Bastian Blank wrote: > This change breaks the existing ABI and therefor needs an ABI bump, but > it is missing from the patch. The attached patch tries to bump the soname to 5. This makes the diff much larger, but the code changes are the same. I think libdebian-installer-extra nowadays gets a soname bump at the same time as libdebian-installer (whereas in the past it was possible to set a different soname for each). (If we really wanted, we could maybe avoid the ABI bump: no library functions are being added/removed, only the name and meaning of a struct member (a pointer, which remains the same length). The dynamically-sized buffer it points to, would change from storing an MD5 to a SHA256 hash, and would only cause a regression where something is still trying to validate MD5). Regards, -- Steven Chamberlain steven@pyro.eu.org
diff --git a/configure.ac b/configure.ac
index d559d64..2f276b8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -16,9 +16,9 @@ AS_IF([test "x$enable_check" != xno],[
])
AM_CONDITIONAL([ENABLE_CHECK],[test "x$enable_check" != xno])
-LIBRARY_VERSION_MAJOR=4
+LIBRARY_VERSION_MAJOR=5
LIBRARY_VERSION_MINOR=0
-LIBRARY_VERSION_REVISION=7
+LIBRARY_VERSION_REVISION=0
LIBRARY_VERSION="$LIBRARY_VERSION_MAJOR.$LIBRARY_VERSION_MINOR.$LIBRARY_VERSION_REVISION"
LIBRARY_VERSION_LIBTOOL="$LIBRARY_VERSION_MAJOR:$LIBRARY_VERSION_MINOR:$LIBRARY_VERSION_REVISION"
diff --git a/debian/changelog b/debian/changelog
index 3dd29e1..09c194e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,18 @@
libdebian-installer (0.109) UNRELEASED; urgency=medium
+ [ Samuel Thibault ]
* Fix build with gcc-7. Closes: #853489
+ [ Steven Chamberlain ]
+ * Parse SHA256 fields instead of MD5Sum fields in Packages files.
+ * Parse SHA256 fields instead of (no longer existing) SHA1 fields in
+ Release files.
+ * In structs di_release and di_package, add new sha256 member and
+ remove the md5sum member (a backward-incompatible change, this will
+ force reverse-dependencies to stop using MD5 for verification)
+ (Closes: #856212).
+ * Bump soname as advised by Bastian Blank.
+
-- Samuel Thibault <sthibault@debian.org> Tue, 31 Jan 2017 11:09:16 +0100
libdebian-installer (0.108) unstable; urgency=medium
diff --git a/debian/control b/debian/control
index 0949fd9..f53f55c 100644
--- a/debian/control
+++ b/debian/control
@@ -8,7 +8,7 @@ Standards-Version: 3.9.6
Vcs-Browser: https://anonscm.debian.org/cgit/d-i/libdebian-installer.git
Vcs-Git: https://anonscm.debian.org/git/d-i/libdebian-installer.git
-Package: libdebian-installer4
+Package: libdebian-installer5
Architecture: any
Multi-Arch: same
Pre-Depends: ${misc:Pre-Depends}
@@ -19,10 +19,10 @@ Description: Library of common debian-installer functions
working on debian-installer or building your own install system based
on debian-installer, then you probably don't need this library.
-Package: libdebian-installer4-dev
+Package: libdebian-installer5-dev
Section: libdevel
Architecture: any
-Depends: ${misc:Depends}, libdebian-installer4 (= ${binary:Version}), libdebian-installer-extra4 (= ${binary:Version})
+Depends: ${misc:Depends}, libdebian-installer5 (= ${binary:Version}), libdebian-installer-extra5 (= ${binary:Version})
Conflicts: libdebian-installer-dev
Provides: libdebian-installer-dev
Description: Library of common debian-installer functions
@@ -33,7 +33,7 @@ Description: Library of common debian-installer functions
.
This package contains files needed to do libdebian-installer development.
