From mi@aldan.algebra.com  Mon Feb  4 18:54:26 2002
Return-Path: <mi@aldan.algebra.com>
Received: from aldan.algebra.com (aldan.algebra.com [216.254.65.224])
	by hub.freebsd.org (Postfix) with ESMTP id 9CB1037B417
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  4 Feb 2002 18:54:25 -0800 (PST)
Received: (from mi@localhost)
	by aldan.algebra.com (8.11.6/8.11.5) id g152s2K41050;
	Mon, 4 Feb 2002 21:54:02 -0500 (EST)
	(envelope-from mi)
Message-Id: <200202050254.g152s2K41050@aldan.algebra.com>
Date: Mon, 4 Feb 2002 21:54:02 -0500 (EST)
From: Mikhail Teterin <mi@aldan.algebra.com>
Reply-To: Mikhail Teterin <mi@aldan.algebra.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: pkg-routines ignore the recorded md5 checksums
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         34628
>Category:       bin
>Synopsis:       [patch] pkg_add(1) pkg-routines ignore the recorded md5 checksums
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    portmgr
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Feb 04 19:00:01 PST 2002
>Closed-Date:    Sat May 12 02:16:55 UTC 2012
>Last-Modified:  Sat May 12 02:16:55 UTC 2012
>Originator:     Mikhail Teterin
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
Virtual Estates, Inc.
>Environment:
System: FreeBSD aldan.algebra.com 5.0-CURRENT FreeBSD 5.0-CURRENT #1: Thu Jan 3 21:38:15 EST 2002 mi@aldan.algebra.com:/ccd/obj/ccd/src/sys/DEBUG i386


>Description:

	Currently the pkg-plist handling code in pkg_install/lib and
	elsewhere ignores the recorded md5 checksums recorded for various
	files.

	Upgrading ports from source can often result in different versions
	of the same port claiming the same files and confusing things like
	``pkg_info -W'', which is when md5 checksum
	can be helpful. There could be other uses.

>How-To-Repeat:

	cd /var/db/pkg
	cp -Rp <some package> test-<some package>
	vi test-<some package>/+CONTENTS
	[modify a checksum of a file]
	pkg_info -W <that file>

>Fix:

The  patch  below  makes  pkg_install/lib   parse  and  record  the  md5
checksums, and  pkg_info's -W  option --  use them if  the same  file is
claimed by multiple packages -- the last one having the correct checksum
wins. There could be other usages, I suppose.

Requesting permission to commit this change myself.

Index: info/perform.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/pkg_install/info/perform.c,v
retrieving revision 1.44
diff -U2 -r1.44 perform.c
--- info/perform.c	10 Oct 2001 08:21:41 -0000	1.44
+++ info/perform.c	5 Feb 2002 02:53:43 -0000
@@ -27,4 +27,5 @@
 #include "info.h"
 #include <err.h>
+#include <md5.h>
 #include <signal.h>
 
@@ -381,4 +382,5 @@
 	    } else if (itr->type == PLIST_FILE) {
 		TAILQ_FOREACH(wp, which_list, next) {
+		    char chsum[33] = "\0";
 		    if (wp->skip == TRUE)
 			continue;
@@ -388,4 +390,14 @@
 			warnx("both %s and %s claim to have installed %s\n",
 			      wp->package, installed[i], wp->file);
+		        if (chsum[0] == '\0' && itr->chsum[0] != '\0' &&
+			    MD5File(wp->file, chsum) == NULL)
+			    warnx("can not get %s's md5-sum\n", wp->file);
+			if (chsum[0] != '\0' &&
+			    memcmp(chsum, itr->chsum, 32) == 0) {
+				warnx("%s has the right checksum "
+				    "recorded for %s (%s)\n",
+				    installed[i], wp->file, chsum);
+				strlcpy(wp->package, installed[i], PATH_MAX);
+			}
 		    } else {
 			strlcpy(wp->package, installed[i], PATH_MAX);
cvs server: Diffing lib
Index: lib/lib.h
===================================================================
RCS file: /home/ncvs/src/usr.sbin/pkg_install/lib/lib.h,v
retrieving revision 1.40
diff -U2 -r1.40 lib.h
--- lib/lib.h	10 Oct 2001 08:21:41 -0000	1.40
+++ lib/lib.h	5 Feb 2002 02:53:43 -0000
@@ -109,4 +109,5 @@
     Boolean marked;
     plist_t type;
+    char chsum[33];
 };
 typedef struct _plist *PackingList;
Index: lib/plist.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/pkg_install/lib/plist.c,v
retrieving revision 1.36
diff -U2 -r1.36 plist.c
--- lib/plist.c	10 Oct 2001 08:21:41 -0000	1.36
+++ lib/plist.c	5 Feb 2002 02:53:43 -0000
@@ -280,4 +280,7 @@
 	    }
 	}
+	/* This may be the MD5 sum of the last entry: */
+	if (cmd == PLIST_COMMENT)
+	    sscanf(cp, "MD5:%32s", pkg->tail->chsum);
 bottom:
 	add_plist(pkg, cmd, cp);
cvs server: Diffing pkg
cvs server: Diffing sign
cvs server: Diffing update
cvs server: Diffing version

