Bastian Blank wrote: > This change breaks the existing ABI and therefor needs an ABI bump, but > it is missing from the patch. The attached patch tries to bump the soname to 5. This makes the diff much larger, but the code changes are the same. I think libdebian-installer-extra nowadays gets a soname bump at the same time as libdebian-installer (whereas in the past it was possible to set a different soname for each). (If we really wanted, we could maybe avoid the ABI bump: no library functions are being added/removed, only the name and meaning of a struct member (a pointer, which remains the same length). The dynamically-sized buffer it points to, would change from storing an MD5 to a SHA256 hash, and would only cause a regression where something is still trying to validate MD5). Regards, -- Steven Chamberlain steven@pyro.eu.org
diff --git a/configure.ac b/configure.ac index d559d64..2f276b8 100644 --- a/configure.ac +++ b/configure.ac @@ -16,9 +16,9 @@ AS_IF([test "x$enable_check" != xno],[ ]) AM_CONDITIONAL([ENABLE_CHECK],[test "x$enable_check" != xno]) -LIBRARY_VERSION_MAJOR=4 +LIBRARY_VERSION_MAJOR=5 LIBRARY_VERSION_MINOR=0 -LIBRARY_VERSION_REVISION=7 +LIBRARY_VERSION_REVISION=0 LIBRARY_VERSION="$LIBRARY_VERSION_MAJOR.$LIBRARY_VERSION_MINOR.$LIBRARY_VERSION_REVISION" LIBRARY_VERSION_LIBTOOL="$LIBRARY_VERSION_MAJOR:$LIBRARY_VERSION_MINOR:$LIBRARY_VERSION_REVISION" diff --git a/debian/changelog b/debian/changelog index 3dd29e1..09c194e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,18 @@ libdebian-installer (0.109) UNRELEASED; urgency=medium + [ Samuel Thibault ] * Fix build with gcc-7. Closes: #853489 + [ Steven Chamberlain ] + * Parse SHA256 fields instead of MD5Sum fields in Packages files. + * Parse SHA256 fields instead of (no longer existing) SHA1 fields in + Release files. + * In structs di_release and di_package, add new sha256 member and + remove the md5sum member (a backward-incompatible change, this will + force reverse-dependencies to stop using MD5 for verification) + (Closes: #856212). + * Bump soname as advised by Bastian Blank. + -- Samuel Thibault <sthibault@debian.org> Tue, 31 Jan 2017 11:09:16 +0100 libdebian-installer (0.108) unstable; urgency=medium diff --git a/debian/control b/debian/control index 0949fd9..f53f55c 100644 --- a/debian/control +++ b/debian/control @@ -8,7 +8,7 @@ Standards-Version: 3.9.6 Vcs-Browser: https://anonscm.debian.org/cgit/d-i/libdebian-installer.git Vcs-Git: https://anonscm.debian.org/git/d-i/libdebian-installer.git -Package: libdebian-installer4 +Package: libdebian-installer5 Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} @@ -19,10 +19,10 @@ Description: Library of common debian-installer functions working on debian-installer or building your own install system based on debian-installer, then you probably don't need this library. -Package: libdebian-installer4-dev +Package: libdebian-installer5-dev Section: libdevel Architecture: any -Depends: ${misc:Depends}, libdebian-installer4 (= ${binary:Version}), libdebian-installer-extra4 (= ${binary:Version}) +Depends: ${misc:Depends}, libdebian-installer5 (= ${binary:Version}), libdebian-installer-extra5 (= ${binary:Version}) Conflicts: libdebian-installer-dev Provides: libdebian-installer-dev Description: Library of common debian-installer functions @@ -33,7 +33,7 @@ Description: Library of common debian-installer functions . This package contains files needed to do libdebian-installer development. -Package: libdebian-installer4-udeb +Package: libdebian-installer5-udeb Package-Type: udeb Section: debian-installer Architecture: any @@ -44,22 +44,22 @@ Description: Library of common debian-installer functions working on debian-installer or building your own install system based on debian-installer, then you probably don't need this library. -Package: libdebian-installer-extra4 +Package: libdebian-installer-extra5 Architecture: any Multi-Arch: same -Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer4 (= ${binary:Version}) +Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer5 (= ${binary:Version}) Description: Library of some extra debian-installer functions This library is used by debian-installer to perform common functions such as logging messages and executing commands. If you aren't working on debian-installer or building your own install system based on debian-installer, then you probably don't need this library. -Package: libdebian-installer-extra4-udeb +Package: libdebian-installer-extra5-udeb Package-Type: udeb Section: debian-installer Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer4-udeb (= ${binary:Version}) -Provides: