<br>Ticket URL: https://fedorahosted.org/koji/ticket/119<br><br><br>$ diff -u ./koji-1.6.0/hub/kojihub.py /usr/share/koji-hub/kojihub.py&nbsp;<br>--- ./koji-1.6.0/hub/kojihub.py<span class="Apple-tab-span" style="white-space:pre">        </span>2010-12-16 16:13:17.000000000 -0500<br>+++ /usr/share/koji-hub/kojihub.py<span class="Apple-tab-span" style="white-space:pre">        </span>2011-12-04 20:17:40.460047608 -0500<br>@@ -51,6 +51,86 @@<br>&nbsp;import zipfile<br>&nbsp;from koji.context import context<br>&nbsp;<br>+import hashlib<br>+import struct<br>+<br>+def sigsha2(fn, cm=None):<br>+<span class="Apple-tab-span" style="white-space:pre">        </span># http://www.iagora.com/~espel/rpm2cpio<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>nel = 0<br>+<span class="Apple-tab-span" style="white-space:pre">        </span>f = open(fn, "r")<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>rpm = f.read(96)<br>+<span class="Apple-tab-span" style="white-space:pre">        </span>if (len(rpm) != 96):<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>#print("error reading lead 96.0")<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br>+<span class="Apple-tab-span" style="white-space:pre">        </span>nel += len(rpm)<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span># http://perldoc.perl.org/functions/pack.html<br>+<span class="Apple-tab-span" style="white-space:pre">        </span># http://docs.python.org/library/struct.html<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>(magic, major, minor, rest) = struct.unpack("&gt;LBB90s", rpm)<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>if (magic != 0xedabeedb):<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>#print("incorrect lead magic")<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>if ((major != 3) and (major != 4)):<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>#print("incorrect lead major")<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span># http://docs.python.org/library/stdtypes.html<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>while (1):<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>pos = nel<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>rpm = f.read(16)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>if (len(rpm) != 16):<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>#print("error reading header 16.0")<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>return cm<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>nel += len(rpm)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>(smagic, rest) = struct.unpack("&gt;H14s", rpm)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>if ((smagic == 0x1f8b) or (smagic == 0x425a) or (smagic == 0xfd37)):<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>break<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>if (pos &amp; 0x7):<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>pos += 7<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>pos &amp;= (~0x7)<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>f.seek(pos, 0)<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>nel = pos<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>rpm = f.read(16)<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>if (len(rpm) != 16):<br>+<span class="Apple-tab-span" style="white-space:pre">                                </span>#print("error reading header 16.1")<br>+<span class="Apple-tab-span" style="white-space:pre">                                </span>return cm<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>nel += len(rpm)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>left = (len(rpm) - 16)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>(magic, data, sections, bytes, rest) = struct.unpack("&gt;4L" + str(left) + "s", rpm)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>if (magic != 0x8eade801):<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>#print("incorrect header magic")<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>return cm<br>+<span class="Apple-tab-span" style="white-space:pre">                </span># beg custom<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>f.seek(pos + 16, 0)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>tmp = f.read((16 * sections) + bytes)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>head = (rpm + tmp)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span># end custom<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>pos += 16<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>pos += (16 * sections)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>pos += bytes<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>f.seek(pos, 0)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>nel = pos<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>while (1):<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>tmp = f.read(16384)<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>if (not tmp):<br>+<span class="Apple-tab-span" style="white-space:pre">                        </span>break<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>rpm += tmp<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>f.close()<br>+<span class="Apple-tab-span" style="white-space:pre">        </span>md5hex = hashlib.md5(head + rpm).hexdigest()<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>if ((cm != None) and (cm != md5hex)):<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>#print("sigmd5 mis-match")<br>+<span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br>+<span class="Apple-tab-span" style="white-space:pre">        </span><br>+<span class="Apple-tab-span" style="white-space:pre">        </span>return hashlib.sha256(head + rpm).hexdigest()<br>&nbsp;<br>&nbsp;logger = logging.getLogger('koji.hub')<br>&nbsp;<br>@@ -4092,12 +4172,13 @@<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;raise koji.GenericError, "srpm mismatch for %s: %s (expected %s)" \<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;% (fn,basename,srpmname)<br>&nbsp;<br>+ &nbsp; &nbsp;hdr_md5 = hdr[rpm.RPMTAG_SIGMD5]<br>&nbsp; &nbsp; &nbsp;#add rpminfo entry<br>&nbsp; &nbsp; &nbsp;rpminfo['id'] = _singleValue("""SELECT nextval('rpminfo_id_seq')""")<br>&nbsp; &nbsp; &nbsp;rpminfo['build'] = buildinfo<br>&nbsp; &nbsp; &nbsp;rpminfo['build_id'] = buildinfo['id']<br>&nbsp; &nbsp; &nbsp;rpminfo['size'] = os.path.getsize(fn)<br>- &nbsp; &nbsp;rpminfo['payloadhash'] = koji.hex_string(hdr[rpm.RPMTAG_SIGMD5])<br>+ &nbsp; &nbsp;rpminfo['payloadhash'] = sigsha2(fn, koji.hex_string(hdr_md5))<br>&nbsp; &nbsp; &nbsp;rpminfo['brootid'] = brootid<br>&nbsp;<br>&nbsp; &nbsp; &nbsp;koji.plugin.run_callbacks('preImport', type='rpm', rpm=rpminfo, build=buildinfo,<br>@@ -4539,7 +4620,9 @@<br>&nbsp; &nbsp; &nbsp;if not os.path.isdir(builddir):<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;raise koji.GenericError, "No such directory: %s" % builddir<br>&nbsp; &nbsp; &nbsp;rawhdr = koji.RawHeader(sighdr)<br>- &nbsp; &nbsp;sigmd5 = koji.hex_string(rawhdr.get(koji.RPM_SIGTAG_MD5))<br>+ &nbsp; &nbsp;rpm_path = "%s/%s" % (builddir, koji.pathinfo.rpm(rinfo))<br>+ &nbsp; &nbsp;hdr_md5 = rawhdr.get(koji.RPM_SIGTAG_MD5)<br>+ &nbsp; &nbsp;sigmd5 = sigsha2(rpm_path, koji.hex_string(hdr_md5))<br>&nbsp; &nbsp; &nbsp;if sigmd5 == rinfo['payloadhash']:<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;# note: payloadhash is a misnomer, that field is populated with sigmd5.<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;sigkey = rawhdr.get(koji.RPM_SIGTAG_GPG)<br>@@ -4554,7 +4637,7 @@<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;# we need to pull that differently as well<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;rpm_path = "%s/%s" % (builddir, koji.pathinfo.rpm(rinfo))<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;sigmd5, sigkey = _scan_sighdr(sighdr, rpm_path)<br>- &nbsp; &nbsp; &nbsp; &nbsp;sigmd5 = koji.hex_string(sigmd5)<br>+ &nbsp; &nbsp; &nbsp; &nbsp;sigmd5 = sigsha2(rpm_path, koji.hex_string(sigmd5))<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;if sigmd5 != rinfo['payloadhash']:<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;nvra = "%(name)s-%(version)s-%(release)s.%(arch)s" % rinfo<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;raise koji.GenericError, "wrong md5 for %s: %s" % (nvra, sigmd5)<br><br><br>$ koji list-tagged main-builds nledd<br>Build &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Tag &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Built by<br>---------------------------------------- &nbsp;-------------------- &nbsp;----------------<br>nledd-2.52-7.fc15 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; main-builds &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; admin<br><br><br>$ su - koji -c "psql -c \"select name,payloadhash from rpminfo where name LIKE 'nledd%';\""<br>&nbsp; &nbsp; &nbsp; name &nbsp; &nbsp; &nbsp; | &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; payloadhash &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br>-----------------+------------------------------------------------------------------<br>&nbsp;nledd &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; | a6f6f123dde44e0967e30b016c8a60ad6c32575a4dd4c83ef779b3bdcebf0279<br>&nbsp;nledd &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; | 988e2594303acc3c7a1e15bbf1ca621cd626f21faff24c24365c68551f48af3a<br>&nbsp;nledd-debuginfo | d9b6bf6a7d76f4f6cb966f3353f5d48075bd89184fe74e8a32c155dfd9abd402<br>(3 rows)<br><br><br># Main Source Code Addition<br><br><br>import hashlib<br>import struct<br><br><br>def sigsha2(fn, cm=None):<br><span class="Apple-tab-span" style="white-space:pre">        </span># http://www.iagora.com/~espel/rpm2cpio<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>nel = 0<br><span class="Apple-tab-span" style="white-space:pre">        </span>f = open(fn, "r")<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>rpm = f.read(96)<br><span class="Apple-tab-span" style="white-space:pre">        </span>if (len(rpm) != 96):<br><span class="Apple-tab-span" style="white-space:pre">                </span>#print("error reading lead 96.0")<br><span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br><span class="Apple-tab-span" style="white-space:pre">        </span>nel += len(rpm)<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span># http://perldoc.perl.org/functions/pack.html<br><span class="Apple-tab-span" style="white-space:pre">        </span># http://docs.python.org/library/struct.html<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>(magic, major, minor, rest) = struct.unpack("&gt;LBB90s", rpm)<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>if (magic != 0xedabeedb):<br><span class="Apple-tab-span" style="white-space:pre">                </span>#print("incorrect lead magic")<br><span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>if ((major != 3) and (major != 4)):<br><span class="Apple-tab-span" style="white-space:pre">                </span>#print("incorrect lead major")<br><span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span># http://docs.python.org/library/stdtypes.html<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>while (1):<br><span class="Apple-tab-span" style="white-space:pre">                </span>pos = nel<br><span class="Apple-tab-span" style="white-space:pre">                </span>rpm = f.read(16)<br><span class="Apple-tab-span" style="white-space:pre">                </span>if (len(rpm) != 16):<br><span class="Apple-tab-span" style="white-space:pre">                        </span>#print("error reading header 16.0")<br><span class="Apple-tab-span" style="white-space:pre">                        </span>return cm<br><span class="Apple-tab-span" style="white-space:pre">                </span>nel += len(rpm)<br><span class="Apple-tab-span" style="white-space:pre">                </span>(smagic, rest) = struct.unpack("&gt;H14s", rpm)<br><span class="Apple-tab-span" style="white-space:pre">                </span>if ((smagic == 0x1f8b) or (smagic == 0x425a) or (smagic == 0xfd37)):<br><span class="Apple-tab-span" style="white-space:pre">                        </span>break<br><span class="Apple-tab-span" style="white-space:pre">                </span>if (pos &amp; 0x7):<br><span class="Apple-tab-span" style="white-space:pre">                        </span>pos += 7<br><span class="Apple-tab-span" style="white-space:pre">                        </span>pos &amp;= (~0x7)<br><span class="Apple-tab-span" style="white-space:pre">                        </span>f.seek(pos, 0)<br><span class="Apple-tab-span" style="white-space:pre">                        </span>nel = pos<br><span class="Apple-tab-span" style="white-space:pre">                        </span>rpm = f.read(16)<br><span class="Apple-tab-span" style="white-space:pre">                        </span>if (len(rpm) != 16):<br><span class="Apple-tab-span" style="white-space:pre">                                </span>#print("error reading header 16.1")<br><span class="Apple-tab-span" style="white-space:pre">                                </span>return cm<br><span class="Apple-tab-span" style="white-space:pre">                        </span>nel += len(rpm)<br><span class="Apple-tab-span" style="white-space:pre">                </span>left = (len(rpm) - 16)<br><span class="Apple-tab-span" style="white-space:pre">                </span>(magic, data, sections, bytes, rest) = struct.unpack("&gt;4L" + str(left) + "s", rpm)<br><span class="Apple-tab-span" style="white-space:pre">                </span>if (magic != 0x8eade801):<br><span class="Apple-tab-span" style="white-space:pre">                        </span>#print("incorrect header magic")<br><span class="Apple-tab-span" style="white-space:pre">                        </span>return cm<br><span class="Apple-tab-span" style="white-space:pre">                </span># beg custom<br><span class="Apple-tab-span" style="white-space:pre">                </span>f.seek(pos + 16, 0)<br><span class="Apple-tab-span" style="white-space:pre">                </span>tmp = f.read((16 * sections) + bytes)<br><span class="Apple-tab-span" style="white-space:pre">                </span>head = (rpm + tmp)<br><span class="Apple-tab-span" style="white-space:pre">                </span># end custom<br><span class="Apple-tab-span" style="white-space:pre">                </span>pos += 16<br><span class="Apple-tab-span" style="white-space:pre">                </span>pos += (16 * sections)<br><span class="Apple-tab-span" style="white-space:pre">                </span>pos += bytes<br><span class="Apple-tab-span" style="white-space:pre">                </span>f.seek(pos, 0)<br><span class="Apple-tab-span" style="white-space:pre">                </span>nel = pos<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>while (1):<br><span class="Apple-tab-span" style="white-space:pre">                </span>tmp = f.read(16384)<br><span class="Apple-tab-span" style="white-space:pre">                </span>if (not tmp):<br><span class="Apple-tab-span" style="white-space:pre">                        </span>break<br><span class="Apple-tab-span" style="white-space:pre">                </span>rpm += tmp<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>f.close()<br><span class="Apple-tab-span" style="white-space:pre">        </span>md5hex = hashlib.md5(head + rpm).hexdigest()<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>if ((cm != None) and (cm != md5hex)):<br><span class="Apple-tab-span" style="white-space:pre">                </span>#print("sigmd5 mis-match")<br><span class="Apple-tab-span" style="white-space:pre">                </span>return cm<br><span class="Apple-tab-span" style="white-space:pre">        </span><br><span class="Apple-tab-span" style="white-space:pre">        </span>return hashlib.sha256(head + rpm).hexdigest()<br>