From: Michael Tremer Date: Tue, 13 Jul 2021 11:58:15 +0000 (+0000) Subject: archive: Drop old verification code X-Git-Tag: 0.9.28~1033 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=18c0aa08fef78ff0161364e2a78d87375c9b3edf;p=pakfire.git archive: Drop old verification code Signed-off-by: Michael Tremer --- diff --git a/src/libpakfire/archive.c b/src/libpakfire/archive.c index 35bcc7d2e..40474e96b 100644 --- a/src/libpakfire/archive.c +++ b/src/libpakfire/archive.c @@ -1149,74 +1149,6 @@ PAKFIRE_EXPORT struct pakfire_filelist* pakfire_archive_get_filelist(struct pakf return pakfire_filelist_ref(archive->filelist); } -static pakfire_archive_verify_status_t __pakfire_archive_verify_file(struct pakfire* pakfire, - struct archive* a, const struct pakfire_archive_chksum* chksum) { - pakfire_archive_verify_status_t status = PAKFIRE_ARCHIVE_VERIFY_ERROR; - - int r; - const EVP_MD* md; - - // Initialise context - EVP_MD_CTX* mdctx = EVP_MD_CTX_new(); - - // Select algorithm - md = EVP_sha512(); - - // Initialise the hash algorithm - r = EVP_DigestInit_ex(mdctx, md, NULL); - if (r != 1) { - ERROR(pakfire, "Could not initialize hash algorithm: %s\n", - ERR_error_string(ERR_get_error(), NULL)); - goto ERROR; - } - - const void* buffer; - size_t size; - off_t offset; - - for (;;) { - int r = archive_read_data_block(a, &buffer, &size, &offset); - if (r == ARCHIVE_EOF) - break; - - if (r != ARCHIVE_OK) { - status = PAKFIRE_ARCHIVE_VERIFY_ERROR; - goto ERROR; - } - - // Update hash digest - r = EVP_DigestUpdate(mdctx, buffer, size); - if (r != 1) { - ERROR(pakfire, "%s\n", ERR_error_string(ERR_get_error(), NULL)); - goto ERROR; - } - } - - unsigned char digest[EVP_MAX_MD_SIZE]; - unsigned int digest_length = sizeof(digest); - - r = EVP_DigestFinal_ex(mdctx, digest, &digest_length); - if (r != 1) { - ERROR(pakfire, "%s\n", ERR_error_string(ERR_get_error(), NULL)); - goto ERROR; - } - - // Compare digests - if (CRYPTO_memcmp(digest, chksum->digest_sha512, EVP_MD_CTX_size(mdctx)) == 0) { - DEBUG(pakfire, "Checksum of %s is OK\n", chksum->path); - status = PAKFIRE_ARCHIVE_VERIFY_OK; - } else { - DEBUG(pakfire, "Checksum of %s did not match\n", chksum->path); - status = PAKFIRE_ARCHIVE_VERIFY_INVALID; - } - -ERROR: - if (mdctx) - EVP_MD_CTX_free(mdctx); - - return status; -} - static int pakfire_archive_load_checksums_mtree(struct pakfire_archive* archive) { struct archive* a = NULL; struct archive_entry* entry = NULL; @@ -1693,39 +1625,6 @@ PAKFIRE_EXPORT int pakfire_archive_verify(struct pakfire_archive* archive, *status = archive->verify; return 0; - -#if 0 - // Open the archive file - struct archive* a; - int r = open_archive(archive, &a); - if (r) - return PAKFIRE_ARCHIVE_VERIFY_ERROR; - - struct archive_entry* entry; - while ((r = archive_read_next_header(a, &entry)) == ARCHIVE_OK) { - const char* entry_name = archive_entry_pathname(entry); - - // See if we have a checksum for this file - const struct pakfire_archive_chksum* chksum = pakfire_archive_find_chksum(archive, entry_name); - if (!chksum) { - DEBUG(archive->pakfire, "Could not find checksum for %s\n", entry_name); - continue; - } - - // Compare the checksums - status = pakfire_archive_verify_file(archive->pakfire, a, chksum); - if (status) - goto END; - } - - status = PAKFIRE_ARCHIVE_VERIFY_OK; - DEBUG(archive->pakfire, "Archive %p has been successfully verified\n", archive); - -END: - close_archive(archive, a); - - return status; -#endif } PAKFIRE_EXPORT const char* pakfire_archive_verify_strerror(pakfire_archive_verify_status_t status) {