Implement ISO hash check #41
Conversation
resolves #39
There was a problem hiding this comment.
@SibrenVasse Thanks again Sibren!
See my comments.
Can you also provide me a summary of the manual tests you did ?
You can write something in the form:
Test 1
Preconditions :
- file.iso exists
- file.iso.md5 exists
- file.iso is valid (...)
Command : bootiso --option file.iso
Behavior: (...text description)
EDIT You can of course have a "foreach" logic if you did the same test for each extension type :-)
SibrenVasse
force-pushed
the
hash-check
branch
2 times, most recently
from
824f63a to
9f12c1a
Compare
|
Alright, so here goes: Valid *.sha256 file
*.sha256 file with incorrect hash (but valid sha256 hash)
*.sha256 not containing a hash for filename
*.sha256 with different hash (BLAKE2 as a test)Hash is assumed to be SHA256 even if invalid length.
SHA1SUMS* file with valid hash
SHA1SUMS* file with incorrect hash (but valid sha1 hash)
SHA1SUMS* file with different hash (BLAKE2 as a test)Hash is assumed to be SHA1 even if invalid length.
SHA1SUMS* not containing a hash for filename
No hash files
No hash files with
|
|
@SibrenVasse Great report! I realised while reading the output : I find the wording "incorrect" a bit too broad. Is the hash file corrupted, the hash of unexpected length or the ISO hash doesn't match the yet valid file hash ? So I would use the word "match" when the two match, "mismatch" when they don't, and something like "unexpected hash file format" when the hash file isn't following the expected format (no filename, unexpected hash length). |
SibrenVasse
force-pushed
the
hash-check
branch
from
9f12c1a to
3a65449
Compare
|
I've changed the strings. Do they seem alright? |
| typeset hashName=$3 # Name of command of hash | ||
|
|
||
| # Hash from hash file | ||
| typeset gHash=$(awk -v pattern="$isoName$" '$0 ~ pattern { print $1; exit }' "$hashPath") |
There was a problem hiding this comment.
I think isoName should be escaped here somehow, it could contain special regex characters (it's user input). Searching for a filename with a '$' fails to find the filename in the hash file.
I'd also like to match more specific '^\w{1,}\s{2}$isoName$', but no idea how to do that with awk. Any ideas?
There was a problem hiding this comment.
This is indeed fragile and error-prone. I suggest the following changes:
Delegate this job to high-profile tools
All the *sum utilities have a --check option ; I think it will be much easier to use them and read the return code with $?. Or just:
if sha256sum --check --strict --status -- "$hashPath" |& indentAll; then
# Test OK
else
# Test fail
# I couldn't find which non-zero exit code correspond to a mismatch or ill-formated file
# So I checked experimentally: those utilities return 1 in all scenarios, unfortunately.
# You can put any hashfile analysis here, and print an error message which gives user
# feedback on either a mismatch was encountered, or an ill-formatted hash file was found
fiFrom info:
The usage and options of these commands are precisely the same as for md5sum and sha1sum. See md5sum invocation.
So we can safely rely on md5sum API for all *sum utilities.
Note the -- which will prevent any misinterpretation of $hashPath.
--strict : "exit non-zero for improperly formatted checksum lines"
Also, from info:
The sums are computed as described in FIPS-180-2. When checking, the input should be a former output of this program. The default mode is to print a line with checksum, a space, a character indicating input mode ('*' for binary, ' ' for text or where binary is insignificant), and name for each FILE.
Reverse the logic of your function
Instead of relying on a pattern match, extract the first word from the hash file to infer the proper hash algorithm and checksum utility to use. That will do the job:
gHash=$(head -- "$hashPath" | cut -d' ' -f1)
| typeset hashName=$3 # Name of command of hash | ||
|
|
||
| # Hash from hash file | ||
| typeset gHash=$(awk -v pattern="$isoName$" '$0 ~ pattern { print $1; exit }' "$hashPath") |
There was a problem hiding this comment.
This is indeed fragile and error-prone. I suggest the following changes:
Delegate this job to high-profile tools
All the *sum utilities have a --check option ; I think it will be much easier to use them and read the return code with $?. Or just:
if sha256sum --check --strict --status -- "$hashPath" |& indentAll; then
# Test OK
else
# Test fail
# I couldn't find which non-zero exit code correspond to a mismatch or ill-formated file
# So I checked experimentally: those utilities return 1 in all scenarios, unfortunately.
# You can put any hashfile analysis here, and print an error message which gives user
# feedback on either a mismatch was encountered, or an ill-formatted hash file was found
fiFrom info:
The usage and options of these commands are precisely the same as for md5sum and sha1sum. See md5sum invocation.
So we can safely rely on md5sum API for all *sum utilities.
Note the -- which will prevent any misinterpretation of $hashPath.
--strict : "exit non-zero for improperly formatted checksum lines"
Also, from info:
The sums are computed as described in FIPS-180-2. When checking, the input should be a former output of this program. The default mode is to print a line with checksum, a space, a character indicating input mode ('*' for binary, ' ' for text or where binary is insignificant), and name for each FILE.
Reverse the logic of your function
Instead of relying on a pattern match, extract the first word from the hash file to infer the proper hash algorithm and checksum utility to use. That will do the job:
gHash=$(head -- "$hashPath" | cut -d' ' -f1)
The disadvantage of using the *sum utilities is that it checks all hashes in the file. This could be a long process, and will also fail if (especially without --ignore-missing):
These cases shouldn't fail if the hash for the current file is correct. So maybe something like this to counter this?
Also, *sum utilities can't check hashfiles in a different directory as the current one. So this won't work:
|
Resolves #16
SibrenVasse
force-pushed
the
hash-check
branch
from
3a65449 to
fff8c07
Compare
Yes, that sounds just perfect to circumvent our issues.
Good point. |
So that was the main reason why I chose to go parsing myself. (I looked at using *sum first) |
This commit is a rework from @SibrenVasse pull request #41 - fix a minor bug where ISO check was run twice, before and after sudo - disable automatic ISO hash check with `--no-hash-check` flag - exit when hash fails with `--force-hash-check` flag - explicitly set a hash file with `--hash-file <file>` flag
|
@SibrenVasse I reworked this PR and pushed to next 9efdcbf, which has been force-pushed since. I made you the author of the commit, since you did a majority of the work. You'll have to reset --hard your own next branch to this repo's next. |
|
@SibrenVasse See also c234df7 |
As discussed in #16.
I moved assertISOIsOK behind checkSudo because this meant you got double output. Does this have any other implications I missed?