maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

* Properly specify the hash algorithm in the manifests, and read it

Browse source 
too.
* Change the default hash for nix-prefetch-url back to md5, since
  that's what we use in Nixpkgs (for now; a birthday attack is rather
  unlikely there).
This commit is contained in:
Eelco Dolstra 2005-02-24 17:36:42 +00:00
parent 95e870a113
commit 3259ae5811
4 changed files with 31 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

8
scripts/download-using-manifests.pl.in
View file

@ -96,7 +96,7 @@ while ($queueFront < scalar @queue) {
foreach my $patch (@{$patchList}) {
if (isValidPath($patch->{basePath})) {
# !!! this should be cached
my $hash = `@bindir@/nix-hash "$patch->{basePath}"`;
my $hash = `@bindir@/nix-hash --type '$patch->{hashAlgo}' "$patch->{basePath}"`;
chomp $hash;
# print " MY HASH is $hash\n";
if ($hash ne $patch->{baseHash}) {
@ -175,8 +175,10 @@ my $maxStep = scalar @path;
sub downloadFile {
my $url = shift;
my $hash = shift;
my $hashAlgo = shift;
$ENV{"PRINT_PATH"} = 1;
$ENV{"QUIET"} = 1;
$ENV{"NIX_HASH_ALGO"} = $hashAlgo;
my ($hash2, $path) = `@bindir@/nix-prefetch-url '$url' '$hash'`;
chomp $hash2;
chomp $path;
@ -205,7 +207,7 @@ while (scalar @path > 0) {
# Download the patch.
print " downloading patch...\n";
my $patchPath = downloadFile "$patch->{url}", "$patch->{hash}";
my $patchPath = downloadFile "$patch->{url}", "$patch->{hash}", "$patch->{hashAlgo}";
# Turn the base path into a NAR archive, to which we can
# actually apply the patch.
@ -232,7 +234,7 @@ while (scalar @path > 0) {
# Download the archive.
print " downloading archive...\n";
my $narFilePath = downloadFile "$narFile->{url}", "$narFile->{hash}";
my $narFilePath = downloadFile "$narFile->{url}", "$narFile->{hash}", "$narFile->{hashAlgo}";
# Unpack the archive into the target path.
print " unpacking archive...\n";

13
scripts/generate-patches.pl.in
View file

@ -45,6 +45,7 @@ sub findOutputPaths {
# Ignore store expressions.
next if ($p =~ /\.store$/);
next if ($p =~ /\.drv$/);
# Ignore builders (too much ambiguity -- they're all called
# `builder.sh').
@ -69,7 +70,7 @@ my %dstOutPaths = findOutputPaths \%dstNarFiles, \%dstSuccessors;
sub getNameVersion {
my $p = shift;
$p =~ /\/[0-9a-f]+((?:-[a-zA-Z][^\/-]*)+)([^\/]*)$/;
$p =~ /\/[0-9a-z]+((?:-[a-zA-Z][^\/-]*)+)([^\/]*)$/;
my $name = $1;
my $version = $2;
$name =~ s/^-//;
@ -192,16 +193,16 @@ foreach my $p (keys %dstOutPaths) {
system("@bunzip2@ < $dstNarBz2 > $tmpdir/B") == 0
or die "cannot unpack $dstNarBz2";
system("@libexecdir@/bspatch $tmpdir/A $tmpdir/B $tmpdir/DIFF") == 0
system("@libexecdir@/bsdiff $tmpdir/A $tmpdir/B $tmpdir/DIFF") == 0
or die "cannot compute binary diff";
my $baseHash = `@bindir@/nix-hash --flat $tmpdir/A` or die;
my $baseHash = `@bindir@/nix-hash --flat --type sha1 $tmpdir/A` or die;
chomp $baseHash;
my $narHash = `@bindir@/nix-hash --flat $tmpdir/B` or die;
my $narHash = `@bindir@/nix-hash --flat --type sha1 $tmpdir/B` or die;
chomp $narHash;
my $narDiffHash = `@bindir@/nix-hash --flat $tmpdir/DIFF` or die;
my $narDiffHash = `@bindir@/nix-hash --flat --type sha1 $tmpdir/DIFF` or die;
chomp $narDiffHash;
my $narDiffSize = (stat "$tmpdir/DIFF")[7];
@ -234,7 +235,7 @@ foreach my $p (keys %dstOutPaths) {
# Add the patch to the manifest.
addPatch \%dstPatches, $p,
{ url => "$patchesURL/$finalName", hash => $narDiffHash
, size => $narDiffSize
, size => $narDiffSize, hashAlgo => "sha1"
, basePath => $closest, baseHash => $baseHash
, narHash => $narHash, patchType => "nar-bsdiff"
};

