[PATCH opkg 5/5] opkg_verify_integrity: better logging and error conditions

Baptiste Jonglez baptiste at bitsofnetworks.org
Mon Aug 24 19:00:32 EDT 2020


From: Baptiste Jonglez <git at bitsofnetworks.org>

The function now always returns an error if size/checksum don't match: we
let the caller decide what to do with the result.

In addition, most of the logging is also moved to the caller.  We just
keep logging for unexpected errors and a bit of debug at loglevel INFO.

Signed-off-by: Baptiste Jonglez <git at bitsofnetworks.org>
---
 libopkg/opkg_download.c | 49 ++++++++++++++---------------------------
 libopkg/opkg_install.c  | 11 ++++++++-
 2 files changed, 26 insertions(+), 34 deletions(-)

diff --git a/libopkg/opkg_download.c b/libopkg/opkg_download.c
index 3b79856..a9ebd58 100644
--- a/libopkg/opkg_download.c
+++ b/libopkg/opkg_download.c
@@ -55,16 +55,11 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename)
 	pkg_expected_size = pkg_get_int(pkg, PKG_SIZE);
 
 	if (pkg_expected_size > 0 && pkg_stat.st_size != pkg_expected_size) {
-		if (!conf->force_checksum) {
-			opkg_msg(ERROR,
-			         "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n",
-			         pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size);
-			return -1;
-		} else {
-			opkg_msg(NOTICE,
-			         "Ignored %s size mismatch.\n",
-			         pkg->name);
-		}
+		opkg_msg(INFO,
+			 "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n",
+			 pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size);
+		err = -1;
+		goto out;
 	}
 
 	/* Check for md5 values */
@@ -72,17 +67,11 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename)
 	if (pkg_md5) {
 		file_md5 = file_md5sum_alloc(filename);
 		if (file_md5 && strcmp(file_md5, pkg_md5)) {
-			if (!conf->force_checksum) {
-				opkg_msg(ERROR, "Package %s md5sum mismatch. "
-					 "Either the opkg or the package index are corrupt. "
-					 "Try 'opkg update'.\n", pkg->name);
-				free(file_md5);
-				return -1;
-			} else {
-				opkg_msg(NOTICE,
-					 "Ignored %s md5sum mismatch.\n",
-					 pkg->name);
-			}
+			opkg_msg(INFO, "Package %s md5sum mismatch.\n",
+				 pkg->name);
+			err = -1;
+			free(file_md5);
+			goto out;
 		}
 		if (file_md5)
 			free(file_md5);
@@ -93,23 +82,17 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename)
 	if (pkg_sha256) {
 		file_sha256 = file_sha256sum_alloc(filename);
 		if (file_sha256 && strcmp(file_sha256, pkg_sha256)) {
-			if (!conf->force_checksum) {
-				opkg_msg(ERROR,
-					 "Package %s sha256sum mismatch. "
-					 "Either the opkg or the package index are corrupt. "
-					 "Try 'opkg update'.\n", pkg->name);
-				free(file_sha256);
-				return -1;
-			} else {
-				opkg_msg(NOTICE,
-					 "Ignored %s sha256sum mismatch.\n",
-					 pkg->name);
-			}
+			opkg_msg(INFO, "Package %s sha256sum mismatch.\n",
+				 pkg->name);
+			err = -1;
+			free(file_sha256);
+			goto out;
 		}
 		if (file_sha256)
 			free(file_sha256);
 	}
 
+out:
 	return err;
 }
 
diff --git a/libopkg/opkg_install.c b/libopkg/opkg_install.c
index e8eccf8..da55b48 100644
--- a/libopkg/opkg_install.c
+++ b/libopkg/opkg_install.c
@@ -1363,9 +1363,18 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade)
 	}
 #endif
 
+	/* Check integrity (size, checksums) */
 	err = opkg_verify_integrity(pkg, local_filename);
-	if (err)
+	if (err && !conf->force_checksum) {
+		opkg_msg(ERROR, "Checksum or size mismatch for package %s. "
+			 "Either the opkg or the package index are corrupt. "
+			 "Try 'opkg update'.\n", pkg->name);
 		return -1;
+	}
+	if (err && conf->force_checksum) {
+		opkg_msg(NOTICE, "Ignored %s checksum or size mismatch.\n",
+			pkg->name);
+	}
 
 	if (conf->download_only) {
 		if (conf->nodeps == 0) {
-- 
2.27.0




More information about the openwrt-devel mailing list