From 61b3c62d1c0dbbdcee2d67f56fb112f0af80527a Mon Sep 17 00:00:00 2001 From: Baptiste Jonglez Date: Tue, 25 Aug 2020 01:00:32 +0200 Subject: [PATCH] opkg_verify_integrity: better logging and error conditions The function now always returns an error if size/checksum don't match: we let the caller decide what to do with the result. In addition, most of the logging is also moved to the caller. We just keep logging for unexpected errors and a bit of debug at loglevel INFO. Signed-off-by: Baptiste Jonglez --- libopkg/opkg_download.c | 49 ++++++++++++++--------------------------- libopkg/opkg_install.c | 11 ++++++++- 2 files changed, 26 insertions(+), 34 deletions(-) diff --git a/libopkg/opkg_download.c b/libopkg/opkg_download.c index 59123d2..cce4b6d 100644 --- a/libopkg/opkg_download.c +++ b/libopkg/opkg_download.c @@ -55,16 +55,11 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename) pkg_expected_size = pkg_get_int(pkg, PKG_SIZE); if (pkg_expected_size > 0 && pkg_stat.st_size != pkg_expected_size) { - if (!conf->force_checksum) { - opkg_msg(ERROR, - "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n", - pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size); - return -1; - } else { - opkg_msg(NOTICE, - "Ignored %s size mismatch.\n", - pkg->name); - } + opkg_msg(INFO, + "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n", + pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size); + err = -1; + goto out; } /* Check for md5 values */ @@ -72,17 +67,11 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename) if (pkg_md5) { file_md5 = file_md5sum_alloc(filename); if (file_md5 && strcmp(file_md5, pkg_md5)) { - if (!conf->force_checksum) { - opkg_msg(ERROR, "Package %s md5sum mismatch. " - "Either the opkg or the package index are corrupt. " - "Try 'opkg update'.\n", pkg->name); - free(file_md5); - return -1; - } else { - opkg_msg(NOTICE, - "Ignored %s md5sum mismatch.\n", - pkg->name); - } + opkg_msg(INFO, "Package %s md5sum mismatch.\n", + pkg->name); + err = -1; + free(file_md5); + goto out; } if (file_md5) free(file_md5); @@ -93,23 +82,17 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename) if (pkg_sha256) { file_sha256 = file_sha256sum_alloc(filename); if (file_sha256 && strcmp(file_sha256, pkg_sha256)) { - if (!conf->force_checksum) { - opkg_msg(ERROR, - "Package %s sha256sum mismatch. " - "Either the opkg or the package index are corrupt. " - "Try 'opkg update'.\n", pkg->name); - free(file_sha256); - return -1; - } else { - opkg_msg(NOTICE, - "Ignored %s sha256sum mismatch.\n", - pkg->name); - } + opkg_msg(INFO, "Package %s sha256sum mismatch.\n", + pkg->name); + err = -1; + free(file_sha256); + goto out; } if (file_sha256) free(file_sha256); } +out: return err; } diff --git a/libopkg/opkg_install.c b/libopkg/opkg_install.c index c6dda48..68fb9ea 100644 --- a/libopkg/opkg_install.c +++ b/libopkg/opkg_install.c @@ -1363,9 +1363,18 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade) } #endif + /* Check integrity (size, checksums) */ err = opkg_verify_integrity(pkg, local_filename); - if (err) + if (err && !conf->force_checksum) { + opkg_msg(ERROR, "Checksum or size mismatch for package %s. " + "Either the opkg or the package index are corrupt. " + "Try 'opkg update'.\n", pkg->name); return -1; + } + if (err && conf->force_checksum) { + opkg_msg(NOTICE, "Ignored %s checksum or size mismatch.\n", + pkg->name); + } if (conf->download_only) { if (conf->nodeps == 0) { -- 2.30.2