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->sobomax 
Responsible-Changed-By: mi 
Responsible-Changed-When: Mon Mar 18 21:56:43 PST 2002 
Responsible-Changed-Why:  
Please resubmit this patch as a PR and assign to me, so that I'll 
review/commit it when I have a time. 

-Maxim 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34628 
State-Changed-From-To: open->feedback 
State-Changed-By: sobomax 
State-Changed-When: Fri Aug 30 09:07:17 PDT 2002 
State-Changed-Why:  
I really doubt that we need something like that, because situatuons when 
multiple packages claim ownership of the same file should be in fact highly 
discouraged, now worked around. Consider situation when user edits 
some file in LOCALBASE or X11BASE - I really don't see why in this case 
pkg_info -W <that file> should report nothing. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34628 
State-Changed-From-To: feedback->open 
State-Changed-By: mi 
State-Changed-When: Mon Sep 16 12:16:39 PDT 2002 
State-Changed-Why:  
Transfer to a someone, who, at least, does not question the need 
for the functionality... 


Responsible-Changed-From-To: sobomax->jkh 
Responsible-Changed-By: mi 
Responsible-Changed-When: Mon Sep 16 12:16:39 PDT 2002 
Responsible-Changed-Why:  
Transfer to a someone, who, at least, does not question the need 
for the functionality... 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34628 
Responsible-Changed-From-To: jkh->freebsd-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Mon Sep 19 15:15:58 GMT 2005 
Responsible-Changed-Why:  
Current assignee agrees this one should be returned to the general pool. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34628 
State-Changed-From-To: open->closed 
State-Changed-By: erwin 
State-Changed-When: Tue Nov 14 21:50:19 UTC 2006 
State-Changed-Why:  
I agree with sobomax that this functionality is not needed 
and adds unnecessary overhead. No ports should ever install 
the same file, that's what CONFLICTS are for, and there 
should never be installed multiple versions of the same port. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34628 
State-Changed-From-To: closed->open 
State-Changed-By: mi 
State-Changed-When: Tue Aug 28 03:51:57 UTC 2007 
State-Changed-Why:  
On Erwin's suggestion re-open, and assign to portmgr. 


Responsible-Changed-From-To: freebsd-bugs->portmgr 
Responsible-Changed-By: mi 
Responsible-Changed-When: Tue Aug 28 03:51:57 UTC 2007 
Responsible-Changed-Why:  
On Erwin's suggestion re-open, and assign to portmgr. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34628 

From: Mikhail Teterin <mi+kde@aldan.algebra.com>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: bin/34628: [pkg_install] [patch] pkg-routines ignore the recorded md5 checksums
Date: Mon, 27 Aug 2007 23:51:26 -0400

 On Erwin's suggestion, here is the link to the most up-to-date patch:
 
 	http://aldan.algebra.com/~mi/pkg-2.diff
 
 In addition to the original verification of md5-checksums, when multiple 
 installed packages claim the same file (a situation, which is not supposed to 
 happen, but often does), it also:
 
 	a) unifies MD5-handling a little, reducing code-repetition;
 	b) reduces memory foot-print by storing the checksums as 16
 	   bytes worth of integers instead of the complete entries:
 	        MD5:... 32 bytes + '\0' ....
 	c) gets rid of the -lmd in favor of -lcrypto, where easy --
 	   the tools already link with -lfetch, which brings in -lcrypto
 	   anyway. Plus OpenSSL's implementation of MD5 may be asm-optimized
 
 Please, consider. Thanks,
 
 	-mi
State-Changed-From-To: open->closed 
State-Changed-By: tabthorpe 
State-Changed-When: Sat May 12 02:16:53 UTC 2012 
State-Changed-Why:  
MD5 has been deprecated 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34628 
>Unformatted:
