opkg_verify_integrity: better logging and error conditions

The function now always returns an error if size/checksum don't match: we
let the caller decide what to do with the result.

In addition, most of the logging is also moved to the caller.  We just
keep logging for unexpected errors and a bit of debug at loglevel INFO.

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>

diff --git a/libopkg/opkg_download.c b/libopkg/opkg_download.c
index 59123d25babfa2d05cf373ead8ac04ec857af95a..cce4b6d77ea464ec789b3b609be38e35b78fd15b 100644 (file)
--- a/libopkg/opkg_download.c
+++ b/libopkg/opkg_download.c
@@ -55,16 +55,11 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename)
        pkg_expected_size = pkg_get_int(pkg, PKG_SIZE);
 
        if (pkg_expected_size > 0 && pkg_stat.st_size != pkg_expected_size) {
-               if (!conf->force_checksum) {
-                       opkg_msg(ERROR,
-                                "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n",
-                                pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size);
-                       return -1;
-               } else {
-                       opkg_msg(NOTICE,
-                                "Ignored %s size mismatch.\n",
-                                pkg->name);
-               }
+               opkg_msg(INFO,
+                        "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n",
+                        pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size);
+               err = -1;
+               goto out;
        }
 
        /* Check for md5 values */
@@ -72,17 +67,11 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename)
        if (pkg_md5) {
                file_md5 = file_md5sum_alloc(filename);
                if (file_md5 && strcmp(file_md5, pkg_md5)) {
-                       if (!conf->force_checksum) {
-                               opkg_msg(ERROR, "Package %s md5sum mismatch. "
-                                        "Either the opkg or the package index are corrupt. "
-                                        "Try 'opkg update'.\n", pkg->name);
-                               free(file_md5);
-                               return -1;
-                       } else {
-                               opkg_msg(NOTICE,
-                                        "Ignored %s md5sum mismatch.\n",
-                                        pkg->name);
-                       }
+                       opkg_msg(INFO, "Package %s md5sum mismatch.\n",
+                                pkg->name);
+                       err = -1;
+                       free(file_md5);
+                       goto out;
                }
                if (file_md5)
                        free(file_md5);
@@ -93,23 +82,17 @@ int opkg_verify_integrity(pkg_t *pkg, const char *filename)
        if (pkg_sha256) {
                file_sha256 = file_sha256sum_alloc(filename);
                if (file_sha256 && strcmp(file_sha256, pkg_sha256)) {
-                       if (!conf->force_checksum) {
-                               opkg_msg(ERROR,
-                                        "Package %s sha256sum mismatch. "
-                                        "Either the opkg or the package index are corrupt. "
-                                        "Try 'opkg update'.\n", pkg->name);
-                               free(file_sha256);
-                               return -1;
-                       } else {
-                               opkg_msg(NOTICE,
-                                        "Ignored %s sha256sum mismatch.\n",
-                                        pkg->name);
-                       }
+                       opkg_msg(INFO, "Package %s sha256sum mismatch.\n",
+                                pkg->name);
+                       err = -1;
+                       free(file_sha256);
+                       goto out;
                }
                if (file_sha256)
                        free(file_sha256);
        }
 
+out:
        return err;
 }
 

diff --git a/libopkg/opkg_install.c b/libopkg/opkg_install.c
index c6dda4876dc276d322d0fbe68b7d0c5330ad15a8..68fb9ea246f3c9321e726a7f2a0493cf6d8048c0 100644 (file)
--- a/libopkg/opkg_install.c
+++ b/libopkg/opkg_install.c
@@ -1363,9 +1363,18 @@ int opkg_install_pkg(pkg_t * pkg, int from_upgrade)
        }
 #endif
 
+       /* Check integrity (size, checksums) */
        err = opkg_verify_integrity(pkg, local_filename);
-       if (err)
+       if (err && !conf->force_checksum) {
+               opkg_msg(ERROR, "Checksum or size mismatch for package %s. "
+                        "Either the opkg or the package index are corrupt. "
+                        "Try 'opkg update'.\n", pkg->name);
                return -1;
+       }
+       if (err && conf->force_checksum) {
+               opkg_msg(NOTICE, "Ignored %s checksum or size mismatch.\n",
+                       pkg->name);
+       }
 
        if (conf->download_only) {
                if (conf->nodeps == 0) {