From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 26 Nov 2018 10:04:39 +0000 (+0000)
Subject: files: Store a SHA256 checksum of files in the database, too
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8b99a68058021026ff44401ebf16d7b77ac2a4f3;p=ipfire.org.git

files: Store a SHA256 checksum of files in the database, too

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/backend/releases.py b/src/backend/releases.py
index b4c7a0ad..88635da4 100644
--- a/src/backend/releases.py
+++ b/src/backend/releases.py
@@ -293,17 +293,17 @@ class Release(Object):
 			if file.type == type:
 				return file
 
-	def __file_hash(self, filename):
-		sha1 = hashlib.sha1()
+	def __file_hash(self, filename, algo="sha256"):
+		h = hashlib.new(algo)
 
 		with open(filename) as f:
 			buf_size = 1024
 			buf = f.read(buf_size)
 			while buf:
-				sha1.update(buf)
+				h.update(buf)
 				buf = f.read(buf_size)
 
-		return sha1.hexdigest()
+		return h.hexdigest()
 
 	def scan_files(self, basepath="/pub/mirror"):
 		if not self.path:
@@ -336,7 +336,8 @@ class Release(Object):
 				continue
 
 			logging.info("Hashing %s..." % filename)
-			filehash = self.__file_hash(filename)
+			hash_sha256 = self.__file_hash(filename, "sha256")
+			hash_sha1   = self.__file_hash(filename, "sha1")
 			filesize = os.path.getsize(filename)
 
 			# Check if there is a torrent download available for this file:
@@ -346,8 +347,8 @@ class Release(Object):
 				torrent_hash = self.torrent_read_hash(torrent_file)
 
 			self.db.execute("INSERT INTO files(releases, filename, filesize, \
-				sha1, torrent_hash) VALUES(%s, %s, %s, %s, %s)",
-				self.id, _filename, filesize, filehash, torrent_hash)
+				sha256, sha1, torrent_hash) VALUES(%s, %s, %s, %s, %s, %s)",
+				self.id, _filename, filesize, hash_sha256, hash_sha1, torrent_hash)
 
 		# Search for all files that miss a torrent hash.
 		files = self.db.query("SELECT id, filename FROM files \