System.Data.SQLite
Check-in [8d36bd8426]
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Update the release archive verification tool to deal with SHA3 hashes.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 8d36bd8426e9ff301fff8f2bc8f13e45ccf64a9f
User & Date: mistachkin 2017-03-14 21:07:43
Context
2017-04-03
23:39
Update SQLite core library to the 3.18.0 release. check-in: e5b99f9b24 user: mistachkin tags: trunk
2017-03-14
21:07
Update the release archive verification tool to deal with SHA3 hashes. check-in: 8d36bd8426 user: mistachkin tags: trunk
2017-03-13
21:22
For the design-time components installer tool, make sure that verbose mode is honored for mock registry keys even in the event that a parameter has an invalid value. check-in: d1111b2d68 user: mistachkin tags: trunk
Changes
Hide Diffs Unified Diffs Show Whitespace Changes Patch

Changes to Setup/verify.eagle.

18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
..
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
..
56
57
58
59
60
61
62













63
64
65
66
67
68
69
...
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
...
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
...
345
346
347
348
349
350
351



352

353
354
355
356
357
358
359

  #
  # NOTE: Indicate to the caller, if any, that we have failed.
  #
  exit 1
}
 
proc getSha1Hashes { varName } {
  variable fossil

  upvar 1 $varName hashes

  set data [exec -success Success -nocarriagereturns -- \
      $fossil artifact current]; # or "release"

................................................................................
    if {[string range $line 0 1] eq "F "} then {
      set fields [split $line " "]

      if {[llength $fields] >= 3} then {
        set fileName [string map [list \\s " "] [lindex $fields 1]]
        set hash [lindex $fields 2]

        if {[regexp -- {[0-9a-f]{40}} $hash]} then {
          set hashes($fileName) $hash; incr result
        }
      }
    }
  }

  return $result
................................................................................

  set hash [string range [exec -success Success -nocarriagereturns \
      -trimall -- $fossil sha1sum [appendArgs \" $fileName \"]] 0 39]

  if {[regexp -- {[0-9a-f]{40}} $hash]} then {
    return $hash
  }














  return ""
}
 
set argc [llength $argv]

if {$argc >= 2 && $argc <= 3} then {
................................................................................
  }

  if {$withHashes} then {
    if {![file exists $fossil]} then {
      usage [appendArgs "tool \"" $fossil "\" is missing"]
    }

    if {[getSha1Hashes hashes] == 0} then {
      usage "no repository hashes are available"
    }
  }

  set hashPrefix [expr {$failHashes ? "ERROR" : "WARNING"}]
  set archiveFileNames [list]

................................................................................
              "\" missing file \"" $manifestFileName \
              "\" from manifest \"" $manifest "\"."]

          set exitCode 1
        }

        #
        # NOTE: Skip checking SHA1 hashes if it was not requested on the
        #       command line.
        #
        if {!$withHashes} then {
          continue
        }

        #
        # HACK: For now, only verify SHA1 hashes for those files actually
        #       present in the repository.
        #
        if {![string match -nocase -- *Source* $archiveFileName] && \
            ![info exists hashes($manifestFileName)]} then {
          continue
        }

................................................................................
        }

        try {
          if {[info exists hashes($manifestFileName)]} then {
            if {[catch {
              eval [string map $extractCommandMap $extractCommand]
            } result] == 0} then {



              set hash [getSha1Sum $extractFileName]


              if {[string length $hash] > 0} then {
                if {$hash ne $hashes($manifestFileName)} then {
                  puts stdout [appendArgs \
                      $hashPrefix ": Archive \"" $archiveFileName \
                      "\" file \"" $manifestFileName \
                      "\" repository hash mismatch, have \"" \







|







 







|







 







>
>
>
>
>
>
>
>
>
>
>
>
>







 







|







 







|







|







 







>
>
>
|
>







18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
..
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
..
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
...
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
...
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
...
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376

  #
  # NOTE: Indicate to the caller, if any, that we have failed.
  #
  exit 1
}
 
proc getFileHashes { varName } {
  variable fossil

  upvar 1 $varName hashes

  set data [exec -success Success -nocarriagereturns -- \
      $fossil artifact current]; # or "release"

................................................................................
    if {[string range $line 0 1] eq "F "} then {
      set fields [split $line " "]

      if {[llength $fields] >= 3} then {
        set fileName [string map [list \\s " "] [lindex $fields 1]]
        set hash [lindex $fields 2]

        if {[regexp -- {[0-9a-f]{40,64}} $hash]} then {
          set hashes($fileName) $hash; incr result
        }
      }
    }
  }

  return $result
................................................................................

  set hash [string range [exec -success Success -nocarriagereturns \
      -trimall -- $fossil sha1sum [appendArgs \" $fileName \"]] 0 39]

  if {[regexp -- {[0-9a-f]{40}} $hash]} then {
    return $hash
  }

  return ""
}
 
proc getSha3Sum { fileName } {
  variable fossil

  set hash [string range [exec -success Success -nocarriagereturns \
      -trimall -- $fossil sha3sum [appendArgs \" $fileName \"]] 0 63]

  if {[regexp -- {[0-9a-f]{64}} $hash]} then {
    return $hash
  }

  return ""
}
 
set argc [llength $argv]

if {$argc >= 2 && $argc <= 3} then {
................................................................................
  }

  if {$withHashes} then {
    if {![file exists $fossil]} then {
      usage [appendArgs "tool \"" $fossil "\" is missing"]
    }

    if {[getFileHashes hashes] == 0} then {
      usage "no repository hashes are available"
    }
  }

  set hashPrefix [expr {$failHashes ? "ERROR" : "WARNING"}]
  set archiveFileNames [list]

................................................................................
              "\" missing file \"" $manifestFileName \
              "\" from manifest \"" $manifest "\"."]

          set exitCode 1
        }

        #
        # NOTE: Skip checking hashes if that was not requested on the
        #       command line.
        #
        if {!$withHashes} then {
          continue
        }

        #
        # HACK: For now, only verify hashes for those files actually
        #       present in the repository.
        #
        if {![string match -nocase -- *Source* $archiveFileName] && \
            ![info exists hashes($manifestFileName)]} then {
          continue
        }

................................................................................
        }

        try {
          if {[info exists hashes($manifestFileName)]} then {
            if {[catch {
              eval [string map $extractCommandMap $extractCommand]
            } result] == 0} then {
              if {[string length $hashes($manifestFileName)] == 64} then {
                set hash [getSha3Sum $extractFileName]
              } else {
                set hash [getSha1Sum $extractFileName]
              }

              if {[string length $hash] > 0} then {
                if {$hash ne $hashes($manifestFileName)} then {
                  puts stdout [appendArgs \
                      $hashPrefix ": Archive \"" $archiveFileName \
                      "\" file \"" $manifestFileName \
                      "\" repository hash mismatch, have \"" \