libdebian-installer-extra4 +Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer5-udeb (= ${binary:Version}) +Provides: libdebian-installer-extra5 Description: Library of some extra debian-installer functions This library is used by debian-installer to perform common functions such as logging messages and executing commands. If you aren't diff --git a/debian/libdebian-installer-extra4-udeb.dirs b/debian/libdebian-installer-extra4-udeb.dirs deleted file mode 100644 index a65b417..0000000 --- a/debian/libdebian-installer-extra4-udeb.dirs +++ /dev/null @@ -1 +0,0 @@ -lib diff --git a/debian/libdebian-installer-extra4.install b/debian/libdebian-installer-extra4.install deleted file mode 100644 index 44ad198..0000000 --- a/debian/libdebian-installer-extra4.install +++ /dev/null @@ -1 +0,0 @@ -usr/lib/*/libdebian-installer-extra.so.* diff --git a/debian/libdebian-installer-extra4.shlibs.local b/debian/libdebian-installer-extra4.shlibs.local deleted file mode 100644 index 6e76754..0000000 --- a/debian/libdebian-installer-extra4.shlibs.local +++ /dev/null @@ -1 +0,0 @@ -libdebian-installer 4 diff --git a/debian/libdebian-installer4-dev.install b/debian/libdebian-installer4-dev.install deleted file mode 100644 index 0bea7ad..0000000 --- a/debian/libdebian-installer4-dev.install +++ /dev/null @@ -1,5 +0,0 @@ -usr/include -usr/lib/*/*.a -usr/lib/*/*.so -usr/lib/*/pkgconfig -usr/share/doc/libdebian-installer4-dev/* diff --git a/debian/libdebian-installer4-udeb.dirs b/debian/libdebian-installer4-udeb.dirs deleted file mode 100644 index a65b417..0000000 --- a/debian/libdebian-installer4-udeb.dirs +++ /dev/null @@ -1 +0,0 @@ -lib diff --git a/debian/libdebian-installer4.install b/debian/libdebian-installer4.install deleted file mode 100644 index 289fbef..0000000 --- a/debian/libdebian-installer4.install +++ /dev/null @@ -1 +0,0 @@ -usr/lib/*/libdebian-installer.so.* diff --git a/debian/rules b/debian/rules index 11b0963..b084adc 100755 --- a/debian/rules +++ b/debian/rules @@ -26,16 +26,16 @@ override_dh_auto_build: $(MAKE) -C build/doc doc override_dh_install: - install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer.so.4 $(CURDIR)/debian/libdebian-installer4-udeb/lib - install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer-extra.so.4 $(CURDIR)/debian/libdebian-installer-extra4-udeb/lib + install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer.so.5 $(CURDIR)/debian/libdebian-installer5-udeb/lib + install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer-extra.so.5 $(CURDIR)/debian/libdebian-installer-extra5-udeb/lib dh_install --sourcedir=debian/tmp override_dh_makeshlibs: - dh_makeshlibs -plibdebian-installer4 -V \ - --add-udeb=libdebian-installer4-udeb - dh_makeshlibs -plibdebian-installer-extra4 -V \ - --add-udeb=libdebian-installer-extra4-udeb + dh_makeshlibs -plibdebian-installer5 -V \ + --add-udeb=libdebian-installer5-udeb + dh_makeshlibs -plibdebian-installer-extra5 -V \ + --add-udeb=libdebian-installer-extra5-udeb override_dh_shlibdeps: - dh_shlibdeps -N libdebian-installer-extra4 -N libdebian-installer-extra4-udeb - dh_shlibdeps -p libdebian-installer-extra4 -p libdebian-installer-extra4-udeb -- -L$(CURDIR)/debian/libdebian-installer-extra4.shlibs.local + dh_shlibdeps -N libdebian-installer-extra5 -N libdebian-installer-extra5-udeb + dh_shlibdeps -p libdebian-installer-extra5 -p libdebian-installer-extra5-udeb -- -L$(CURDIR)/debian/libdebian-installer-extra5.shlibs.local diff --git a/include/debian-installer/package.h b/include/debian-installer/package.h index 72d7444..e1f699d 100644 --- a/include/debian-installer/package.h +++ b/include/debian-installer/package.h @@ -112,7 +112,7 @@ struct di_package di_slist depends; /**< Any different dependency types */ char *filename; /**< Filename field */ size_t size; /**< Size field */ - char *md5sum; /**< MD5Sum field */ + char *sha256; /**< SHA256 field */ char *short_description; /**< Description field, first part*/ char *description; /**< Description field, second part */ unsigned int resolver; /**< @internal */ diff --git a/include/debian-installer/package_internal.h b/include/debian-installer/package_internal.h index f6357d1..d410ce2 100644 --- a/include/debian-installer/package_internal.h +++ b/include/debian-installer/package_internal.h @@ -52,7 +52,7 @@ const di_parser_fieldinfo internal_di_package_parser_field_enhances, internal_di_package_parser_field_filename, internal_di_package_parser_field_size, - internal_di_package_parser_field_md5sum, + internal_di_package_parser_field_sha256, internal_di_package_parser_field_description; /** diff --git