From a40a31f6adc36147e26858afd45a9d12eef93e53 Mon Sep 17 00:00:00 2001
From: David Leverton <levertond@googlemail.com>
Date: Thu, 6 Oct 2011 23:28:08 +0100
Subject: Support verifying arbitrary (supported) Manifest hashes

---
 .../repositories/e/check_fetched_files_visitor.cc  | 103 ++++++---------------
 paludis/repositories/e/manifest2_reader.cc         |  21 +----
 paludis/repositories/e/manifest2_reader.hh         |  11 +--
 3 files changed, 38 insertions(+), 97 deletions(-)

diff --git a/paludis/repositories/e/check_fetched_files_visitor.cc b/paludis/repositories/e/check_fetched_files_visitor.cc
index d80bd4a0b..7c91b13c2 100644
--- a/paludis/repositories/e/check_fetched_files_visitor.cc
+++ b/paludis/repositories/e/check_fetched_files_visitor.cc
@@ -36,12 +36,10 @@
 #include <paludis/util/join.hh>
 #include <paludis/util/save.hh>
 #include <paludis/util/stringify.hh>
-#include <paludis/util/rmd160.hh>
-#include <paludis/util/sha1.hh>
-#include <paludis/util/sha256.hh>
-#include <paludis/util/md5.hh>
+#include <paludis/util/digest_registry.hh>
 #include <paludis/util/make_named_values.hh>
 #include <paludis/util/sequence.hh>
+#include <paludis/util/map.hh>
 #include <paludis/util/wrapped_forward_iterator.hh>
 #include <paludis/util/indirect_iterator-impl.hh>
 #include <paludis/util/accept_visitor.hh>
@@ -216,7 +214,7 @@ CheckFetchedFilesVisitor::check_distfile_manifest(const FSPath & distfile)
     if (manifest_ignore == _imp->use_manifest)
         return true;
 
-    bool found(false);
+    bool found(false), hashed(false);
 
     for (Manifest2Reader::ConstIterator m(_imp->m2r->begin()), m_end(_imp->m2r->end()) ;
         m != m_end ; ++m)
@@ -250,88 +248,35 @@ CheckFetchedFilesVisitor::check_distfile_manifest(const FSPath & distfile)
 
             MemoisedHashes * hashes = MemoisedHashes::get_instance();
 
-            if (! m->rmd160().empty())
+            for (Map<std::string, std::string>::ConstIterator it(m->hashes()->begin()),
+                     it_end(m->hashes()->end()); it_end != it; ++it)
             {
-                std::string rmd160hexsum(hashes->get("RMD160", distfile, file_stream));
-
-                if (rmd160hexsum != m->rmd160())
+                if (! DigestRegistry::get_instance()->get(it->first))
                 {
-                    Log::get_instance()->message("e.manifest.rmd160.failure", ll_debug, lc_context)
-                        << "Malformed Manifest: failed RMD160 checksum";
-                    _imp->output_manager->stdout_stream() << "failed RMD160";
-                    _imp->failures->push_back(make_named_values<FetchActionFailure>(
-                            n::failed_automatic_fetching() = false,
-                            n::failed_integrity_checks() = "Failed RMD160 checksum",
-                            n::requires_manual_fetching() = false,
-                            n::target_file() = stringify(distfile.basename())
-                            ));
-                    return false;
+                    Log::get_instance()->message("e.manifest.checksum.unsupported", ll_warning, lc_context)
+                        << "Manifest hash function '" + it->first + "' is not supported";
+                    continue;
                 }
-                Log::get_instance()->message("e.manifest.rmd160.result", ll_debug, lc_context)
-                    << "Actual RMD160 = " << rmd160hexsum;
-            }
 
-            if (! m->sha1().empty())
-            {
-                std::string sha1hexsum(hashes->get("SHA1", distfile, file_stream));
+                std::string hexsum(hashes->get(it->first, distfile, file_stream));
 
-                if (sha1hexsum != m->sha1())
+                if (hexsum != it->second)
                 {
-                    Log::get_instance()->message("e.manifest.sha1.failure", ll_debug, lc_context)
-                        << "Malformed Manifest: failed SHA1 checksum";
-                    _imp->output_manager->stdout_stream() << "failed SHA1";
+                    Log::get_instance()->message("e.manifest.checksum.failure", ll_debug, lc_context)
+                        << "Malformed Manifest: failed " << it->first << " checksum";
+                    _imp->output_manager->stdout_stream() << "failed " << it->first;
                     _imp->failures->push_back(make_named_values<FetchActionFailure>(
                             n::failed_automatic_fetching() = false,
-                            n::failed_integrity_checks() = "Failed SHA1 checksum",
+                            n::failed_integrity_checks() = "Failed " + it->first + " checksum",
                             n::requires_manual_fetching() = false,
                             n::target_file() = stringify(distfile.basename())
                             ));
                     return false;
                 }
-                Log::get_instance()->message("e.manifest.sha1.result", ll_debug, lc_context)
-                    << "Actual SHA1 = " << sha1hexsum;
-            }
-
-            if (! m->sha256().empty())
-            {
-                std::string sha256hexsum(hashes->get("SHA256", distfile, file_stream));
-
-                if (sha256hexsum != m->sha256())
-                {
-                    Log::get_instance()->message("e.manifest.sha256.failure", ll_debug, lc_context)
-                        << "Malformed Manifest: failed SHA256 checksum";
-                    _imp->output_manager->stdout_stream() << "failed SHA256";
-                    _imp->failures->push_back(make_named_values<FetchActionFailure>(
-                                n::failed_automatic_fetching() = false,
-                                n::failed_integrity_checks() = "Failed SHA256 checksum",
-                                n::requires_manual_fetching() = false,
-                                n::target_file() = stringify(distfile.basename())
-                            ));
-                    return false;
-                }
-                Log::get_instance()->message("e.manifest.sha256.result", ll_debug, lc_context)
-                    << "Actual SHA256 = " << sha256hexsum;
-            }
 
-            if (! m->md5().empty())
-            {
-                std::string md5hexsum(hashes->get("MD5", distfile, file_stream));
-
-                if (md5hexsum != m->md5())
-                {
-                    Log::get_instance()->message("e.manifest.md5.failure", ll_debug, lc_context)
-                        << "Malformed Manifest: failed MD5 checksum";
-                    _imp->output_manager->stdout_stream() << "failed MD5";
-                    _imp->failures->push_back(make_named_values<FetchActionFailure>(
-                            n::failed_automatic_fetching() = false,
-                            n::failed_integrity_checks() = "Failed MD5 checksum",
-                            n::requires_manual_fetching() = false,
-                            n::target_file() = stringify(distfile.basename())
-                            ));
-                    return false;
-                }
-                Log::get_instance()->message("e.manifest.md5.result", ll_debug, lc_context)
-                    << "Actual MD5 = " << md5hexsum;
+                Log::get_instance()->message("e.manifest.checksum.result", ll_debug, lc_context)
+                    << "Actual " << it->first << " = " << hexsum;
+                hashed = true;
             }
         }
         catch (const SafeIFStreamError &)
@@ -359,6 +304,18 @@ CheckFetchedFilesVisitor::check_distfile_manifest(const FSPath & distfile)
         return false;
     }
 
+    if (found && ! hashed)
+    {
+        _imp->output_manager->stdout_stream() << "no supported hashes in Manifest";
+        _imp->failures->push_back(make_named_values<FetchActionFailure>(
+                    n::failed_automatic_fetching() = false,
+                    n::failed_integrity_checks() = "No supported hashes in Manifest",
+                    n::requires_manual_fetching() = false,
+                    n::target_file() = stringify(distfile.basename())
+                ));
+        return false;
+    }
+
     return true;
 }
 
diff --git a/paludis/repositories/e/manifest2_reader.cc b/paludis/repositories/e/manifest2_reader.cc
index b16ea6a68..fb883c989 100644
--- a/paludis/repositories/e/manifest2_reader.cc
+++ b/paludis/repositories/e/manifest2_reader.cc
@@ -30,6 +30,7 @@
 #include <paludis/util/make_named_values.hh>
 #include <paludis/util/fs_path.hh>
 #include <paludis/util/fs_stat.hh>
+#include <paludis/util/map.hh>
 