-Package: libdebian-installer4-udeb
+Package: libdebian-installer5-udeb
Package-Type: udeb
Section: debian-installer
Architecture: any
@@ -44,22 +44,22 @@ Description: Library of common debian-installer functions
working on debian-installer or building your own install system based
on debian-installer, then you probably don't need this library.
-Package: libdebian-installer-extra4
+Package: libdebian-installer-extra5
Architecture: any
Multi-Arch: same
-Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer4 (= ${binary:Version})
+Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer5 (= ${binary:Version})
Description: Library of some extra debian-installer functions
This library is used by debian-installer to perform common functions
such as logging messages and executing commands. If you aren't
working on debian-installer or building your own install system based
on debian-installer, then you probably don't need this library.
-Package: libdebian-installer-extra4-udeb
+Package: libdebian-installer-extra5-udeb
Package-Type: udeb
Section: debian-installer
Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer4-udeb (= ${binary:Version})
-Provides: libdebian-installer-extra4
+Depends: ${shlibs:Depends}, ${misc:Depends}, libdebian-installer5-udeb (= ${binary:Version})
+Provides: libdebian-installer-extra5
Description: Library of some extra debian-installer functions
This library is used by debian-installer to perform common functions
such as logging messages and executing commands. If you aren't
diff --git a/debian/libdebian-installer-extra4-udeb.dirs b/debian/libdebian-installer-extra4-udeb.dirs
deleted file mode 100644
index a65b417..0000000
--- a/debian/libdebian-installer-extra4-udeb.dirs
+++ /dev/null
@@ -1 +0,0 @@
-lib
diff --git a/debian/libdebian-installer-extra4.install b/debian/libdebian-installer-extra4.install
deleted file mode 100644
index 44ad198..0000000
--- a/debian/libdebian-installer-extra4.install
+++ /dev/null
@@ -1 +0,0 @@
-usr/lib/*/libdebian-installer-extra.so.*
diff --git a/debian/libdebian-installer-extra4.shlibs.local b/debian/libdebian-installer-extra4.shlibs.local
deleted file mode 100644
index 6e76754..0000000
--- a/debian/libdebian-installer-extra4.shlibs.local
+++ /dev/null
@@ -1 +0,0 @@
-libdebian-installer 4
diff --git a/debian/libdebian-installer4-dev.install b/debian/libdebian-installer4-dev.install
deleted file mode 100644
index 0bea7ad..0000000
--- a/debian/libdebian-installer4-dev.install
+++ /dev/null
@@ -1,5 +0,0 @@
-usr/include
-usr/lib/*/*.a
-usr/lib/*/*.so
-usr/lib/*/pkgconfig
-usr/share/doc/libdebian-installer4-dev/*
diff --git a/debian/libdebian-installer4-udeb.dirs b/debian/libdebian-installer4-udeb.dirs
deleted file mode 100644
index a65b417..0000000
--- a/debian/libdebian-installer4-udeb.dirs
+++ /dev/null
@@ -1 +0,0 @@
-lib
diff --git a/debian/libdebian-installer4.install b/debian/libdebian-installer4.install
deleted file mode 100644
index 289fbef..0000000
--- a/debian/libdebian-installer4.install
+++ /dev/null
@@ -1 +0,0 @@
-usr/lib/*/libdebian-installer.so.*
diff --git a/debian/rules b/debian/rules
index 11b0963..b084adc 100755
--- a/debian/rules
+++ b/debian/rules
@@ -26,16 +26,16 @@ override_dh_auto_build:
$(MAKE) -C build/doc doc
override_dh_install:
- install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer.so.4 $(CURDIR)/debian/libdebian-installer4-udeb/lib
- install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer-extra.so.4 $(CURDIR)/debian/libdebian-installer-extra4-udeb/lib
