diff options
| author | Robert Griebl <robert.griebl@pelagicore.com> | 2015-09-30 12:22:59 +0200 |
|---|---|---|
| committer | Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com> | 2015-10-19 14:27:57 +0200 |
| commit | 931be0f2ce05374b7ae690baad9e836d86780329 (patch) | |
| tree | a04892f86233e3c02fedeea7e81bd3918d34d6dd | |
| parent | 7208b0beffe52a2b6a7fce5a90b3441de95a3ae9 (diff) | |
Fix digest computation for directories
| -rw-r--r-- | store/utilities.py | 104 |
1 files changed, 53 insertions, 51 deletions
diff --git a/store/utilities.py b/store/utilities.py index fee6993..31d2b98 100644 --- a/store/utilities.py +++ b/store/utilities.py @@ -6,6 +6,7 @@ import sys import tarfile import tempfile import base64 +import os from M2Crypto import SMIME, BIO, X509 from OpenSSL.crypto import load_pkcs12, FILETYPE_PEM, dump_privatekey, dump_certificate @@ -179,12 +180,17 @@ def parsePackageMetadata(packageFile): if not entry.name.startswith('--PACKAGE-'): addToDigest1 = '%s/%s/' % ('D' if entry.isdir() else 'F', 0 if entry.isdir() else entry.size) - addToDigest2 = unicode(entry.name, 'utf-8').encode('utf-8') + entryName = entry.name + if entry.isdir() and entryName.endswith('/'): + entryName = entryName[:-1] + entryName = os.path.basename(entryName) + addToDigest2 = unicode(entryName, 'utf-8').encode('utf-8') - #print >>sys.stderr, addToDigest1 - #print >>sys.stderr, addToDigest2 + ## print >>sys.stderr, addToDigest1 + ## print >>sys.stderr, addToDigest2 - digest.update(contents) + if entry.isfile(): + digest.update(contents) digest.update(addToDigest1) digest.update(addToDigest2) @@ -239,66 +245,62 @@ def parsePackageMetadata(packageFile): def parseAndValidatePackageMetadata(packageFile, certificates = []): pkgdata = parsePackageMetadata(packageFile) - try: - partFields = { 'header': [ 'applicationId', 'diskSpaceUsed' ], - 'info': [ 'id', 'name', 'icon' ], - 'footer': [ 'digest' ], - 'icon': [], - 'digest': [] } - - for part in partFields.keys(): - if not part in pkgdata: - raise Exception('package metadata is missing the %s part' % part) - data = pkgdata[part] + partFields = { 'header': [ 'applicationId', 'diskSpaceUsed' ], + 'info': [ 'id', 'name', 'icon' ], + 'footer': [ 'digest' ], + 'icon': [], + 'digest': [] } - for field in partFields[part]: - if field not in data: - raise Exception('metadata %s is missing in the %s part' % (field, part)) + for part in partFields.keys(): + if not part in pkgdata: + raise Exception('package metadata is missing the %s part' % part) + data = pkgdata[part] - if pkgdata['header']['applicationId'] != pkgdata['info']['id']: - raise Exception('the id fields in --PACKAGE-HEADER-- and info.yaml are different: %s vs. %s' % (pkgdata['header']['applicationId'], pkgdata['info']['id'])) + for field in partFields[part]: + if field not in data: + raise Exception('metadata %s is missing in the %s part' % (field, part)) - error = '' - if not isValidDnsName(pkgdata['info']['id'], error): - raise Exception('invalid id: %s' % error) + if pkgdata['header']['applicationId'] != pkgdata['info']['id']: + raise Exception('the id fields in --PACKAGE-HEADER-- and info.yaml are different: %s vs. %s' % (pkgdata['header']['applicationId'], pkgdata['info']['id'])) - if pkgdata['header']['diskSpaceUsed'] <= 0: - raise Exception('the diskSpaceUsed field in --PACKAGE-HEADER-- is not > 0, but %d' % pkgdata['header']['diskSpaceUsed']) + error = '' + if not isValidDnsName(pkgdata['info']['id'], error): + raise Exception('invalid id: %s' % error) - if type(pkgdata['info']['name']) != type({}): - raise Exception('invalid name: not a dictionary') + if pkgdata['header']['diskSpaceUsed'] <= 0: + raise Exception('the diskSpaceUsed field in --PACKAGE-HEADER-- is not > 0, but %d' % pkgdata['header']['diskSpaceUsed']) - name = '' - if 'en' in pkgdata['info']['name']: - name = pkgdata['info']['name']['en'] - elif 'en_US' in pkgdata['info']['name']: - name = pkgdata['info']['name']['en_US'] - elif len(pkgdata['info']['name']) > 0: - name = pkgdata['info']['name'].values()[0] + if type(pkgdata['info']['name']) != type({}): + raise Exception('invalid name: not a dictionary') - if len(name) == 0: - raise Exception('could not deduce a suitable package name from the info part') + name = '' + if 'en' in pkgdata['info']['name']: + name = pkgdata['info']['name']['en'] + elif 'en_US' in pkgdata['info']['name']: + name = pkgdata['info']['name']['en_US'] + elif len(pkgdata['info']['name']) > 0: + name = pkgdata['info']['name'].values()[0] - pkgdata['storeName'] = name + if len(name) == 0: + raise Exception('could not deduce a suitable package name from the info part') - if pkgdata['digest'] != pkgdata['footer']['digest']: - raise Exception('digest does not match, is: %s, but should be %s' % (pkgdata['digest'], pkgdata['footer']['digest'])) - if 'storeSignature' in pkgdata['footer']: - raise Exception('cannot upload a package with an existing storeSignature field') + pkgdata['storeName'] = name - if not settings.APPSTORE_NO_SECURITY: - if not 'developerSignature' in pkgdata['footer']: - raise Exception('cannot upload a package without a developer signature') + if pkgdata['digest'] != pkgdata['footer']['digest']: + raise Exception('digest does not match, is: %s, but should be %s' % (pkgdata['digest'], pkgdata['footer']['digest'])) + if 'storeSignature' in pkgdata['footer']: + raise Exception('cannot upload a package with an existing storeSignature field') - certificates = [] - for certFile in settings.APPSTORE_DEV_VERIFY_CA_CERTIFICATES: - with open(certFile, 'rb') as cert: - certificates.append(cert.read()) + if not settings.APPSTORE_NO_SECURITY: + if not 'developerSignature' in pkgdata['footer']: + raise Exception('cannot upload a package without a developer signature') - verifySignature(pkgdata['footer']['developerSignature'], pkgdata['rawDigest'], certificates) + certificates = [] + for certFile in settings.APPSTORE_DEV_VERIFY_CA_CERTIFICATES: + with open(certFile, 'rb') as cert: + certificates.append(cert.read()) - except Exception as error: - raise Exception(str(error)) + verifySignature(pkgdata['footer']['developerSignature'], pkgdata['rawDigest'], certificates) return pkgdata |