a/include/debian-installer/release.h b/include/debian-installer/release.h index 223a4f8..8e3c572 100644 --- a/include/debian-installer/release.h +++ b/include/debian-installer/release.h @@ -40,7 +40,7 @@ struct di_release char *origin; /**< Origin field */ char *suite; /**< Suite field */ char *codename; /**< Codename field */ - di_hash_table *md5sum; /**< checksum fields, includes di_release_file */ + di_hash_table *sha256; /**< checksum fields, includes di_release_file */ di_mem_chunk *release_file_mem_chunk; /**< @internal */ }; @@ -55,7 +55,7 @@ struct di_release_file di_rstring key; /**< @internal */ }; unsigned int size; /**< size */ - char *sum[2]; /**< checksums, currently md5 and sha1 */ + char *sum[2]; /**< checksums, currently md5 and sha256 */ }; di_release *di_release_alloc (void); diff --git a/src/package.c b/src/package.c index 653b5dd..82c7653 100644 --- a/src/package.c +++ b/src/package.c @@ -38,7 +38,7 @@ void di_package_destroy (di_package *package) di_free (package->architecture); di_free (package->version); di_free (package->filename); - di_free (package->md5sum); + di_free (package->sha256); di_free (package->short_description); di_free (package->description); diff --git a/src/package_parser.c b/src/package_parser.c index 6d6a5e7..de80d7e 100644 --- a/src/package_parser.c +++ b/src/package_parser.c @@ -180,13 +180,13 @@ const di_parser_fieldinfo di_parser_write_int, offsetof (di_package, size) ), - internal_di_package_parser_field_md5sum = + internal_di_package_parser_field_sha256 = DI_PARSER_FIELDINFO ( - "MD5sum", + "SHA256", di_parser_read_string, di_parser_write_string, - offsetof (di_package, md5sum) + offsetof (di_package, sha256) ), internal_di_package_parser_field_description = DI_PARSER_FIELDINFO @@ -217,7 +217,7 @@ const di_parser_fieldinfo *di_package_parser_fieldinfo[] = &internal_di_package_parser_field_enhances, &internal_di_package_parser_field_filename, &internal_di_package_parser_field_size, - &internal_di_package_parser_field_md5sum, + &internal_di_package_parser_field_sha256, &internal_di_package_parser_field_description, NULL }; diff --git a/src/packages_parser.c b/src/packages_parser.c index ac5c06b..30d66ba 100644 --- a/src/packages_parser.c +++ b/src/packages_parser.c @@ -65,7 +65,7 @@ const di_parser_fieldinfo *di_packages_parser_fieldinfo[] = &internal_di_package_parser_field_enhances, &internal_di_package_parser_field_filename, &internal_di_package_parser_field_size, - &internal_di_package_parser_field_md5sum, + &internal_di_package_parser_field_sha256, &internal_di_package_parser_field_description, NULL }; @@ -109,7 +109,7 @@ const di_parser_fieldinfo *di_packages_minimal_parser_fieldinfo[] = &internal_di_package_parser_field_depends, &internal_di_package_parser_field_pre_depends, &internal_di_package_parser_field_filename, - &internal_di_package_parser_field_md5sum, + &internal_di_package_parser_field_sha256, &internal_di_package_parser_field_size, NULL }; diff --git a/src/release.c b/src/release.c index 7cc7cbf..7aff0d7 100644 --- a/src/release.c +++ b/src/release.c @@ -69,10 +69,10 @@ const di_parser_fieldinfo NULL, 0 ), - internal_di_release_parser_field_sha1 = + internal_di_release_parser_field_sha256 = DI_PARSER_FIELDINFO ( - "SHA1", + "SHA256", di_release_parser_read_file, NULL, 1 @@ -87,7 +87,7 @@ const di_parser_fieldinfo *di_release_parser_fieldinfo[] = &internal_di_release_parser_field_suite, &internal_di_release_parser_field_codename, &internal_di_release_parser_field_md5sum, - &internal_di_release_parser_field_sha1, + &internal_di_release_parser_field_sha256, NULL }; @@ -110,7 +110,7 @@ di_release *di_release_alloc (void) di_release *ret; ret = di_new0 (di_release, 1); - ret->md5sum = di_hash_table_new_full (di_rstring_hash, di_rstring_equal, NULL, internal_di_release_file_destroy_func); + ret->sha256 = di_hash_table_new_full (di_rstring_hash, di_rstring_equal, NULL, internal_di_release_file_destroy_func); ret->release_file_mem_chunk = di_mem_chunk_new (sizeof (di_release_file), 4096); return ret; @@ -124,7 +124,7 @@ void di_release_free (di_release *release) di_free (release->origin); di_free (release->suite); di_free (release->codename); - di_hash_table_destroy (release->md5sum); + di_hash_table_destroy (release->sha256); di_mem_chunk_destroy (release->release_file_mem_chunk); di_free (release); } @@ -169,7 +169,7 @@ void di_release_parser_read_file (data, fip, field_modifier, value, user_data) int ret; size_t buf_size; di_release *release = *data; - di_hash_table *table = release->md5sum; + di_hash_table *table = release->sha256; while (1) {
Attachment:
signature.asc
Description: Digital signature