diff options
author | Colin Walters <walters@verbum.org> | 2017-10-17 21:07:19 -0400 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2017-10-18 13:27:11 +0000 |
commit | de5f781089ada0ae80810ab95aa71fb02d946f35 (patch) | |
tree | f5b4237a2bfd80e1e89d59c6c48cdc3758a7960e | |
parent | 075e676eb63a3abaf647c789e22d8d1afe3a1dd5 (diff) | |
download | ostree-de5f781089ada0ae80810ab95aa71fb02d946f35.tar.gz |
lib/pull: Update summary checksum code to use new checksum API
This is another case where making an input stream out of a memory buffer is a
bit silly; just hash the `GBytes` directly.
Closes: #1287
Approved by: jlebon
-rw-r--r-- | src/libostree/ostree-repo-pull.c | 24 |
1 files changed, 9 insertions, 15 deletions
diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c index 2e9b0bd7..ea670c9c 100644 --- a/src/libostree/ostree-repo-pull.c +++ b/src/libostree/ostree-repo-pull.c @@ -2457,34 +2457,28 @@ on_superblock_fetched (GObject *src, } else { - g_autofree gchar *delta = NULL; - g_autofree guchar *ret_csum = NULL; - guchar *summary_csum; - g_autoptr (GInputStream) summary_is = NULL; g_autoptr(GVariant) delta_superblock = NULL; + g_autofree gchar *delta = g_strconcat (from_revision ? from_revision : "", from_revision ? "-" : "", to_revision, NULL); + const guchar *expected_summary_digest = g_hash_table_lookup (pull_data->summary_deltas_checksums, delta); + guint8 actual_summary_digest[OSTREE_SHA256_DIGEST_LEN]; - summary_is = g_memory_input_stream_new_from_data (g_bytes_get_data (delta_superblock_data, NULL), - g_bytes_get_size (delta_superblock_data), - NULL); - - if (!ot_gio_checksum_stream (summary_is, &ret_csum, pull_data->cancellable, error)) - goto out; - - delta = g_strconcat (from_revision ? from_revision : "", from_revision ? "-" : "", to_revision, NULL); - summary_csum = g_hash_table_lookup (pull_data->summary_deltas_checksums, delta); + g_auto(OtChecksum) hasher = { 0, }; + ot_checksum_init (&hasher); + ot_checksum_update_bytes (&hasher, delta_superblock_data); + ot_checksum_get_digest (&hasher, actual_summary_digest, sizeof (actual_summary_digest)); /* At this point we've GPG verified the data, so in theory * could trust that they provided the right data, but let's * make this a hard error. */ - if (pull_data->gpg_verify_summary && !summary_csum) + if (pull_data->gpg_verify_summary && !expected_summary_digest) { g_set_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_NO_SIGNATURE, "GPG verification enabled, but no summary signatures found (use gpg-verify-summary=false in remote config to disable)"); goto out; } - if (summary_csum && memcmp (summary_csum, ret_csum, 32)) + if (expected_summary_digest && memcmp (expected_summary_digest, actual_summary_digest, sizeof (actual_summary_digest))) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Invalid checksum for static delta %s", delta); goto out; |