
    string RealURI;
    string RealURI;
 
 
-   /** \brief The expected md5sum of the decompressed index file. */
-   string ExpectedMD5;
+   /** \brief The expected hashsum of the decompressed index file. */
+   HashString ExpectedHash;
 
 
    /** \brief The compression-related file extension that is being
    /** \brief The compression-related file extension that is being
     *  added to the downloaded file (e.g., ".gz" or ".bz2").
     *  added to the downloaded file (e.g., ".gz" or ".bz2").
@@ -523,6 +523,7 @@ class pkgAcqIndex : public pkgAcquire::Item
 		     pkgAcquire::MethodConfig *Cnf);
 		     pkgAcquire::MethodConfig *Cnf);
    virtual string Custom600Headers();
    virtual string Custom600Headers();
    virtual string DescURI() {return RealURI + CompressionExtension;};
    virtual string DescURI() {return RealURI + CompressionExtension;};
+   virtual string HashSum() {return ExpectedHash.toStr(); };
 
 
    /** \brief Create a pkgAcqIndex.
    /** \brief Create a pkgAcqIndex.
     *
     *
@@ -535,14 +536,14 @@ class pkgAcqIndex : public pkgAcquire::Item
     *
     *
     *  \param ShortDesc A brief description of this index file.
     *  \param ShortDesc A brief description of this index file.
     *
     *
-    *  \param ExpectedMD5 The expected md5sum of this index file.
+    *  \param ExpectedHash The expected hashsum of this index file.
     *
     *
     *  \param compressExt The compression-related extension with which
     *  \param compressExt The compression-related extension with which
     *  this index file should be downloaded, or "" to autodetect
     *  this index file should be downloaded, or "" to autodetect
     *  (".bz2" is used if bzip2 is installed, ".gz" otherwise).
     *  (".bz2" is used if bzip2 is installed, ".gz" otherwise).
     */
     */
    pkgAcqIndex(pkgAcquire *Owner,string URI,string URIDesc,
    pkgAcqIndex(pkgAcquire *Owner,string URI,string URIDesc,
-	       string ShortDesc, string ExpectedMD5, string compressExt="");
+	       string ShortDesc, HashString ExpectedHash, string compressExt="");
 };
 };
 
 
 /** \brief An acquire item that is responsible for fetching a
 /** \brief An acquire item that is responsible for fetching a
@@ -569,7 +570,7 @@ class pkgAcqIndexTrans : public pkgAcqIndex
     *
     *
     *  \param ShortDesc A brief description of this index file.
     *  \param ShortDesc A brief description of this index file.
     *
     *
-    *  \param ExpectedMD5 The expected md5sum of this index file.
+    *  \param ExpectedHash The expected hashsum of this index file.
     *
     *
     *  \param compressExt The compression-related extension with which
     *  \param compressExt The compression-related extension with which
     *  this index file should be downloaded, or "" to autodetect
     *  this index file should be downloaded, or "" to autodetect
@@ -661,9 +662,9 @@ class pkgAcqMetaSig : public pkgAcquire::Item
  *
  *
  *  Once the download and verification are complete, the downloads of
  *  Once the download and verification are complete, the downloads of
  *  the individual index files are queued up using pkgAcqDiffIndex.
  *  the individual index files are queued up using pkgAcqDiffIndex.
- *  If the meta-index file had a valid signature, the expected md5sums
+ *  If the meta-index file had a valid signature, the expected hashsums
  *  of the index files will be the md5sums listed in the meta-index;
  *  of the index files will be the md5sums listed in the meta-index;
- *  otherwise, the expected md5sums will be "" (causing the
+ *  otherwise, the expected hashsums will be "" (causing the
  *  authentication of the index files to be bypassed).
  *  authentication of the index files to be bypassed).
  */
  */
 class pkgAcqMetaIndex : public pkgAcquire::Item
 class pkgAcqMetaIndex : public pkgAcquire::Item
@@ -727,11 +728,11 @@ class pkgAcqMetaIndex : public pkgAcquire::Item
 
