cgi-io: support SHA256 checksums for file uploads

Report SHA256 checksums in addition to the MD5 ones to make cgi-io suitable
for sysupgrade image verification.

Also allow stat(), md5sum and/or sha256sum to fail and respond with a JSON
null value instead, leaving it to the frontend to handle errors as needed.

Fixes #4790.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/Makefile b/Makefile
index b8dd6f0713864b71e9769584deda91905b75830f..cda049463bfa8203192f9b1602a64102cc6bdd9a 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=cgi-io
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 
 PKG_LICENSE:=GPL-2.0+
 

diff --git a/src/main.c b/src/main.c
index 7760edaf4f853c31327b3b9518ac87e9db35ac93..2bfec623b00d84b37defb4bccfcc08ff95008924 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -117,11 +117,11 @@ out:
 }
 
 static char *
-md5sum(const char *file)
+checksum(const char *applet, size_t sumlen, const char *file)
 {
        pid_t pid;
        int fds[2];
-       static char md5[33];
+       static char chksum[65];
 
        if (pipe(fds))
                return NULL;
@@ -141,20 +141,20 @@ md5sum(const char *file)
                close(fds[0]);
                close(fds[1]);
 
-               if (execl("/bin/busybox", "/bin/busybox", "md5sum", file, NULL))
+               if (execl("/bin/busybox", "/bin/busybox", applet, file, NULL))
                        return NULL;
 
                break;
 
        default:
-               memset(md5, 0, sizeof(md5));
-               read(fds[0], md5, 32);
+               memset(chksum, 0, sizeof(chksum));
+               read(fds[0], chksum, sumlen);
                waitpid(pid, NULL, 0);
                close(fds[0]);
                close(fds[1]);
        }
 
-       return md5;
+       return chksum;
 }
 
 static char *
@@ -266,7 +266,7 @@ postdecode(char **fields, int n_fields)
 static int
 response(bool success, const char *message)
 {
-       char *md5;
+       char *chksum;
        struct stat s;
 
        printf("Status: 200 OK\r\n");
@@ -274,9 +274,22 @@ response(bool success, const char *message)
 
        if (success)
        {
-               if (!stat(st.filename, &s) && (md5 = md5sum(st.filename)) != NULL)
-                       printf("\t\"size\": %u,\n\t\"checksum\": \"%s\"\n",
-                                  (unsigned int)s.st_size, md5);
+               if (!stat(st.filename, &s))
+                       printf("\t\"size\": %u,\n", (unsigned int)s.st_size);
+               else
+                       printf("\t\"size\": null,\n");
+
+               chksum = checksum("md5sum", 32, st.filename);
+               printf("\t\"checksum\": %s%s%s,\n",
+                       chksum ? "\"" : "",
+                       chksum ? chksum : "null",
+                       chksum ? "\"" : "");
+
+               chksum = checksum("sha256sum", 64, st.filename);
+               printf("\t\"sha256sum\": %s%s%s\n",
+                       chksum ? "\"" : "",
+                       chksum ? chksum : "null",
+                       chksum ? "\"" : "");
        }
        else
        {