[lxc-devel] [distrobuilder/master] Export function DownloadHash
monstermunchkin on Github
lxc-bot at linuxcontainers.org
Thu Dec 20 09:40:29 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 453 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20181220/a5f7ffa7/attachment.bin>
-------------- next part --------------
From 10b518a04d78a223ad7f10a69f16e32986083cc4 Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomas.hipp at canonical.com>
Date: Wed, 19 Dec 2018 20:29:15 +0100
Subject: [PATCH 1/2] shared/net: Export function DownloadHash
This removes the functions DownloadSha{256,512} in favor of DownloadHash
which lets you specify a hash function.
Signed-off-by: Thomas Hipp <thomas.hipp at canonical.com>
---
shared/net.go | 41 ++++++++++++-----------------------------
1 file changed, 12 insertions(+), 29 deletions(-)
diff --git a/shared/net.go b/shared/net.go
index 61d2cb7..a11e6c8 100644
--- a/shared/net.go
+++ b/shared/net.go
@@ -2,8 +2,6 @@ package shared
import (
"bufio"
- "crypto/sha256"
- "crypto/sha512"
"fmt"
"hash"
"io"
@@ -18,19 +16,9 @@ import (
"github.com/lxc/lxd/shared/ioprogress"
)
-// DownloadSha256 downloads a file. If a checksum file is provided will try and
-// match the sha256 hash.
-func DownloadSha256(file, checksum string) error {
- return download(file, checksum, sha256.New())
-}
-
-// DownloadSha512 downloads a file. If a checksum file is provided will try and
-// match the sha512 hash.
-func DownloadSha512(file, checksum string) error {
- return download(file, checksum, sha512.New())
-}
-
-func download(file, checksum string, sha hash.Hash) error {
+// DownloadHash downloads a file. If a checksum file is provided, it will try and
+// match the hash.
+func DownloadHash(file, checksum string, hashFunc hash.Hash) error {
var (
client http.Client
hash string
@@ -38,7 +26,7 @@ func download(file, checksum string, sha hash.Hash) error {
)
if checksum != "" {
- hash, err = downloadChecksum(checksum, file)
+ hash, err = downloadChecksum(checksum, file, hashFunc)
if err != nil {
return fmt.Errorf("Error while downloading checksum: %s", err)
}
@@ -55,12 +43,12 @@ func download(file, checksum string, sha hash.Hash) error {
defer image.Close()
if checksum != "" {
- _, err = io.Copy(sha, image)
+ _, err = io.Copy(hashFunc, image)
if err != nil {
return err
}
- result := fmt.Sprintf("%x", sha.Sum(nil))
+ result := fmt.Sprintf("%x", hashFunc.Sum(nil))
if result != hash {
return fmt.Errorf("Hash mismatch for %s: %s != %s", imagePath, result, hash)
}
@@ -79,13 +67,8 @@ func download(file, checksum string, sha hash.Hash) error {
fmt.Printf("%s\r", progress.Text)
}
- if sha.Size() == 32 {
- _, err = lxd.DownloadFileHash(&client, "", progress, nil, imagePath, file, hash, sha256.New(), image)
- } else if sha.Size() == 64 {
- _, err = lxd.DownloadFileHash(&client, "", progress, nil, imagePath, file, hash, sha512.New(), image)
- } else {
- return fmt.Errorf("Cannot handle sha%d", sha.Size()*8)
- }
+ _, err = lxd.DownloadFileHash(&client, "", progress, nil, imagePath, file, hash, hashFunc,
+ image)
if err != nil {
if checksum == "" && strings.HasPrefix(err.Error(), "Hash mismatch") {
return nil
@@ -99,8 +82,8 @@ func download(file, checksum string, sha hash.Hash) error {
}
// downloadChecksum downloads or opens URL, and matches fname against the
-// sha256sums inside of the downloaded or opened file.
-func downloadChecksum(URL string, fname string) (string, error) {
+// checksums inside of the downloaded or opened file.