 
    /** \brief Starts downloading the individual index files.
    /** \brief Starts downloading the individual index files.
     *
     *
-    *  \param verify If \b true, only indices whose expected md5sum
+    *  \param verify If \b true, only indices whose expected hashsum
     *  can be determined from the meta-index will be downloaded, and
     *  can be determined from the meta-index will be downloaded, and
-    *  the md5sums of indices will be checked (reporting
+    *  the hashsums of indices will be checked (reporting
     *  #StatAuthError if there is a mismatch).  If verify is \b false,
     *  #StatAuthError if there is a mismatch).  If verify is \b false,
-    *  no md5sum checking will be performed.
+    *  no hashsum checking will be performed.
     */
     */
    void QueueIndexes(bool verify);
    void QueueIndexes(bool verify);
    
    
@@ -739,7 +740,7 @@ class pkgAcqMetaIndex : public pkgAcquire::Item
    
    
    // Specialized action members
    // Specialized action members
    virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
    virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
-   virtual void Done(string Message,unsigned long Size,string Md5Hash,
+   virtual void Done(string Message,unsigned long Size, string Hash,
 		     pkgAcquire::MethodConfig *Cnf);
 		     pkgAcquire::MethodConfig *Cnf);
    virtual string Custom600Headers();
    virtual string Custom600Headers();
    virtual string DescURI() {return RealURI; };
    virtual string DescURI() {return RealURI; };
@@ -776,8 +777,8 @@ class pkgAcqArchive : public pkgAcquire::Item
     */
     */
    pkgRecords *Recs;
    pkgRecords *Recs;
 
 
-   /** \brief The md5sum of this package. */
-   string MD5;
+   /** \brief The hashsum of this package. */
+   HashString ExpectedHash;
 
 
    /** \brief A location in which the actual filename of the package
    /** \brief A location in which the actual filename of the package
     *  should be stored.
     *  should be stored.
@@ -805,13 +806,12 @@ class pkgAcqArchive : public pkgAcquire::Item
    public:
    public:
    
    
    virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
    virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
-   virtual void Done(string Message,unsigned long Size,string Md5Hash,
+   virtual void Done(string Message,unsigned long Size,string Hash,
 		     pkgAcquire::MethodConfig *Cnf);
 		     pkgAcquire::MethodConfig *Cnf);
-   virtual string MD5Sum() {return MD5;};
    virtual string DescURI() {return Desc.URI;};
    virtual string DescURI() {return Desc.URI;};
    virtual string ShortDesc() {return Desc.ShortDesc;};
    virtual string ShortDesc() {return Desc.ShortDesc;};
    virtual void Finished();
    virtual void Finished();
-
+   virtual string HashSum() {return ExpectedHash.toStr(); };
    virtual bool IsTrusted();
    virtual bool IsTrusted();
    
    
    /** \brief Create a new pkgAcqArchive.
    /** \brief Create a new pkgAcqArchive.
@@ -848,8 +848,8 @@ class pkgAcqFile : public pkgAcquire::Item
    /** \brief The currently active download process. */
    /** \brief The currently active download process. */
    pkgAcquire::ItemDesc Desc;
    pkgAcquire::ItemDesc Desc;
 
 
-   /** \brief The md5sum of the file to download, if it is known. */
-   string Md5Hash;
+   /** \brief The hashsum of the file to download, if it is known. */
+   HashString ExpectedHash;
 
 
    /** \brief How many times to retry the download, set from
    /** \brief How many times to retry the download, set from
     *  Acquire::Retries.
     *  Acquire::Retries.
@@ -860,10 +860,10 @@ class pkgAcqFile : public pkgAcquire::Item
    
    
    // Specialized action members
    // Specialized action members
    virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
    virtual void Failed(string Message,pkgAcquire::MethodConfig *Cnf);
-   virtual void Done(string Message,unsigned long Size,string Md5Hash,
+   virtual void Done(string Message,unsigned long Size,string CalcHash,
 		     pkgAcquire::MethodConfig *Cnf);
 		     pkgAcquire::MethodConfig *Cnf);
-   virtual string MD5Sum() {return Md5Hash;};
    virtual string DescURI() {return Desc.URI;};
    virtual string DescURI() {return Desc.URI;};
+   virtual string HashSum() {return ExpectedHash.toStr(); };
 
