diff options
author | Lamont Granquist <lamont@scriptkiddie.org> | 2014-07-30 18:45:53 -0700 |
---|---|---|
committer | Lamont Granquist <lamont@scriptkiddie.org> | 2014-07-30 18:45:53 -0700 |
commit | 900d23fdbab5137309ea458c17ed079863b5dc07 (patch) | |
tree | e966e5f3f19836a78076bbac09e07ebe0d53adc3 /lib | |
parent | a1bed084e17adfd2a1a2f1026628bed8e2304fd2 (diff) | |
download | chef-900d23fdbab5137309ea458c17ed079863b5dc07.tar.gz |
validate checksums on downloads
Diffstat (limited to 'lib')
-rw-r--r-- | lib/chef/exceptions.rb | 6 | ||||
-rw-r--r-- | lib/chef/provider/file.rb | 14 |
2 files changed, 19 insertions, 1 deletions
diff --git a/lib/chef/exceptions.rb b/lib/chef/exceptions.rb index 22fafaa4dc..e3c7d630ce 100644 --- a/lib/chef/exceptions.rb +++ b/lib/chef/exceptions.rb @@ -331,6 +331,12 @@ class Chef end end + class ChecksumMismatch < RuntimeError + def initialize(res_cksum, cont_cksum) + super "Checksum on resource (#{res_cksum}) does not match checksum on content (#{cont_cksum})" + end + end + class BadProxyURI < RuntimeError; end end end diff --git a/lib/chef/provider/file.rb b/lib/chef/provider/file.rb index bae8e107ad..f35df07c1f 100644 --- a/lib/chef/provider/file.rb +++ b/lib/chef/provider/file.rb @@ -60,6 +60,7 @@ class Chef attr_accessor :needs_creating attr_accessor :needs_unlinking + attr_accessor :managing_symlink def initialize(new_resource, run_context) @content_class ||= Chef::Provider::File::Content @@ -145,6 +146,7 @@ class Chef def action_create do_generate_content + do_validate_content do_unlink do_create_file do_contents_changes @@ -336,6 +338,16 @@ class Chef tempfile end + def tempfile_checksum + @tempfile_checksum ||= checksum(tempfile.path) + end + + def do_validate_content + if new_resource.checksum && tempfile && ( new_resource.checksum != tempfile_checksum ) + raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum)) + end + end + def do_unlink if @new_resource.force_unlink if needs_unlinking? @@ -433,7 +445,7 @@ class Chef def contents_changed? Chef::Log.debug "calculating checksum of #{tempfile.path} to compare with #{@current_resource.checksum}" - checksum(tempfile.path) != @current_resource.checksum + tempfile_checksum != @current_resource.checksum end def tempfile |