From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 25 Feb 2011 23:34:07 +0000 (+0100)
Subject: Check hashsum of download package database file.
X-Git-Tag: 0.9.3~123
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cec935bb192b271bf743853e1db5276a85cdb5c7;p=pakfire.git

Check hashsum of download package database file.
---

diff --git a/pakfire/index.py b/pakfire/index.py
index 4082fc669..7b9efb1a9 100644
--- a/pakfire/index.py
+++ b/pakfire/index.py
@@ -269,7 +269,11 @@ class DatabaseIndex(InstalledIndex):
 
 			data = grabber.urlread(filename)
 
-			# XXX check the hashsum of the downloaded file
+			# check the hashsum of the downloaded file
+			if not util.calc_hash1(data=data) == self.metadata.database_hash1:
+				# XXX an exception is not a very good idea because this file could
+				# be downloaded from another mirror. need a better way to handle this.
+				raise Exception, "Downloaded file did not match the hashsum. Need to re-download it."
 
 			with cache.open(filename, "w") as o:
 				o.write(data)
@@ -323,7 +327,6 @@ class DatabaseIndex(InstalledIndex):
 		self._update_database(force)
 
 		# XXX this code needs lots of work:
-		# XXX   * make checks for downloads (hashsums)
 		# XXX   * check the metadata content
 
 	def save(self, path=None, compress="xz"):
diff --git a/pakfire/packages/util.py b/pakfire/packages/util.py
index 071dbdd79..3254b4c76 100644
--- a/pakfire/packages/util.py
+++ b/pakfire/packages/util.py
@@ -68,16 +68,21 @@ def format_size(s):
 
 	return "%d%s" % (int(s), units[unit])
 
-def calc_hash1(filename):
+def calc_hash1(filename=None, data=None):
 	h = hashlib.sha1()
 
-	f = open(filename)
-	buf = f.read(BUFFER_SIZE)
-	while buf:
-		h.update(buf)
+	if filename:
+		f = open(filename)
 		buf = f.read(BUFFER_SIZE)
+		while buf:
+			h.update(buf)
+			buf = f.read(BUFFER_SIZE)
+
+		f.close()
+
+	elif data:
+		h.update(data)
 
-	f.close()
 	return h.hexdigest()
 
 def parse_pkg_expr(s):