This is the mail archive of the
cygwin-apps-cvs
mailing list for the cygwin-apps project.
[setup] branch master, updated. release_2.871-14-gb53880e
- From: gratz at sourceware dot org
- To: cygwin-apps-cvs at sourceware dot org
- Date: 3 Aug 2015 21:19:34 -0000
- Subject: [setup] branch master, updated. release_2.871-14-gb53880e
https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=b53880ee4155b8b281bf4eaa2d494dd4e01a1390
commit b53880ee4155b8b281bf4eaa2d494dd4e01a1390
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date: Mon Aug 3 21:23:37 2015 +0200
Simplify parser, both SHA512 checksum types can parse to the same token
* inilex.ll: Introduce HEX and B64 definitions, use them in the
rules section. Parse both SHA512 and SHA512-Base64URL checksums
to the SHA512 token.
* iniparse.yy (packagedata): Remove all occurences of the
SHA512B64URL token.
https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=da1ab5671b98ac3a8a705c39e986151e0d5fe0ca
commit da1ab5671b98ac3a8a705c39e986151e0d5fe0ca
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date: Mon Aug 3 21:19:53 2015 +0200
If MD5 checksum is missing then SHA512 must always be checked
* install.cc (chksum_one): If MD5 checksum is not available, then
SHA512 must always be checked even if just against the zeroed
digest as initialized. Otherwise a package with no checksum would
be treated as valid.
https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=159763b27b31f7a899b81d4b3b9c26be72e64a10
commit 159763b27b31f7a899b81d4b3b9c26be72e64a10
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date: Mon Aug 3 21:04:10 2015 +0200
Fix bug in nibbled1 and use character types throughout
* ini.h (nibbled1): Fix a thinko in this macro that made the
result always zero.
(hexnibble, nibbled1, b64url, b64d1, b64d2, b64d3): Use character
literals for all numeric constants dealing with characters.
Remove trailing semicolons.
https://sourceware.org/git/gitweb.cgi?p=cygwin-setup.git;h=c7ad9a642a51753344a841c1718efd963af82505
commit c7ad9a642a51753344a841c1718efd963af82505
Author: Achim Gratz <Stromeko@Stromeko.DE>
Date: Mon Aug 3 20:15:51 2015 +0200
Fix MD5sum.str () formatting bug
* csu_util/MD5Sum.cc (str): The stream modifiers are not sticky
and must be applied for each conversion.
Diff:
---
ChangeLog | 28 ++++++++++++++++++++++++++++
csu_util/MD5Sum.cc | 4 ++--
ini.h | 20 ++++++++++----------
inilex.ll | 10 ++++++----
iniparse.yy | 7 ++-----
install.cc | 6 +++---
6 files changed, 51 insertions(+), 24 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 7d14458..355fd23 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,31 @@
+2015-08-03 Achim Gratz <ASSI <Stromeko@NexGo.DE>>
+
+ * inilex.ll: Introduce HEX and B64 definitions, use them in the
+ rules section. Parse both SHA512 and SHA512-Base64URL checksums
+ to the SHA512 token.
+ * iniparse.yy (packagedata): Remove all occurences of the
+ SHA512B64URL token.
+
+2015-08-03 Achim Gratz <Stromeko@NexGo.DE>
+
+ * install.cc (chksum_one): If MD5 checksum is not available, then
+ SHA512 must always be checked even if just against the zeroed
+ digest as initialized. Otherwise a package with no checksum would
+ be treated as valid.
+
+2015-08-03 Achim Gratz <Stromeko@NexGo.DE>
+
+ * ini.h (nibbled1): Fix a thinko in this macro that made the
+ result always zero.
+ (hexnibble, nibbled1, b64url, b64d1, b64d2, b64d3): Use character
+ literals for all numeric constants dealing with characters.
+ Remove trailing semicolons.
+
+2015-08-03 Achim Gratz <Stromeko@NexGo.DE>
+
+ * csu_util/MD5Sum.cc (str): The stream modifiers are not sticky
+ and must be applied for each conversion.
