* Properly specify the hash algorithm in the manifests, and read it

too.
* Change the default hash for nix-prefetch-url back to md5, since
  that's what we use in Nixpkgs (for now; a birthday attack is rather
  unlikely there).
This commit is contained in:
Eelco Dolstra 2005-02-24 17:36:42 +00:00
parent 95e870a113
commit 3259ae5811
4 changed files with 31 additions and 13 deletions

View file

@ -96,7 +96,7 @@ while ($queueFront < scalar @queue) {
foreach my $patch (@{$patchList}) { foreach my $patch (@{$patchList}) {
if (isValidPath($patch->{basePath})) { if (isValidPath($patch->{basePath})) {
# !!! this should be cached # !!! this should be cached
my $hash = `@bindir@/nix-hash "$patch->{basePath}"`; my $hash = `@bindir@/nix-hash --type '$patch->{hashAlgo}' "$patch->{basePath}"`;
chomp $hash; chomp $hash;
# print " MY HASH is $hash\n"; # print " MY HASH is $hash\n";
if ($hash ne $patch->{baseHash}) { if ($hash ne $patch->{baseHash}) {
@ -175,8 +175,10 @@ my $maxStep = scalar @path;
sub downloadFile { sub downloadFile {
my $url = shift; my $url = shift;
my $hash = shift; my $hash = shift;
my $hashAlgo = shift;
$ENV{"PRINT_PATH"} = 1; $ENV{"PRINT_PATH"} = 1;
$ENV{"QUIET"} = 1; $ENV{"QUIET"} = 1;
$ENV{"NIX_HASH_ALGO"} = $hashAlgo;
my ($hash2, $path) = `@bindir@/nix-prefetch-url '$url' '$hash'`; my ($hash2, $path) = `@bindir@/nix-prefetch-url '$url' '$hash'`;
chomp $hash2; chomp $hash2;
chomp $path; chomp $path;
@ -205,7 +207,7 @@ while (scalar @path > 0) {
# Download the patch. # Download the patch.
print " downloading patch...\n"; print " downloading patch...\n";
my $patchPath = downloadFile "$patch->{url}", "$patch->{hash}"; my $patchPath = downloadFile "$patch->{url}", "$patch->{hash}", "$patch->{hashAlgo}";
# Turn the base path into a NAR archive, to which we can # Turn the base path into a NAR archive, to which we can
# actually apply the patch. # actually apply the patch.
@ -232,7 +234,7 @@ while (scalar @path > 0) {
# Download the archive. # Download the archive.
print " downloading archive...\n"; print " downloading archive...\n";
my $narFilePath = downloadFile "$narFile->{url}", "$narFile->{hash}"; my $narFilePath = downloadFile "$narFile->{url}", "$narFile->{hash}", "$narFile->{hashAlgo}";
# Unpack the archive into the target path. # Unpack the archive into the target path.
print " unpacking archive...\n"; print " unpacking archive...\n";

View file

@ -45,6 +45,7 @@ sub findOutputPaths {
# Ignore store expressions. # Ignore store expressions.
next if ($p =~ /\.store$/); next if ($p =~ /\.store$/);
next if ($p =~ /\.drv$/);
# Ignore builders (too much ambiguity -- they're all called # Ignore builders (too much ambiguity -- they're all called
# `builder.sh'). # `builder.sh').
@ -69,7 +70,7 @@ my %dstOutPaths = findOutputPaths \%dstNarFiles, \%dstSuccessors;
sub getNameVersion { sub getNameVersion {
my $p = shift; my $p = shift;
$p =~ /\/[0-9a-f]+((?:-[a-zA-Z][^\/-]*)+)([^\/]*)$/; $p =~ /\/[0-9a-z]+((?:-[a-zA-Z][^\/-]*)+)([^\/]*)$/;
my $name = $1; my $name = $1;
my $version = $2; my $version = $2;
$name =~ s/^-//; $name =~ s/^-//;
@ -192,16 +193,16 @@ foreach my $p (keys %dstOutPaths) {
system("@bunzip2@ < $dstNarBz2 > $tmpdir/B") == 0 system("@bunzip2@ < $dstNarBz2 > $tmpdir/B") == 0
or die "cannot unpack $dstNarBz2"; or die "cannot unpack $dstNarBz2";
system("@libexecdir@/bspatch $tmpdir/A $tmpdir/B $tmpdir/DIFF") == 0 system("@libexecdir@/bsdiff $tmpdir/A $tmpdir/B $tmpdir/DIFF") == 0
or die "cannot compute binary diff"; or die "cannot compute binary diff";
my $baseHash = `@bindir@/nix-hash --flat $tmpdir/A` or die; my $baseHash = `@bindir@/nix-hash --flat --type sha1 $tmpdir/A` or die;
chomp $baseHash; chomp $baseHash;
my $narHash = `@bindir@/nix-hash --flat $tmpdir/B` or die; my $narHash = `@bindir@/nix-hash --flat --type sha1 $tmpdir/B` or die;
chomp $narHash; chomp $narHash;
my $narDiffHash = `@bindir@/nix-hash --flat $tmpdir/DIFF` or die; my $narDiffHash = `@bindir@/nix-hash --flat --type sha1 $tmpdir/DIFF` or die;
chomp $narDiffHash; chomp $narDiffHash;
my $narDiffSize = (stat "$tmpdir/DIFF")[7]; my $narDiffSize = (stat "$tmpdir/DIFF")[7];
@ -234,7 +235,7 @@ foreach my $p (keys %dstOutPaths) {
# Add the patch to the manifest. # Add the patch to the manifest.
addPatch \%dstPatches, $p, addPatch \%dstPatches, $p,
{ url => "$patchesURL/$finalName", hash => $narDiffHash { url => "$patchesURL/$finalName", hash => $narDiffHash
, size => $narDiffSize , size => $narDiffSize, hashAlgo => "sha1"
, basePath => $closest, baseHash => $baseHash , basePath => $closest, baseHash => $baseHash
, narHash => $narHash, patchType => "nar-bsdiff" , narHash => $narHash, patchType => "nar-bsdiff"
}; };

