diff options
| author | Boris Kolpackov <boris@codesynthesis.com> | 2016-01-24 14:46:19 +0200 |
|---|---|---|
| committer | Boris Kolpackov <boris@codesynthesis.com> | 2016-01-30 12:32:32 +0200 |
| commit | 67a0e8d70f0caf8b85e0cf2031333236b2a3dcdf (patch) | |
| tree | 3a7d71cd1553338cccb19190dc47bfceafd52499 /bpkg/pkg-fetch.cxx | |
| parent | cf86194e91d55464f9c137258e4157415d196697 (diff) | |
Add checksum verification
Diffstat (limited to 'bpkg/pkg-fetch.cxx')
| -rw-r--r-- | bpkg/pkg-fetch.cxx | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/bpkg/pkg-fetch.cxx b/bpkg/pkg-fetch.cxx index 3032eda..a57059d 100644 --- a/bpkg/pkg-fetch.cxx +++ b/bpkg/pkg-fetch.cxx @@ -11,6 +11,7 @@ #include <bpkg/package> #include <bpkg/package-odb> #include <bpkg/utility> +#include <bpkg/checksum> #include <bpkg/database> #include <bpkg/diagnostics> #include <bpkg/manifest-utility> @@ -23,7 +24,6 @@ using namespace butl; namespace bpkg { - static shared_ptr<selected_package> pkg_fetch (dir_path c, transaction& t, @@ -218,6 +218,20 @@ namespace bpkg path a (fetch_archive (co, pl->repository->location, pl->location, c)); auto_rm arm (a); + // We can't be fetching an archive for a transient object. + // + assert (ap->sha256sum); + + const string& sha256sum (sha256 (co, a)); + if (sha256sum != *ap->sha256sum) + { + fail << "checksum mismatch for " << n << " " << v << + info << pl->repository->name << " has " << *ap->sha256sum << + info << "fetched archive has " << sha256sum << + info << "try again, if problem persists, consider reporting this to " + << "the repository maintainer"; + } + shared_ptr<selected_package> p ( pkg_fetch (c, t, |