 
    /** \brief Create a new pkgAcqFile object.
    /** \brief Create a new pkgAcqFile object.
     *
     *
@@ -872,7 +872,7 @@ class pkgAcqFile : public pkgAcquire::Item
     *
     *
     *  \param URI The URI to download.
     *  \param URI The URI to download.
     *
     *
-    *  \param MD5 The md5sum of the file to download, if it is known;
+    *  \param Hash The hashsum of the file to download, if it is known;
     *  otherwise "".
     *  otherwise "".
     *
     *
     *  \param Size The size of the file to download, if it is known;
     *  \param Size The size of the file to download, if it is known;
@@ -894,7 +894,7 @@ class pkgAcqFile : public pkgAcquire::Item
     * is the absolute name to which the file should be downloaded.
     * is the absolute name to which the file should be downloaded.
     */
     */
 
 
-   pkgAcqFile(pkgAcquire *Owner, string URI, string MD5, unsigned long Size,
+   pkgAcqFile(pkgAcquire *Owner, string URI, string Hash, unsigned long Size,
 	      string Desc, string ShortDesc,
 	      string Desc, string ShortDesc,
 	      const string &DestDir="", const string &DestFilename="");
 	      const string &DestDir="", const string &DestFilename="");
 };
 };

+ 9 - 0
apt-pkg/acquire-method.cc

@@ -176,9 +176,14 @@ void pkgAcqMethod::URIDone(FetchResult &Res, FetchResult *Alt)
 		      TimeRFC1123(Res.LastModified).c_str());
 		      TimeRFC1123(Res.LastModified).c_str());
 
 
    if (Res.MD5Sum.empty() == false)
    if (Res.MD5Sum.empty() == false)
+   {
       End += snprintf(End,sizeof(S)-50 - (End - S),"MD5-Hash: %s\n",Res.MD5Sum.c_str());
       End += snprintf(End,sizeof(S)-50 - (End - S),"MD5-Hash: %s\n",Res.MD5Sum.c_str());
+      End += snprintf(End,sizeof(S)-50 - (End - S),"MD5Sum-Hash: %s\n",Res.MD5Sum.c_str());
+   }
    if (Res.SHA1Sum.empty() == false)
    if (Res.SHA1Sum.empty() == false)
       End += snprintf(End,sizeof(S)-50 - (End - S),"SHA1-Hash: %s\n",Res.SHA1Sum.c_str());
       End += snprintf(End,sizeof(S)-50 - (End - S),"SHA1-Hash: %s\n",Res.SHA1Sum.c_str());
+   if (Res.SHA256Sum.empty() == false)
+      End += snprintf(End,sizeof(S)-50 - (End - S),"SHA256-Hash: %s\n",Res.SHA256Sum.c_str());
    if (Res.GPGVOutput.size() > 0)
    if (Res.GPGVOutput.size() > 0)
       End += snprintf(End,sizeof(S)-50 - (End - S),"GPGVOutput:\n");     
       End += snprintf(End,sizeof(S)-50 - (End - S),"GPGVOutput:\n");     
    for (vector<string>::iterator I = Res.GPGVOutput.begin();
    for (vector<string>::iterator I = Res.GPGVOutput.begin();
@@ -211,6 +216,9 @@ void pkgAcqMethod::URIDone(FetchResult &Res, FetchResult *Alt)
       if (Alt->SHA1Sum.empty() == false)
       if (Alt->SHA1Sum.empty() == false)
 	 End += snprintf(End,sizeof(S)-50 - (End - S),"Alt-SHA1-Hash: %s\n",
 	 End += snprintf(End,sizeof(S)-50 - (End - S),"Alt-SHA1-Hash: %s\n",
 			 Alt->SHA1Sum.c_str());
 			 Alt->SHA1Sum.c_str());
+      if (Alt->SHA256Sum.empty() == false)
+	 End += snprintf(End,sizeof(S)-50 - (End - S),"Alt-SHA256-Hash: %s\n",
+			 Alt->SHA256Sum.c_str());
       
       
       if (Alt->IMSHit == true)
       if (Alt->IMSHit == true)
 	 strcat(End,"Alt-IMS-Hit: true\n");
 	 strcat(End,"Alt-IMS-Hit: true\n");
@@ -455,5 +463,6 @@ void pkgAcqMethod::FetchResult::TakeHashes(Hashes &Hash)
 {
 {
    MD5Sum = Hash.MD5.Result();
    MD5Sum = Hash.MD5.Result();
    SHA1Sum = Hash.SHA1.Result();
    SHA1Sum = Hash.SHA1.Result();
+   SHA256Sum = Hash.SHA256.Result();
 }
 }
 									/*}}}*/
 									/*}}}*/

