diff options
author | Yu Ke <ke.yu@intel.com> | 2010-12-17 13:52:52 +0800 |
---|---|---|
committer | Richard Purdie <rpurdie@linux.intel.com> | 2010-12-20 15:24:52 +0000 |
commit | b8d69d6f6e41896046a07f6ffb5d156ed23c6556 (patch) | |
tree | 12cefc02898c27a28526516d4e3e2f29f855aa8f /bitbake/lib | |
parent | 670c18c3ef8f1199b776d5826806e31a827007df (diff) | |
download | poky-b8d69d6f6e41896046a07f6ffb5d156ed23c6556.tar.gz |
FetchData: add SRC_URI checksum
This patch add the per-recipe SRC_URI checksum verification.
- SRC_URI format
The format of SRC_URI checksum follow OE definition:
1. SRC_URI has single src
SRC_URI = "http://some.domain/file.tar.gz"
SRC_URI[md5sum] = "xxxxxxxxxxxxxxx"
SRC_URI[sha256sum] = "xxxxxxxxxxxxxxxxxxxxxx"
2. SRC_URI has multiple src, every src need specify name
SRC_URI = "http://some.domain/file1.tar.gz;name=name1 \
http://some.domain/file2.tar.gz;name=name2 "
SRC_URI[name1.md5sum] = "xxxxxxxxxxxxxxx"
SRC_URI[name1.sha256sum] = "xxxxxxxxxxxxxxxxxxxxxx"
SRC_URI[name2.md5sum] = "xxxxxxxxxxxxxxx"
SRC_URI[name2.sha256sum] = "xxxxxxxxxxxxxxxxxxxxxx"
- SRC_URI checking invocation:
the checksum checking is invoked in do_fetch phase,
so it can be invoked manually by
# bitbake -f -c fetch <recipe_name>
if recipes has no SRC_URI checksum item, bitbake will show warning:
"
WARNING: Missing SRC_URI checksum for xxxx.tar.gz, consider to add
SRC_URI[md5sum] = "5c69f16d452b0bb3d44bc3c10556c072"
SRC_URI[sha256sum] = "f4e0ada8d4d516bbb8600a3ee7d9046c9c79e38cd781df9ffc46d8f16acd1768"
"
thus recipe author can add it to recpie file after SRC_URI
- control variable BB_STRICT_CHECKSUM
when SRC_URI checksum is missing, this variable decide pass or not
if BB_STRICT_CHECKSUM = "1", bitbake should fatal in this case, otherwise bitbake just pass
Signed-off-by: Yu Ke <ke.yu@intel.com>
Diffstat (limited to 'bitbake/lib')
-rw-r--r-- | bitbake/lib/bb/fetch/__init__.py | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/bitbake/lib/bb/fetch/__init__.py b/bitbake/lib/bb/fetch/__init__.py index 50955f16f1..387de669e1 100644 --- a/bitbake/lib/bb/fetch/__init__.py +++ b/bitbake/lib/bb/fetch/__init__.py | |||
@@ -231,6 +231,42 @@ def removefile(f): | |||
231 | except: | 231 | except: |
232 | pass | 232 | pass |
233 | 233 | ||
234 | def verify_checksum(d, ud): | ||
235 | """ | ||
236 | verify the MD5 and SHA256 checksum for downloaded src | ||
237 | |||
238 | return value: | ||
239 | - True: checksum matched | ||
240 | - False: checksum unmatched | ||
241 | |||
242 | if checksum is missing in recipes file, "BB_STRICT_CHECKSUM" decide the return value. | ||
243 | if BB_STRICT_CHECKSUM = "1" then return false as unmatched, otherwise return true as | ||
244 | matched | ||
245 | """ | ||
246 | |||
247 | if not ud.type in ["http", "https", "ftp", "ftps"]: | ||
248 | return True | ||
249 | |||
250 | md5data = bb.utils.md5_file(ud.localpath) | ||
251 | sha256data = bb.utils.sha256_file(ud.localpath) | ||
252 | |||
253 | if (ud.md5_expected == None or ud.sha256_expected == None): | ||
254 | bb.warn("Missing SRC_URI checksum for %s, consider to add\n" \ | ||
255 | "SRC_URI[%s] = \"%s\"\nSRC_URI[%s] = \"%s\"" \ | ||
256 | % (ud.localpath, ud.md5_name, md5data, ud.sha256_name, sha256data)) | ||
257 | if bb.data.getVar("BB_STRICT_CHECKSUM", d, True) == "1": | ||
258 | return False | ||
259 | else: | ||
260 | return True | ||
261 | |||
262 | if (ud.md5_expected != md5data or ud.sha256_expected != sha256data): | ||
263 | bb.error("The checksums for '%s' did not match." % ud.localpath) | ||
264 | bb.error("Expected MD5: '%s' and Got: '%s'" % (ud.md5_expected, md5data)) | ||
265 | bb.error("Expected SHA256: '%s' and Got: '%s'" % (ud.sha256_expected, sha256data)) | ||
266 | return False | ||
267 | |||
268 | return True | ||
269 | |||
234 | def go(d, urls = None): | 270 | def go(d, urls = None): |
235 | """ | 271 | """ |
236 | Fetch all urls | 272 | Fetch all urls |
@@ -283,6 +319,9 @@ def go(d, urls = None): | |||
283 | else: | 319 | else: |
284 | Fetch.write_md5sum(u, ud, d) | 320 | Fetch.write_md5sum(u, ud, d) |
285 | 321 | ||
322 | if not verify_checksum(d, ud): | ||
323 | raise FetchError("%s checksum mismatch." % u) | ||
324 | |||
286 | bb.utils.unlockfile(lf) | 325 | bb.utils.unlockfile(lf) |
287 | 326 | ||
288 | def checkstatus(d, urls = None): | 327 | def checkstatus(d, urls = None): |
@@ -502,6 +541,16 @@ class FetchData(object): | |||
502 | if not self.pswd and "pswd" in self.parm: | 541 | if not self.pswd and "pswd" in self.parm: |
503 | self.pswd = self.parm["pswd"] | 542 | self.pswd = self.parm["pswd"] |
504 | self.setup = False | 543 | self.setup = False |
544 | |||
545 | if "name" in self.parm: | ||
546 | self.md5_name = "%s.md5sum" % self.parm["name"] | ||
547 | self.sha256_name = "%s.sha256sum" % self.parm["name"] | ||
548 | else: | ||
549 | self.md5_name = "md5sum" | ||
550 | self.sha256_name = "sha256sum" | ||
551 | self.md5_expected = bb.data.getVarFlag("SRC_URI", self.md5_name, d) | ||
552 | self.sha256_expected = bb.data.getVarFlag("SRC_URI", self.sha256_name, d) | ||
553 | |||
505 | for m in methods: | 554 | for m in methods: |
506 | if m.supports(url, self, d): | 555 | if m.supports(url, self, d): |
507 | self.method = m | 556 | self.method = m |