Bug#270439: Bug #270439: failed or aborted downloads aren't resumed or even checked for completeness

Mon, 13 Mar 2006 16:33:05 -0800 

On Mon, Mar 13, 2006 at 12:12:46PM +0000, Roger Leigh wrote:
> The attached patch adds proper checking to downloaded sources.  This
> applies to current CVS, or sbuild 0.42 and other recent versions.

A new patch is attached.  This does the same as the first, but doesn't
verify GPG signatures, and doesn't introduce any additional
dependencies.


Regards,
Roger

-- 
Roger Leigh
                Printing on GNU/Linux?  http://gutenprint.sourceforge.net/
                Debian GNU/Linux        http://www.debian.org/
                GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.

Index: sbuild
===================================================================
RCS file: /cvsroot/buildd-tools/sbuild/sbuild,v
retrieving revision 1.96
diff -u -r1.96 sbuild
--- sbuild      12 Mar 2006 18:43:24 -0000      1.96
+++ sbuild      14 Mar 2006 00:05:15 -0000
@@ -473,7 +473,7 @@
 
        if (!defined($dir) || $dir ne ".") {
                {
-                       if (-f "${pkgv}.dsc") {
+                       if (-f "${pkgv}.dsc" && 
!verify_dsc_md5sums("${pkgv}.dsc")) {
                                print PLOG "${pkgv}.dsc exists in cwd\n";
                        }
                        else {
@@ -538,6 +538,11 @@
                }
        }
        
+       if (verify_dsc_md5sums($dscfile)) {
+               print PLOG "FAILED [dsc verification]\n";
+               return( "ERROR", @made );
+       }
+
        if (!open( F, "<$dscfile" )) {
                print PLOG "Can't open $dscfile: $!\n";
                return( "ERROR", @made );
@@ -3429,3 +3434,49 @@
                die "$distribution chroot does not exist and in chroot only 
mode -- exiting\n";
        }
 }
+
+sub verify_dsc_md5sums {
+       my $dsc = shift;
+
+       my %dsc_md5 = (); # dsc MD5
+       my %obs_md5 = (); # Observed MD5
+
+       if (-r $dsc && open( DSC, "<$dsc" )) {
+               while (<DSC>) {
+                       chomp;
+                       if (/^ [a-z0-9]{32}/) {
+                               my @fields = split( /\s+/, $_ );
+                               $dsc_md5{$fields[3]} = $fields[1];
+                       }
+               }
+               close( DSC ) or print PLOG "Failed to close $dsc\n" && return 1;
+
+               open(OBS, '-|', "md5sum", keys %dsc_md5) or return 1;
+               while (<OBS>) {
+                       chomp;
+                       if (/^[a-z0-9]{32}/) {
+                               my @fields = split( /\s+/, $_ );
+                               $obs_md5{$fields[1]} = $fields[0];
+                       }
+               }
+               close( OBS ) or
+                       print PLOG "Failed to close m5sum\n" && return 1;
+
+               foreach (sort keys %dsc_md5) {
+                       if (defined $dsc_md5{$_} && defined $obs_md5{$_}) {
+                               if ($dsc_md5{$_} ne $obs_md5{$_}) {
+                                       print PLOG "$_: MD5SUM mismatch 
($dsc_md5{$_} cf $obs_md5{$_}\n";
+                                       return 1;
+                               }
+                       } else {
+                               print PLOG "$_: Missing file\n";
+                               return 1;
+                       }
+               }
+       } else {
+               print PLOG "$dsc: Can't open to verify\n";
+               return 1;
+       }
+
+       return 0;
+}

Attachment: signature.asc
Description: Digital signature

Reply via email to