+ 1 - 0
apt-pkg/acquire-method.h

@@ -43,6 +43,7 @@ class pkgAcqMethod
    {
    {
       string MD5Sum;
       string MD5Sum;
       string SHA1Sum;
       string SHA1Sum;
+      string SHA256Sum;
       vector<string> GPGVOutput;
       vector<string> GPGVOutput;
       time_t LastModified;
       time_t LastModified;
       bool IMSHit;
       bool IMSHit;

+ 16 - 1
apt-pkg/acquire-worker.cc

@@ -267,8 +267,23 @@ bool pkgAcquire::Worker::RunMessages()
 	       _error->Warning("Bizarre Error - File size is not what the server reported %s %lu",
 	       _error->Warning("Bizarre Error - File size is not what the server reported %s %lu",
 			       LookupTag(Message,"Size","0").c_str(),TotalSize);
 			       LookupTag(Message,"Size","0").c_str(),TotalSize);
 
 
+	    // see if there is a hash to verify
+	    string RecivedHash;
+	    HashString expectedHash(Owner->HashSum());
+	    if(!expectedHash.empty()) 
+	    {
+	       string hashTag = expectedHash.HashType()+"-Hash";
+	       RecivedHash = expectedHash.HashType() + ":" + LookupTag(Message, hashTag.c_str());
+	       if(_config->FindB("Debug::pkgAcquire::Auth", false) == true)
+	       {
+		  clog << "201 URI Done: " << Owner->DescURI() << endl
+		       << "RecivedHash: " << RecivedHash << endl
+		       << "ExpectedHash: " << expectedHash.toStr() 
+		       << endl << endl;
+	       }
+	    }
 	    Owner->Done(Message,atoi(LookupTag(Message,"Size","0").c_str()),
 	    Owner->Done(Message,atoi(LookupTag(Message,"Size","0").c_str()),
-			LookupTag(Message,"MD5-Hash"),Config);
+			RecivedHash.c_str(), Config);
 	    ItemDone();
 	    ItemDone();
 	    
 	    
 	    // Log that we are done
 	    // Log that we are done

+ 84 - 0
apt-pkg/contrib/hashes.cc

@@ -12,11 +12,95 @@
 									/*}}}*/
 									/*}}}*/
 // Include Files							/*{{{*/
 // Include Files							/*{{{*/
 #include <apt-pkg/hashes.h>
 #include <apt-pkg/hashes.h>
+#include <apt-pkg/fileutl.h>
+#include <apt-pkg/configuration.h>
     
     
 #include <unistd.h>    
 #include <unistd.h>    
 #include <system.h>    
 #include <system.h>    
+#include <string>
+#include <iostream>
 									/*}}}*/
 									/*}}}*/
 