+ install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer.so.5 $(CURDIR)/debian/libdebian-installer5-udeb/lib
+ install $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libdebian-installer-extra.so.5 $(CURDIR)/debian/libdebian-installer-extra5-udeb/lib
dh_install --sourcedir=debian/tmp
override_dh_makeshlibs:
- dh_makeshlibs -plibdebian-installer4 -V \
- --add-udeb=libdebian-installer4-udeb
- dh_makeshlibs -plibdebian-installer-extra4 -V \
- --add-udeb=libdebian-installer-extra4-udeb
+ dh_makeshlibs -plibdebian-installer5 -V \
+ --add-udeb=libdebian-installer5-udeb
+ dh_makeshlibs -plibdebian-installer-extra5 -V \
+ --add-udeb=libdebian-installer-extra5-udeb
override_dh_shlibdeps:
- dh_shlibdeps -N libdebian-installer-extra4 -N libdebian-installer-extra4-udeb
- dh_shlibdeps -p libdebian-installer-extra4 -p libdebian-installer-extra4-udeb -- -L$(CURDIR)/debian/libdebian-installer-extra4.shlibs.local
+ dh_shlibdeps -N libdebian-installer-extra5 -N libdebian-installer-extra5-udeb
+ dh_shlibdeps -p libdebian-installer-extra5 -p libdebian-installer-extra5-udeb -- -L$(CURDIR)/debian/libdebian-installer-extra5.shlibs.local
diff --git a/include/debian-installer/package.h b/include/debian-installer/package.h
index 72d7444..e1f699d 100644
--- a/include/debian-installer/package.h
+++ b/include/debian-installer/package.h
@@ -112,7 +112,7 @@ struct di_package
di_slist depends; /**< Any different dependency types */
char *filename; /**< Filename field */
size_t size; /**< Size field */
- char *md5sum; /**< MD5Sum field */
+ char *sha256; /**< SHA256 field */
char *short_description; /**< Description field, first part*/
char *description; /**< Description field, second part */
unsigned int resolver; /**< @internal */
diff --git a/include/debian-installer/package_internal.h b/include/debian-installer/package_internal.h
index f6357d1..d410ce2 100644
--- a/include/debian-installer/package_internal.h
+++ b/include/debian-installer/package_internal.h
@@ -52,7 +52,7 @@ const di_parser_fieldinfo
internal_di_package_parser_field_enhances,
internal_di_package_parser_field_filename,
internal_di_package_parser_field_size,
- internal_di_package_parser_field_md5sum,
+ internal_di_package_parser_field_sha256,
internal_di_package_parser_field_description;
/**
diff --git a/include/debian-installer/release.h b/include/debian-installer/release.h
index 223a4f8..8e3c572 100644
--- a/include/debian-installer/release.h
+++ b/include/debian-installer/release.h
@@ -40,7 +40,7 @@ struct di_release
char *origin; /**< Origin field */
char *suite; /**< Suite field */
char *codename; /**< Codename field */
- di_hash_table *md5sum; /**< checksum fields, includes di_release_file */
+ di_hash_table *sha256; /**< checksum fields, includes di_release_file */
di_mem_chunk *release_file_mem_chunk; /**< @internal */
};
@@ -55,7 +55,7 @@ struct di_release_file
di_rstring key; /**< @internal */
};
unsigned int size; /**< size */
- char *sum[2]; /**< checksums, currently md5 and sha1 */
+ char *sum[2]; /**< checksums, currently md5 and sha256 */
};
di_release *di_release_alloc (void);
diff --git a/src/package.c b/src/package.c
index 653b5dd..82c7653 100644
--- a/src/package.c
+++ b/src/package.c
@@ -38,7 +38,7 @@ void di_package_destroy (di_package *package)
di_free (package->architecture);
di_free (package->version);
di_free (package->filename);
- di_free (package->md5sum);
+ di_free (package->sha256);
di_free (package->short_description);