+func downloadChecksum(URL string, fname string, hashFunc hash.Hash) (string, error) {
var (
client http.Client
tempFile *os.File
@@ -116,13 +99,13 @@ func downloadChecksum(URL string, fname string) (string, error) {
}
defer os.Remove(tempFile.Name())
} else {
- tempFile, err = ioutil.TempFile(os.TempDir(), "sha256.")
+ tempFile, err = ioutil.TempFile(os.TempDir(), "hash.")
if err != nil {
return "", err
}
defer os.Remove(tempFile.Name())
- _, err = lxd.DownloadFileHash(&client, "", nil, nil, "", URL, "", sha256.New(), tempFile)
+ _, err = lxd.DownloadFileHash(&client, "", nil, nil, "", URL, "", hashFunc, tempFile)
// ignore hash mismatch
if err != nil && !strings.HasPrefix(err.Error(), "Hash mismatch") {
return "", err
From f0b6939540101167b7930ad5a59182fbdf159e6c Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomas.hipp at canonical.com>
Date: Wed, 19 Dec 2018 20:29:46 +0100
Subject: [PATCH 2/2] sources: Use exported function DownloadHash
Signed-off-by: Thomas Hipp <thomas.hipp at canonical.com>
---
sources/alpine-http.go | 7 ++++---
sources/archlinux-http.go | 4 ++--
sources/centos-http.go | 5 +++--
sources/fedora-http.go | 4 ++--
sources/gentoo.go | 7 ++++---
sources/ubuntu-http.go | 7 ++++---
6 files changed, 19 insertions(+), 15 deletions(-)
diff --git a/sources/alpine-http.go b/sources/alpine-http.go
index f465094..8b31ac7 100644
--- a/sources/alpine-http.go
+++ b/sources/alpine-http.go
@@ -1,6 +1,7 @@
package sources
import (
+ "crypto/sha256"
"errors"
"fmt"
"net/url"
@@ -62,9 +63,9 @@ func (s *AlpineLinuxHTTP) Run(definition shared.Definition, rootfsDir string) er
}
if definition.Source.SkipVerification {
- err = shared.DownloadSha256(tarball, "")
+ err = shared.DownloadHash(tarball, "", nil)
} else {
- err = shared.DownloadSha256(tarball, tarball+".sha256")
+ err = shared.DownloadHash(tarball, tarball+".sha256", sha256.New())
}
if err != nil {
return err
@@ -72,7 +73,7 @@ func (s *AlpineLinuxHTTP) Run(definition shared.Definition, rootfsDir string) er
// Force gpg checks when using http
if !definition.Source.SkipVerification && url.Scheme != "https" {
- shared.DownloadSha256(tarball+".asc", "")
+ shared.DownloadHash(tarball+".asc", "", nil)
valid, err := shared.VerifyFile(
filepath.Join(os.TempDir(), fname),
filepath.Join(os.TempDir(), fname+".asc"),
diff --git a/sources/archlinux-http.go b/sources/archlinux-http.go
index 0f39c1c..4dcefb9 100644
--- a/sources/archlinux-http.go
+++ b/sources/archlinux-http.go
@@ -38,14 +38,14 @@ func (s *ArchLinuxHTTP) Run(definition shared.Definition, rootfsDir string) erro
return errors.New("GPG keys are required if downloading from HTTP")
}
- err = shared.DownloadSha256(tarball, "")
+ err = shared.DownloadHash(tarball, "", nil)
if err != nil {
return err
}
// Force gpg checks when using http
if !definition.Source.SkipVerification && url.Scheme != "https" {
- shared.DownloadSha256(tarball+".sig", "")
+ shared.DownloadHash(tarball+".sig", "", nil)
valid, err := shared.VerifyFile(
filepath.Join(os.TempDir(), fname),
diff --git a/sources/centos-http.go b/sources/centos-http.go
index 5bc68e2..fbbf853 100644
--- a/sources/centos-http.go
+++ b/sources/centos-http.go
@@ -1,6 +1,7 @@
package sources
import (
+ "crypto/sha256"
"errors"
"fmt"
"io/ioutil"