 
+const char* HashString::_SupportedHashes[] = 
+{
+   "SHA256", "SHA1", "MD5Sum", NULL
+};
+
+HashString::HashString()
+{
+}
+
+HashString::HashString(string Type, string Hash) : Type(Type), Hash(Hash)
+{
+}
+
+HashString::HashString(string StringedHash)
+{
+   // legacy: md5sum without "MD5Sum:" prefix
+   if (StringedHash.find(":") == string::npos && StringedHash.size() == 32)
+   {
+      Type = "MD5Sum";
+      Hash = StringedHash;
+      return;
+   }
+   string::size_type pos = StringedHash.find(":");
+   Type = StringedHash.substr(0,pos);
+   Hash = StringedHash.substr(pos+1, StringedHash.size() - pos);
+
+   if(_config->FindB("Debug::Hashes",false) == true)
+      std::clog << "HashString(string): " << Type << " : " << Hash << std::endl;
+}
+
+
+bool HashString::VerifyFile(string filename) const
+{
+   FileFd fd;
+   MD5Summation MD5;
+   SHA1Summation SHA1;
+   SHA256Summation SHA256;
+   string fileHash;
+
+   FileFd Fd(filename, FileFd::ReadOnly);
+   if(Type == "MD5Sum") 
+   {
+      MD5.AddFD(Fd.Fd(), Fd.Size());
+      fileHash = (string)MD5.Result();
+   } 
+   else if (Type == "SHA1")
+   {
+      SHA1.AddFD(Fd.Fd(), Fd.Size());
+      fileHash = (string)SHA1.Result();
+   } 
+   else if (Type == "SHA256") 
+   {
+      SHA256.AddFD(Fd.Fd(), Fd.Size());
+      fileHash = (string)SHA256.Result();
+   }
+   Fd.Close();
+
+   if(_config->FindB("Debug::Hashes",false) == true)
+      std::clog << "HashString::VerifyFile: got: " << fileHash << " expected: " << toStr() << std::endl;
+
+   return (fileHash == Hash);
+}
+
+const char** HashString::SupportedHashes()
+{
+   return _SupportedHashes;
+}
+
+bool HashString::empty() const
+{
+   return (Type.empty() || Hash.empty());
+}
+
+
+string HashString::toStr() const
+{
+   return Type+string(":")+Hash;
+}
+
+
 // Hashes::AddFD - Add the contents of the FD				/*{{{*/
 // Hashes::AddFD - Add the contents of the FD				/*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
 /* */
 /* */

+ 30 - 0
apt-pkg/contrib/hashes.h

@@ -19,8 +19,38 @@
 #include <apt-pkg/sha256.h>
 #include <apt-pkg/sha256.h>
 
 
 #include <algorithm>
 #include <algorithm>
+#include <vector>
 
 
 using std::min;
 using std::min;
+using std::vector;
+
+// helper class that contains hash function name
+// and hash
+class HashString
+{
+ protected:
+   string Type;
+   string Hash;
+   static const char * _SupportedHashes[10];
+
+ public:
+   HashString(string Type, string Hash);
+   HashString(string StringedHashString);  // init from str as "type:hash"
+   HashString();
+
+   // get hash type used
+   string HashType() { return Type; };
+
+   // verify the given filename against the currently loaded hash
+   bool VerifyFile(string filename) const;
+
+   // helper
+   string toStr() const;                    // convert to str as "type:hash"
+   bool empty() const;
+
+   // return the list of hashes we support
+   static const char** SupportedHashes();
+};
 
 
 class Hashes
 class Hashes
 {
 {

+ 1 - 1
apt-pkg/deb/debmetaindex.cc

@@ -144,7 +144,7 @@ bool debReleaseIndex::GetIndexes(pkgAcquire *Owner, bool GetAll) const
       vector <struct IndexTarget *> *targets = ComputeIndexTargets();
       vector <struct IndexTarget *> *targets = ComputeIndexTargets();
       for (vector <struct IndexTarget*>::const_iterator Target = targets->begin(); Target != targets->end(); Target++) {
       for (vector <struct IndexTarget*>::const_iterator Target = targets->begin(); Target != targets->end(); Target++) {
 	 new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
 	 new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
-			 (*Target)->ShortDesc, "");
+			 (*Target)->ShortDesc, HashString());
       }
       }
    }
    }
    new pkgAcqMetaSig(Owner, MetaIndexURI("Release.gpg"),
    new pkgAcqMetaSig(Owner, MetaIndexURI("Release.gpg"),

+ 8 - 0
apt-pkg/deb/debrecords.cc

@@ -67,6 +67,14 @@ string debRecordParser::SHA1Hash()
    return Section.FindS("SHA1");
    return Section.FindS("SHA1");
 }
 }
 									/*}}}*/
 									/*}}}*/
+// RecordParser::SHA1Hash - Return the archive hash			/*{{{*/
+// ---------------------------------------------------------------------
+/* */
+string debRecordParser::SHA256Hash()
+{
+   return Section.FindS("SHA256");
+}
+									/*}}}*/
 // RecordParser::Maintainer - Return the maintainer email		/*{{{*/
 // RecordParser::Maintainer - Return the maintainer email		/*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
 /* */
 /* */

+ 1 - 0
apt-pkg/deb/debrecords.h

@@ -35,6 +35,7 @@ class debRecordParser : public pkgRecords::Parser
    virtual string FileName();
    virtual string FileName();
    virtual string MD5Hash();
    virtual string MD5Hash();
    virtual string SHA1Hash();
    virtual string SHA1Hash();
+   virtual string SHA256Hash();
    virtual string SourcePkg();
    virtual string SourcePkg();
    virtual string SourceVer();
    virtual string SourceVer();
    
