install_with_python: Secure Python download with sha256 checks.

Christian Ambach ambi at samba.org
Tue Jun 23 14:45:40 MDT 2015


Hi Adrian,

Am 19.06.15 01:13, schrieb Adrian Cochrane:
> O.K. Here's an update to my patch which removes the tempfile specifying
> the hash to check against. Shouldn't really matter as the containing
> directory is removed anyways. And while I was at it I added md5 support.

 > +            md5sum --status -c checksums.md5
Isnt't there a || exit 1 missing here to abort the processing when the 
check fails?

>
> +            sha256sum --status -c checksums.sha256 || exit 1
> +            rm checksums.sha256

If the check fails, the file will not be removed.
But looking at the surrounding code, the same problem is true for nearly 
everything else that happens in do_install_python() as
the check_something || exit 1 pattern is used consistently.
But exit 1 makes the shell exit immediately and the final cleanup
 > rm -rf python_install
in line 45 will only be reached if everything worked fine.

I am not sure how to realize it in a shell script, but using the same 
technique that is used in Samba's portions written in C would make this 
look much cleaner (and less polluted by all of the exit statements).
Something in the line of
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
       if command -v sha256sum
        then
             echo "xxx  Python-2.6.5.tar" > checksums.sha256
             sha256sum --status -c checksums.sha256 || goto error
        else
             echo "c83c...  Python-2.6.5.tar" > checksums.md5
             md5sum --status -c checksums.md5 || goto error
        fi

:error

:out
cd ..
rm -rf python_install

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

What do you think?

Cheers,
Christian



More information about the samba-technical mailing list