+
2015-08-01 David Hoke <d_hoke@hotmail.com>
* download.cc (IncludeSource): New command line switch
diff --git a/csu_util/MD5Sum.cc b/csu_util/MD5Sum.cc
index 1d9c362..596089d 100644
--- a/csu_util/MD5Sum.cc
+++ b/csu_util/MD5Sum.cc
@@ -85,9 +85,9 @@ MD5Sum::str() const
{
std::ostringstream hexdigest;
- hexdigest << std::hex << std::setfill('0') << std::setw(2);
for (int i=0; i<16; ++i )
- hexdigest << static_cast<unsigned int>(digest[i]);
+ hexdigest << std::hex << std::setfill('0') << std::setw(2)
+ << static_cast<unsigned int>(digest[i]);
return hexdigest.str();
}
diff --git a/ini.h b/ini.h
index 164e3d2..7f6db22 100644
--- a/ini.h
+++ b/ini.h
@@ -59,16 +59,16 @@ extern int yyerror_count; /* number of parse errors */
/* The following definitions are used in the parser implementation */
-#define hexnibble(val) (255 & (val > '9') ? val - 'a' + 10 : val - '0');
-#define nibbled1(v1,v2) (255 & ((v1 << 4) & v2));
+#define hexnibble(val) ('\xff' & (val > '9') ? val - 'a' + 10 : val - '0')
+#define nibbled1(v1,v2) ('\xff' & ((v1 << 4) | v2))
#define b64url(val) \
- (63 & (( val == '_') ? 63 \
- : (val == '-') ? 62 \
- : (val >= 'a') ? val - 'a' + 26 \
- : (val >= 'A') ? val - 'A' + 0 \
- : val - '0' + 52))
-#define b64d1(v1,v2,v3,v4) (255 & ((v1 << 2) | (v2 >> 4)));
-#define b64d2(v1,v2,v3,v4) (255 & ((v2 << 4) | (v3 >> 2)));
-#define b64d3(v1,v2,v3,v4) (255 & ((v3 << 6) | v4));
+ ('\x3f' & (( val == '_') ? '\x3f' \
+ : (val == '-') ? '\x3e' \
+ : (val >= 'a') ? val - 'a' + '\x1a' \
+ : (val >= 'A') ? val - 'A' + '\x00' \
+ : val - '0' + '\x34'))
+#define b64d1(v1,v2,v3,v4) ('\xff' & ((v1 << 2) | (v2 >> 4)))
+#define b64d2(v1,v2,v3,v4) ('\xff' & ((v2 << 4) | (v3 >> 2)))
+#define b64d3(v1,v2,v3,v4) ('\xff' & ((v3 << 6) | v4))
#endif /* SETUP_INI_H */
diff --git a/inilex.ll b/inilex.ll
index 86100ae..67764f0 100644
--- a/inilex.ll
+++ b/inilex.ll
@@ -46,10 +46,12 @@ static void ignore_line (void);
%x eolstate
STR [!a-zA-Z0-9_./:\+~-]+
+HEX [0-9a-f]
+B64 [a-zA-Z0-9_-]
%%
-[0-9a-f]{32} {
+{HEX}{32} {
yylval = (char *) new unsigned char[16];
memset (yylval, 0, 16);
int i, j;
@@ -63,7 +65,7 @@ STR [!a-zA-Z0-9_./:\+~-]+
return MD5;
}
-[0-9a-f]{128} {
+{HEX}{128} {
yylval = (char *) new unsigned char[SHA512_DIGEST_LENGTH];
memset (yylval, 0, SHA512_DIGEST_LENGTH);
int i, j;
@@ -77,7 +79,7 @@ STR [!a-zA-Z0-9_./:\+~-]+
return SHA512;
}
-[a-zA-Z0-9_-]{86} {
+{B64}{86} {
/* base64url as defined in RFC4648 */
yylval = (char *) new unsigned char[SHA512_DIGEST_LENGTH];
memset (yylval, 0, SHA512_DIGEST_LENGTH);
@@ -98,7 +100,7 @@ STR [!a-zA-Z0-9_./:\+~-]+
v3 = 0;
v4 = 0;
((unsigned char *) yylval) [j+0] = b64d1(v1, v2, v3, v4);
- return SHA512B64URL;
+ return SHA512;
}
\"[^"]*\" { yylval = new char [strlen (yytext+1) + 1];
diff --git a/iniparse.yy b/iniparse.yy
index 442135d..5fd6c3f 100644
--- a/iniparse.yy
+++ b/iniparse.yy
@@ -42,8 +42,8 @@ void add_correct_version();
%token CATEGORY DEPENDS REQUIRES
%token APATH PPATH INCLUDE_SETUP EXCLUDE_PACKAGE DOWNLOAD_URL
%token T_PREV T_CURR T_TEST
-%token SHA512 SHA512B64URL MD5 INSTALLEDSIZE MAINTAINER PRIORITY
-%token MD5LINE SHA512LINE
+%token INSTALLEDSIZE MAINTAINER PRIORITY
+%token MD5 MD5LINE SHA512 SHA512LINE
%token DESCTAG DESCRIPTION FILESIZE ARCHITECTURE SOURCEPACKAGE
%token RECOMMENDS PREDEPENDS
%token SUGGESTS CONFLICTS REPLACES PROVIDES PACKAGENAME STRTOEOL PARAGRAPH
@@ -109,7 +109,6 @@ singleitem /* non-empty */
| STANDARDSVERSION STRING NL { /* TODO */ }
| MD5LINE MD5 NL { iniBuilder->buildInstallMD5 ((unsigned char *)$2); }
| SHA512LINE SHA512 NL { iniBuilder->buildInstallSHA512 ((unsigned char *)$2); }
- | SHA512LINE SHA512B64URL NL { iniBuilder->buildInstallSHA512 ((unsigned char *)$2); }
| SOURCEPACKAGE source NL
| CATEGORY categories NL
| INSTALL STRING { iniBuilder->buildPackageInstall ($2); } installmeta NL
@@ -149,13 +148,11 @@ installmeta: /* empty */
installchksum: /* empty */
| MD5 { iniBuilder->buildInstallMD5 ((unsigned char *)$1);}
| SHA512 { iniBuilder->buildInstallSHA512 ((unsigned char *)$1);}
- | SHA512B64URL { iniBuilder->buildInstallSHA512 ((unsigned char *)$1);}
;
sourcechksum: /* empty */
| MD5 { iniBuilder->buildSourceMD5 ((unsigned char *)$1); }
| SHA512 { iniBuilder->buildSourceSHA512 ((unsigned char *)$1); }
- | SHA512B64URL { iniBuilder->buildSourceSHA512 ((unsigned char *)$1); }
;
source /* non-empty */
diff --git a/install.cc b/install.cc
index 4274715..1e69564 100644
--- a/install.cc
+++ b/install.cc
@@ -1044,8 +1044,8 @@ chksum_one (const packagesource& pkgsource)
{
if (!pkgsource.Cached ())
return;
- if (pkgsource.sha512sum[0])
- sha512_one (pkgsource);
- else if (pkgsource.md5.isSet())
+ if (pkgsource.md5.isSet())
md5_one (pkgsource);
+ else
+ sha512_one (pkgsource);
}