    

+ 3 - 10
apt-pkg/indexcopy.cc

@@ -528,23 +528,16 @@ bool SigVerify::Verify(string prefix, string file, indexRecords *MetaIndex)
       return false;
       return false;
    }
    }
 
 
-   MD5Summation sum;
-   FileFd Fd(prefix+file, FileFd::ReadOnly);
-   sum.AddFD(Fd.Fd(), Fd.Size());
-   Fd.Close();
-   string MD5 = (string)sum.Result();
-   
-   if (Record->MD5Hash != MD5)
+   if (!Record->Hash.VerifyFile(prefix+file))
    {
    {
-      _error->Warning("MD5 mismatch for: %s",file.c_str());
+      _error->Warning("Hash mismatch for: %s",file.c_str());
       return false;
       return false;
    }
    }
 
 
    if(_config->FindB("Debug::aptcdrom",false)) 
    if(_config->FindB("Debug::aptcdrom",false)) 
    {
    {
       cout << "File: " << prefix+file << endl;
       cout << "File: " << prefix+file << endl;
-      cout << "Expected MD5sum: " << Record->MD5Hash << endl;
-      cout << "got: " << MD5 << endl << endl;
+      cout << "Expected Hash " << Record->Hash.toStr() << endl;
    }
    }
 
 
    return true;
    return true;

+ 27 - 21
apt-pkg/indexrecords.cc

@@ -50,32 +50,38 @@ bool indexRecords::Load(const string Filename)
 
 
    const char *Start, *End;
    const char *Start, *End;
    Section.Get (Start, End, 0);
    Section.Get (Start, End, 0);
+
    Suite = Section.FindS("Suite");
    Suite = Section.FindS("Suite");
    Dist = Section.FindS("Codename");
    Dist = Section.FindS("Codename");
-//    if (Dist.empty())
-//    {
-//       ErrorText = _(("No Codename entry in Release file " + Filename).c_str());
-//       return false;
-//    }
-   if (!Section.Find("MD5Sum", Start, End))
+
+   int i;
+   for (i=0;HashString::SupportedHashes()[i] != NULL; i++)
    {
    {
-      ErrorText = _(("No MD5Sum entry in Release file " + Filename).c_str());
-      return false;
+      if (!Section.Find(HashString::SupportedHashes()[i], Start, End))
+	 continue;
+
+      string Name;
+      string Hash;
+      size_t Size;
+      while (Start < End)
+      {
+	 if (!parseSumData(Start, End, Name, Hash, Size))
+	    return false;
+	 indexRecords::checkSum *Sum = new indexRecords::checkSum;
+	 Sum->MetaKeyFilename = Name;
+	 Sum->Hash = HashString(HashString::SupportedHashes()[i],Hash);
+	 Sum->Size = Size;
+	 Entries[Name] = Sum;
+      }
+      break;
    }
    }
-   string Name;
-   string MD5Hash;
-   size_t Size;
-   while (Start < End)
+
+   if(HashString::SupportedHashes()[i] == NULL)
    {
    {
-      if (!parseSumData(Start, End, Name, MD5Hash, Size))
-	 return false;
-      indexRecords::checkSum *Sum = new indexRecords::checkSum;
-      Sum->MetaKeyFilename = Name;
-      Sum->MD5Hash = MD5Hash;
-      Sum->Size = Size;
-      Entries[Name] = Sum;
-   }
-   
+      ErrorText = _(("No Hash entry in Release file " + Filename).c_str());
+      return false;
+   }  
+
    string Strdate = Section.FindS("Date"); // FIXME: verify this somehow?
    string Strdate = Section.FindS("Date"); // FIXME: verify this somehow?
    return true;
    return true;
 }
 }

+ 2 - 1
apt-pkg/indexrecords.h

@@ -8,6 +8,7 @@
 
 
 #include <apt-pkg/pkgcache.h>
 #include <apt-pkg/pkgcache.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/fileutl.h>
+#include <apt-pkg/hashes.h>
 