di_free (package->description);
diff --git a/src/package_parser.c b/src/package_parser.c
index 6d6a5e7..de80d7e 100644
--- a/src/package_parser.c
+++ b/src/package_parser.c
@@ -180,13 +180,13 @@ const di_parser_fieldinfo
di_parser_write_int,
offsetof (di_package, size)
),
- internal_di_package_parser_field_md5sum =
+ internal_di_package_parser_field_sha256 =
DI_PARSER_FIELDINFO
(
- "MD5sum",
+ "SHA256",
di_parser_read_string,
di_parser_write_string,
- offsetof (di_package, md5sum)
+ offsetof (di_package, sha256)
),
internal_di_package_parser_field_description =
DI_PARSER_FIELDINFO
@@ -217,7 +217,7 @@ const di_parser_fieldinfo *di_package_parser_fieldinfo[] =
&internal_di_package_parser_field_enhances,
&internal_di_package_parser_field_filename,
&internal_di_package_parser_field_size,
- &internal_di_package_parser_field_md5sum,
+ &internal_di_package_parser_field_sha256,
&internal_di_package_parser_field_description,
NULL
};
diff --git a/src/packages_parser.c b/src/packages_parser.c
index ac5c06b..30d66ba 100644
--- a/src/packages_parser.c
+++ b/src/packages_parser.c
@@ -65,7 +65,7 @@ const di_parser_fieldinfo *di_packages_parser_fieldinfo[] =
&internal_di_package_parser_field_enhances,
&internal_di_package_parser_field_filename,
&internal_di_package_parser_field_size,
- &internal_di_package_parser_field_md5sum,
+ &internal_di_package_parser_field_sha256,
&internal_di_package_parser_field_description,
NULL
};
@@ -109,7 +109,7 @@ const di_parser_fieldinfo *di_packages_minimal_parser_fieldinfo[] =
&internal_di_package_parser_field_depends,
&internal_di_package_parser_field_pre_depends,
&internal_di_package_parser_field_filename,
- &internal_di_package_parser_field_md5sum,
+ &internal_di_package_parser_field_sha256,
&internal_di_package_parser_field_size,
NULL
};
diff --git a/src/release.c b/src/release.c
index 7cc7cbf..7aff0d7 100644
--- a/src/release.c
+++ b/src/release.c
@@ -69,10 +69,10 @@ const di_parser_fieldinfo
NULL,
0
),
- internal_di_release_parser_field_sha1 =
+ internal_di_release_parser_field_sha256 =
DI_PARSER_FIELDINFO
(
- "SHA1",
+ "SHA256",
di_release_parser_read_file,
NULL,
1
@@ -87,7 +87,7 @@ const di_parser_fieldinfo *di_release_parser_fieldinfo[] =
&internal_di_release_parser_field_suite,
&internal_di_release_parser_field_codename,
&internal_di_release_parser_field_md5sum,
- &internal_di_release_parser_field_sha1,
+ &internal_di_release_parser_field_sha256,
NULL
};
@@ -110,7 +110,7 @@ di_release *di_release_alloc (void)
di_release *ret;
ret = di_new0 (di_release, 1);
- ret->md5sum = di_hash_table_new_full (di_rstring_hash, di_rstring_equal, NULL, internal_di_release_file_destroy_func);
+ ret->sha256 = di_hash_table_new_full (di_rstring_hash, di_rstring_equal, NULL, internal_di_release_file_destroy_func);
ret->release_file_mem_chunk = di_mem_chunk_new (sizeof (di_release_file), 4096);
return ret;
@@ -124,7 +124,7 @@ void di_release_free (di_release *release)
di_free (release->origin);
di_free (release->suite);
di_free (release->codename);
- di_hash_table_destroy (release->md5sum);
+ di_hash_table_destroy (release->sha256);
di_mem_chunk_destroy (release->release_file_mem_chunk);
di_free (release);
}
@@ -169,7 +169,7 @@ void di_release_parser_read_file (data, fip, field_modifier, value, user_data)
int ret;
size_t buf_size;
di_release *release = *data;
- di_hash_table *table = release->md5sum;
+ di_hash_table *table = release->sha256;
while (1)
{
Attachment:
signature.asc
Description: Digital signature