5
scripts/nix-prefetch-url.in
View file

@ -3,7 +3,10 @@
url=$1
hash=$2
hashType="sha1"
hashType=$NIX_HASH_ALGO
if test -z "$hashType"; then
hashType=md5
fi
if test -z "$url"; then
echo "syntax: nix-prefetch-url URL" >&2

18
scripts/readmanifest.pm.in
View file

@ -52,6 +52,7 @@ sub readManifest {
my $narHash;
my $references;
my $deriver;
my $hashAlgo;
while (<MANIFEST>) {
chomp;
@ -75,6 +76,7 @@ sub readManifest {
undef $patchType;
$references = "";
$deriver = "";
$hashAlgo = "md5";
}
} else {
@ -104,7 +106,7 @@ sub readManifest {
push @{$narFileList},
{ url => $url, hash => $hash, size => $size
, narHash => $narHash, references => $references
, deriver => $deriver
, deriver => $deriver, hashAlgo => $hashAlgo
};
}
@ -119,12 +121,14 @@ sub readManifest {
{ url => $url, hash => $hash, size => $size
, basePath => $basePath, baseHash => $baseHash
, narHash => $narHash, patchType => $patchType
, hashAlgo => $hashAlgo
};
}
}
elsif (/^\s*StorePath:\s*(\/\S+)\s*$/) { $storePath = $1; }
elsif (/^\s*HashAlgo:\s*(\S+)\s*$/) { $hashAlgo = $1; }
elsif (/^\s*Hash:\s*(\S+)\s*$/) { $hash = $1; }
elsif (/^\s*URL:\s*(\S+)\s*$/) { $url = $1; }
elsif (/^\s*Size:\s*(\d+)\s*$/) { $size = $1; }
@ -162,7 +166,11 @@ sub writeManifest
print MANIFEST " StorePath: $storePath\n";
print MANIFEST " HashAlgo: $narFile->{hashAlgo}\n";
print MANIFEST " NarURL: $narFile->{url}\n";
print MANIFEST " MD5: $narFile->{hash}\n";
if ($narFile->{hashAlgo} eq "md5") {
print MANIFEST " MD5: $narFile->{hash}\n";
} else {
print MANIFEST " Hash: $narFile->{hash}\n";
}
print MANIFEST " NarHash: $narFile->{narHash}\n";
print MANIFEST " Size: $narFile->{size}\n";
print MANIFEST " References: $narFile->{references}\n"
@ -180,7 +188,11 @@ sub writeManifest
print MANIFEST " StorePath: $storePath\n";
print MANIFEST " HashAlgo: $patch->{hashAlgo}\n";
print MANIFEST " NarURL: $patch->{url}\n";
print MANIFEST " MD5: $patch->{hash}\n";
if ($patch->{hashAlgo} eq "md5") {
print MANIFEST " MD5: $patch->{hash}\n";
} else {
print MANIFEST " Hash: $patch->{hash}\n";
}
print MANIFEST " NarHash: $patch->{narHash}\n";
print MANIFEST " Size: $patch->{size}\n";
print MANIFEST " BasePath: $patch->{basePath}\n";