View file

@ -3,7 +3,10 @@
url=$1 url=$1
hash=$2 hash=$2
hashType="sha1" hashType=$NIX_HASH_ALGO
if test -z "$hashType"; then
hashType=md5
fi
if test -z "$url"; then if test -z "$url"; then
echo "syntax: nix-prefetch-url URL" >&2 echo "syntax: nix-prefetch-url URL" >&2

View file

@ -52,6 +52,7 @@ sub readManifest {
my $narHash; my $narHash;
my $references; my $references;
my $deriver; my $deriver;
my $hashAlgo;
while (<MANIFEST>) { while (<MANIFEST>) {
chomp; chomp;
@ -75,6 +76,7 @@ sub readManifest {
undef $patchType; undef $patchType;
$references = ""; $references = "";
$deriver = ""; $deriver = "";
$hashAlgo = "md5";
} }
} else { } else {
@ -104,7 +106,7 @@ sub readManifest {
push @{$narFileList}, push @{$narFileList},
{ url => $url, hash => $hash, size => $size { url => $url, hash => $hash, size => $size
, narHash => $narHash, references => $references , narHash => $narHash, references => $references
, deriver => $deriver , deriver => $deriver, hashAlgo => $hashAlgo
}; };
} }
@ -119,12 +121,14 @@ sub readManifest {
{ url => $url, hash => $hash, size => $size { url => $url, hash => $hash, size => $size
, basePath => $basePath, baseHash => $baseHash , basePath => $basePath, baseHash => $baseHash
, narHash => $narHash, patchType => $patchType , narHash => $narHash, patchType => $patchType
, hashAlgo => $hashAlgo
}; };
} }
} }
elsif (/^\s*StorePath:\s*(\/\S+)\s*$/) { $storePath = $1; } elsif (/^\s*StorePath:\s*(\/\S+)\s*$/) { $storePath = $1; }
elsif (/^\s*HashAlgo:\s*(\S+)\s*$/) { $hashAlgo = $1; }
elsif (/^\s*Hash:\s*(\S+)\s*$/) { $hash = $1; } elsif (/^\s*Hash:\s*(\S+)\s*$/) { $hash = $1; }
elsif (/^\s*URL:\s*(\S+)\s*$/) { $url = $1; } elsif (/^\s*URL:\s*(\S+)\s*$/) { $url = $1; }
elsif (/^\s*Size:\s*(\d+)\s*$/) { $size = $1; } elsif (/^\s*Size:\s*(\d+)\s*$/) { $size = $1; }
@ -162,7 +166,11 @@ sub writeManifest
print MANIFEST " StorePath: $storePath\n"; print MANIFEST " StorePath: $storePath\n";
print MANIFEST " HashAlgo: $narFile->{hashAlgo}\n"; print MANIFEST " HashAlgo: $narFile->{hashAlgo}\n";
print MANIFEST " NarURL: $narFile->{url}\n"; print MANIFEST " NarURL: $narFile->{url}\n";
if ($narFile->{hashAlgo} eq "md5") {
print MANIFEST " MD5: $narFile->{hash}\n"; print MANIFEST " MD5: $narFile->{hash}\n";
} else {
print MANIFEST " Hash: $narFile->{hash}\n";
}
print MANIFEST " NarHash: $narFile->{narHash}\n"; print MANIFEST " NarHash: $narFile->{narHash}\n";
print MANIFEST " Size: $narFile->{size}\n"; print MANIFEST " Size: $narFile->{size}\n";
print MANIFEST " References: $narFile->{references}\n" print MANIFEST " References: $narFile->{references}\n"
@ -180,7 +188,11 @@ sub writeManifest
print MANIFEST " StorePath: $storePath\n"; print MANIFEST " StorePath: $storePath\n";
print MANIFEST " HashAlgo: $patch->{hashAlgo}\n"; print MANIFEST " HashAlgo: $patch->{hashAlgo}\n";
print MANIFEST " NarURL: $patch->{url}\n"; print MANIFEST " NarURL: $patch->{url}\n";
if ($patch->{hashAlgo} eq "md5") {
print MANIFEST " MD5: $patch->{hash}\n"; print MANIFEST " MD5: $patch->{hash}\n";
} else {
print MANIFEST " Hash: $patch->{hash}\n";
}
print MANIFEST " NarHash: $patch->{narHash}\n"; print MANIFEST " NarHash: $patch->{narHash}\n";
print MANIFEST " Size: $patch->{size}\n"; print MANIFEST " Size: $patch->{size}\n";
print MANIFEST " BasePath: $patch->{basePath}\n"; print MANIFEST " BasePath: $patch->{basePath}\n";