@@ -53,7 +54,7 @@ func (s *CentOSHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
checksumFile = "sha256sum.txt.asc"
- shared.DownloadSha256(baseURL+checksumFile, "")
+ shared.DownloadHash(baseURL+checksumFile, "", nil)
valid, err := shared.VerifyFile(filepath.Join(os.TempDir(), checksumFile), "",
definition.Source.Keys, definition.Source.Keyserver)
if err != nil {
@@ -65,7 +66,7 @@ func (s *CentOSHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
}
- err = shared.DownloadSha256(baseURL+s.fname, checksumFile)
+ err = shared.DownloadHash(baseURL+s.fname, checksumFile, sha256.New())
if err != nil {
return fmt.Errorf("Error downloading CentOS image: %s", err)
}
diff --git a/sources/fedora-http.go b/sources/fedora-http.go
index 673936d..f7b3531 100644
--- a/sources/fedora-http.go
+++ b/sources/fedora-http.go
@@ -41,8 +41,8 @@ func (s *FedoraHTTP) Run(definition shared.Definition, rootfsDir string) error {
definition.Image.Release, build, definition.Image.ArchitectureMapped)
// Download image
- err = shared.DownloadSha256(fmt.Sprintf("%s/%s/%s/images/%s",
- baseURL, definition.Image.Release, build, fname), "")
+ err = shared.DownloadHash(fmt.Sprintf("%s/%s/%s/images/%s",
+ baseURL, definition.Image.Release, build, fname), "", nil)
if err != nil {
return err
}
diff --git a/sources/gentoo.go b/sources/gentoo.go
index 2381d34..e23cb02 100644
--- a/sources/gentoo.go
+++ b/sources/gentoo.go
@@ -1,6 +1,7 @@
package sources
import (
+ "crypto/sha512"
"errors"
"fmt"
"io/ioutil"
@@ -50,9 +51,9 @@ func (s *GentooHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
if definition.Source.SkipVerification {
- err = shared.DownloadSha512(tarball, "")
+ err = shared.DownloadHash(tarball, "", nil)
} else {
- err = shared.DownloadSha512(tarball, tarball+".DIGESTS")
+ err = shared.DownloadHash(tarball, tarball+".DIGESTS", sha512.New())
}
if err != nil {
return err
@@ -60,7 +61,7 @@ func (s *GentooHTTP) Run(definition shared.Definition, rootfsDir string) error {
// Force gpg checks when using http
if !definition.Source.SkipVerification && url.Scheme != "https" {
- shared.DownloadSha512(tarball+".DIGESTS.asc", "")
+ shared.DownloadHash(tarball+".DIGESTS.asc", "", nil)
valid, err := shared.VerifyFile(
filepath.Join(os.TempDir(), fname+".DIGESTS.asc"),
"",
diff --git a/sources/ubuntu-http.go b/sources/ubuntu-http.go
index e843ecc..31ec1a3 100644
--- a/sources/ubuntu-http.go
+++ b/sources/ubuntu-http.go
@@ -1,6 +1,7 @@
package sources
import (
+ "crypto/sha256"
"errors"
"fmt"
"io/ioutil"
@@ -57,8 +58,8 @@ func (s *UbuntuHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
checksumFile = baseURL + "SHA256SUMS"
- shared.DownloadSha256(baseURL+"SHA256SUMS.gpg", "")
- shared.DownloadSha256(checksumFile, "")
+ shared.DownloadHash(baseURL+"SHA256SUMS.gpg", "", nil)
+ shared.DownloadHash(checksumFile, "", nil)
valid, err := shared.VerifyFile(
filepath.Join(os.TempDir(), "SHA256SUMS"),
@@ -73,7 +74,7 @@ func (s *UbuntuHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
}
- err = shared.DownloadSha256(baseURL+s.fname, checksumFile)
+ err = shared.DownloadHash(baseURL+s.fname, checksumFile, sha256.New())
if err != nil {
return fmt.Errorf("Error downloading Ubuntu image: %s", err)
}
More information about the lxc-devel
mailing list