 
 #include <map>
 #include <map>
 #include <vector>
 #include <vector>
@@ -45,7 +46,7 @@ class indexRecords
 struct indexRecords::checkSum
 struct indexRecords::checkSum
 {
 {
    string MetaKeyFilename;
    string MetaKeyFilename;
-   string MD5Hash;
+   HashString Hash;
    size_t Size;      
    size_t Size;      
 };
 };
 
 

+ 1 - 0
apt-pkg/pkgrecords.h

@@ -57,6 +57,7 @@ class pkgRecords::Parser
    virtual string FileName() {return string();};
    virtual string FileName() {return string();};
    virtual string MD5Hash() {return string();};
    virtual string MD5Hash() {return string();};
    virtual string SHA1Hash() {return string();};
    virtual string SHA1Hash() {return string();};
+   virtual string SHA256Hash() {return string();};
    virtual string SourcePkg() {return string();};
    virtual string SourcePkg() {return string();};
    virtual string SourceVer() {return string();};
    virtual string SourceVer() {return string();};
 
 

+ 2 - 2
apt-pkg/tagfile.h

@@ -30,8 +30,8 @@ class pkgTagSection
    const char *Stop;
    const char *Stop;
    
    
    // We have a limit of 256 tags per section.
    // We have a limit of 256 tags per section.
-   unsigned short Indexes[256];
-   unsigned short AlphaIndexes[0x100];
+   unsigned int Indexes[256];
+   unsigned int AlphaIndexes[0x100];
    
    
    unsigned int TagCount;
    unsigned int TagCount;
      
      

+ 3 - 3
cmdline/apt-get.cc

@@ -918,7 +918,7 @@ bool InstallPackages(CacheFile &Cache,bool ShwKept,bool Ask = true,
       pkgAcquire::UriIterator I = Fetcher.UriBegin();
       pkgAcquire::UriIterator I = Fetcher.UriBegin();
       for (; I != Fetcher.UriEnd(); I++)
       for (; I != Fetcher.UriEnd(); I++)
 	 cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' << 
 	 cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' << 
-	       I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
+	       I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
       return true;
       return true;
    }
    }
 
 
@@ -1359,7 +1359,7 @@ bool DoUpdate(CommandLine &CmdL)
       pkgAcquire::UriIterator I = Fetcher.UriBegin();
       pkgAcquire::UriIterator I = Fetcher.UriBegin();
       for (; I != Fetcher.UriEnd(); I++)
       for (; I != Fetcher.UriEnd(); I++)
 	 cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' << 
 	 cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' << 
-	       I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
+	       I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
       return true;
       return true;
    }
    }
 
 
@@ -2211,7 +2211,7 @@ bool DoSource(CommandLine &CmdL)
       pkgAcquire::UriIterator I = Fetcher.UriBegin();
       pkgAcquire::UriIterator I = Fetcher.UriBegin();
       for (; I != Fetcher.UriEnd(); I++)
       for (; I != Fetcher.UriEnd(); I++)
 	 cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' << 
 	 cout << '\'' << I->URI << "' " << flNotDir(I->Owner->DestFile) << ' ' << 
-	       I->Owner->FileSize << ' ' << I->Owner->MD5Sum() << endl;
+	       I->Owner->FileSize << ' ' << I->Owner->HashSum() << endl;
       return true;
       return true;
    }
    }
    
    

+ 4 - 1
debian/changelog

@@ -12,7 +12,10 @@ apt (0.7.7) UNRELEASED; urgency=low
   * apt-pkg/deb/dpkgpm.{cc,h}:
   * apt-pkg/deb/dpkgpm.{cc,h}:
     - merged dpkg-log branch, this lets you specify a 
     - merged dpkg-log branch, this lets you specify a 
       Dir::Log::Terminal file to log dpkg output to
       Dir::Log::Terminal file to log dpkg output to
-      ABI break
+      (ABI break)
+  * merged apt--sha256 branch to fully support the new
+    sha256 checksums in the Packages and Release files
+    (ABI break)
 
 
  -- Michael Vogt <michael.vogt@ubuntu.com>  Thu, 02 Aug 2007 11:55:54 +0200
  -- Michael Vogt <michael.vogt@ubuntu.com>  Thu, 02 Aug 2007 11:55:54 +0200