From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 19 Aug 2022 14:27:14 +0000 (+0000)
Subject: file: Perform some basic verification tasks
X-Git-Tag: 0.9.28~421
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c0b051bb3a19bc7c125c3783d82025db0f9a2ee9;p=pakfire.git

file: Perform some basic verification tasks

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/libpakfire/file.c b/src/libpakfire/file.c
index 63b0d817d..18b266347 100644
--- a/src/libpakfire/file.c
+++ b/src/libpakfire/file.c
@@ -38,6 +38,13 @@
 #include <pakfire/string.h>
 #include <pakfire/util.h>
 
+enum pakfire_file_verification_status {
+	PAKFIRE_FILE_NOENT                = (1 << 0),
+	PAKFIRE_FILE_SIZE_DIFFERS         = (1 << 1),
+	PAKFIRE_FILE_OWNER_DIFFERS        = (1 << 2),
+	PAKFIRE_FILE_GROUP_DIFFERS        = (1 << 3),
+};
+
 struct pakfire_file {
 	struct pakfire* pakfire;
 	int nrefs;
@@ -78,6 +85,9 @@ struct pakfire_file {
 		unsigned char sha256[SHA256_DIGEST_LENGTH];
 	} digests;
 
+	// Verification Status
+	int verify_status;
+
 	#warning TODO capabilities, config, data
 	// capabilities
 	//int is_configfile;
@@ -528,12 +538,82 @@ int pakfire_file_cleanup(struct pakfire_file* file) {
 	return 0;
 }
 
+static int pakfire_file_verify_size(struct pakfire_file* file, const struct stat* st) {
+	// Nothing to do if size matches
+	if (file->size == st->st_size)
+		return 0;
+
+	// Size differs
+	file->verify_status |= PAKFIRE_FILE_SIZE_DIFFERS;
+
+	DEBUG(file->pakfire, "%s: Filesize differs (expected %zu, got %zu byte(s))\n",
+		file->path, file->size, st->st_size);
+
+	return 0;
+}
+
+static int pakfire_file_verify_ownership(struct pakfire_file* file, const struct stat* st) {
+	// Fetch UID/GID
+#if 0
+	const uid_t uid = pakfire_unmap_id(file->pakfire, st->st_uid);
+	const gid_t gid = pakfire_unmap_id(file->pakfire, st->st_gid);
+#else
+	const uid_t uid = st->st_uid;
+	const gid_t gid = st->st_gid;
+#endif
+
+	// Fetch owner & group
+	struct passwd* owner = pakfire_getpwnam(file->pakfire, file->user);
+	struct group*  group = pakfire_getgrnam(file->pakfire, file->group);
+
+	// Check if owner matches
+	if (!owner || owner->pw_uid != uid) {
+		file->verify_status |= PAKFIRE_FILE_OWNER_DIFFERS;
+
+		DEBUG(file->pakfire, "%s: Owner differs\n", file->path);
+	}
+
+	// Check if group matches
+	if (!group || group->gr_gid != gid) {
+		file->verify_status |= PAKFIRE_FILE_GROUP_DIFFERS;
+
+		DEBUG(file->pakfire, "%s: Group differs\n", file->path);
+	}
+
+	return 0;
+}
+
 /*
 	Verify the file - i.e. does the metadata match what is on disk?
 */
-int pakfire_file_verify(struct pakfire_file* file) {
+int pakfire_file_verify(struct pakfire_file* file, int* status) {
+	struct stat st;
+	int r;
+
 	DEBUG(file->pakfire, "Verifying %s...\n", file->path);
 
-	// XXX TODO
+	// stat() the file
+	r = lstat(file->abspath, &st);
+	if (r) {
+		// File does not exist
+		if (errno == ENOENT) {
+			file->verify_status |= PAKFIRE_FILE_NOENT;
+			return 1;
+		}
+
+		// Raise any other errors from stat()
+		return r;
+	}
+
+	// Verify size
+	r = pakfire_file_verify_size(file, &st);
+	if (r)
+		return r;
+
+	// Verify ownership
+	r = pakfire_file_verify_ownership(file, &st);
+	if (r)
+		return r;
+
 	return 0;
 }
diff --git a/src/libpakfire/filelist.c b/src/libpakfire/filelist.c
index d0f3dcfdd..48145e7f6 100644
--- a/src/libpakfire/filelist.c
+++ b/src/libpakfire/filelist.c
@@ -526,6 +526,7 @@ int pakfire_filelist_export(struct pakfire_filelist* list, FILE* f) {
 int pakfire_filelist_verify(struct pakfire_filelist* list, struct pakfire_filelist* errors) {
 	struct pakfire_progressbar* progressbar = NULL;
 	struct pakfire_file* file = NULL;
+	int status;
 	int r;
 
 	DEBUG(list->pakfire, "Verifying filelist (%zu file(s))...\n", list->size);
@@ -565,8 +566,12 @@ int pakfire_filelist_verify(struct pakfire_filelist* list, struct pakfire_fileli
 		file = list->elements[i];
 
 		// Verify the file
-		r = pakfire_file_verify(file);
-		if (r) {
+		r = pakfire_file_verify(file, &status);
+		if (r)
+			goto ERROR;
+
+		// If the verification failed, we append it to the errors list
+		if (status) {
 			// Append the file to the error list
 			r = pakfire_filelist_append(errors, file);
 			if (r)
diff --git a/src/libpakfire/include/pakfire/file.h b/src/libpakfire/include/pakfire/file.h
index 033d816b2..61b144a19 100644
--- a/src/libpakfire/include/pakfire/file.h
+++ b/src/libpakfire/include/pakfire/file.h
@@ -91,7 +91,7 @@ FILE* pakfire_file_open(struct pakfire_file* file);
 int pakfire_file_remove(struct pakfire_file* file);
 int pakfire_file_cleanup(struct pakfire_file* file);
 
-int pakfire_file_verify(struct pakfire_file* file);
+int pakfire_file_verify(struct pakfire_file* file, int* status);
 
 #endif