From 46d0799c43e31ca04108cfb31b59486f1a7989db Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Mon, 13 Nov 2017 17:00:58 +0100 Subject: [PATCH] cgi-io: support SHA256 checksums for file uploads Report SHA256 checksums in addition to the MD5 ones to make cgi-io suitable for sysupgrade image verification. Also allow stat(), md5sum and/or sha256sum to fail and respond with a JSON null value instead, leaving it to the frontend to handle errors as needed. Fixes #4790. Signed-off-by: Jo-Philipp Wich --- net/cgi-io/Makefile | 2 +- net/cgi-io/src/main.c | 33 +++++++++++++++++++++++---------- 2 files changed, 24 insertions(+), 11 deletions(-) diff --git a/net/cgi-io/Makefile b/net/cgi-io/Makefile index b8dd6f071..cda049463 100644 --- a/net/cgi-io/Makefile +++ b/net/cgi-io/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cgi-io -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_LICENSE:=GPL-2.0+ diff --git a/net/cgi-io/src/main.c b/net/cgi-io/src/main.c index 7760edaf4..2bfec623b 100644 --- a/net/cgi-io/src/main.c +++ b/net/cgi-io/src/main.c @@ -117,11 +117,11 @@ out: } static char * -md5sum(const char *file) +checksum(const char *applet, size_t sumlen, const char *file) { pid_t pid; int fds[2]; - static char md5[33]; + static char chksum[65]; if (pipe(fds)) return NULL; @@ -141,20 +141,20 @@ md5sum(const char *file) close(fds[0]); close(fds[1]); - if (execl("/bin/busybox", "/bin/busybox", "md5sum", file, NULL)) + if (execl("/bin/busybox", "/bin/busybox", applet, file, NULL)) return NULL; break; default: - memset(md5, 0, sizeof(md5)); - read(fds[0], md5, 32); + memset(chksum, 0, sizeof(chksum)); + read(fds[0], chksum, sumlen); waitpid(pid, NULL, 0); close(fds[0]); close(fds[1]); } - return md5; + return chksum; } static char * @@ -266,7 +266,7 @@ postdecode(char **fields, int n_fields) static int response(bool success, const char *message) { - char *md5; + char *chksum; struct stat s; printf("Status: 200 OK\r\n"); @@ -274,9 +274,22 @@ response(bool success, const char *message) if (success) { - if (!stat(st.filename, &s) && (md5 = md5sum(st.filename)) != NULL) - printf("\t\"size\": %u,\n\t\"checksum\": \"%s\"\n", - (unsigned int)s.st_size, md5); + if (!stat(st.filename, &s)) + printf("\t\"size\": %u,\n", (unsigned int)s.st_size); + else + printf("\t\"size\": null,\n"); + + chksum = checksum("md5sum", 32, st.filename); + printf("\t\"checksum\": %s%s%s,\n", + chksum ? "\"" : "", + chksum ? chksum : "null", + chksum ? "\"" : ""); + + chksum = checksum("sha256sum", 64, st.filename); + printf("\t\"sha256sum\": %s%s%s\n", + chksum ? "\"" : "", + chksum ? chksum : "null", + chksum ? "\"" : ""); } else {