 #include <list>
 #include <map>
@@ -80,8 +81,9 @@ Manifest2Reader::Manifest2Reader(const FSPath & f) :
         tokenise_whitespace((*l), create_inserter<std::string>(std::back_inserter(tokens)));
         std::list<std::string>::const_iterator t(tokens.begin()), t_end(tokens.end());
 
-        std::string type, name, sha1, sha256, rmd160, md5;
+        std::string type, name;
         off_t size;
+        std::shared_ptr<Map<std::string, std::string> > hashes(std::make_shared<Map<std::string, std::string> >());
 
         if (t_end == t)
             continue;
@@ -114,25 +116,12 @@ Manifest2Reader::Manifest2Reader(const FSPath & f) :
             if (t_end == t)
                 throw Manifest2Error("no checksum for: " + checksum_type);
 
-            if ("SHA1" == checksum_type)
-                sha1 = (*t);
-            else if ("SHA256" == checksum_type)
-                sha256 = (*t);
-            else if ("RMD160" == checksum_type)
-                rmd160 = (*t);
-            else if ("MD5" == checksum_type)
-                md5 = (*t);
-            else
-                Log::get_instance()->message("e.manifest.unknown_checksum", ll_debug, lc_no_context)
-                    << "Skipping unknown checksum type " << checksum_type;
+            hashes->insert(checksum_type, *t);
         }
 
         _imp->entries.insert(std::make_pair(std::make_pair(type,name), make_named_values<Manifest2Entry>(
-                        n::md5() = md5,
+                        n::hashes() = hashes,
                         n::name() = name,
-                        n::rmd160() = rmd160,
-                        n::sha1() = sha1,
-                        n::sha256() = sha256,
                         n::size() = size,
                         n::type() = type
                         )));
diff --git a/paludis/repositories/e/manifest2_reader.hh b/paludis/repositories/e/manifest2_reader.hh
index b35abc55e..cacd8f062 100644
--- a/paludis/repositories/e/manifest2_reader.hh
+++ b/paludis/repositories/e/manifest2_reader.hh
@@ -23,6 +23,7 @@
 #include <paludis/action.hh>
 #include <paludis/util/stringify.hh>
 #include <paludis/util/wrapped_forward_iterator-fwd.hh>
+#include <paludis/util/map-fwd.hh>
 #include <string>
 
 /** \file
@@ -35,11 +36,8 @@ namespace paludis
 {
     namespace n
     {
-        typedef Name<struct name_md5> md5;
+        typedef Name<struct name_hashes> hashes;
         typedef Name<struct name_name> name;
-        typedef Name<struct name_rmd160> rmd160;
-        typedef Name<struct name_sha1> sha1;
-        typedef Name<struct name_sha256> sha256;
         typedef Name<struct name_size> size;
         typedef Name<struct name_type> type;
     }
@@ -48,11 +46,8 @@ namespace paludis
     {
         struct Manifest2Entry
         {
-            NamedValue<n::md5, std::string> md5;
+            NamedValue<n::hashes, std::shared_ptr<const Map<std::string, std::string> > > hashes;
             NamedValue<n::name, std::string> name;
-            NamedValue<n::rmd160, std::string> rmd160;
-            NamedValue<n::sha1, std::string> sha1;
-            NamedValue<n::sha256, std::string> sha256;
             NamedValue<n::size, off_t> size;
             NamedValue<n::type, std::string> type;
         };
-- 
cgit v1.2.3