From 61f0023c3716d2b92405533790be9e4b88d33b6c Mon Sep 17 00:00:00 2001 From: Dan Streetman Date: Tue, 21 Jul 2020 15:01:16 -0400 Subject: [PATCH] archive: use verify_file_checksums() This reduces duplicate verification steps, and results in logging error from the verification function if there is a size mismatch, instead of the silent verification failure that was present in case neither sha checksum was provided. Signed-off-by: Dan Streetman --- ubuntutools/archive.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/ubuntutools/archive.py b/ubuntutools/archive.py index 54a7ae7..c7d3d3f 100644 --- a/ubuntutools/archive.py +++ b/ubuntutools/archive.py @@ -48,7 +48,7 @@ from ubuntutools.lp.lpapicache import (Launchpad, Distribution, PersonTeam, from ubuntutools.lp.udtexceptions import (PackageNotFoundException, SeriesNotFoundException, InvalidDistroValueError) -from ubuntutools.misc import (download, verify_file_checksum) +from ubuntutools.misc import (download, verify_file_checksum, verify_file_checksums) from ubuntutools.version import Version import logging @@ -355,16 +355,17 @@ class SourcePackage(object): else: Logger.warning('Signature on %s could not be verified' % self.dsc_name) - def _verify_file(self, pathname, dscverify=False, sha1sum=False, sha256sum=False, size=0): + def _verify_file(self, pathname, dscverify=False, sha1sum=None, sha256sum=None, size=0): if not os.path.exists(pathname): return False - if size and size != os.path.getsize(pathname): - return False if dscverify and not self.dsc.verify_file(pathname): return False - if sha1sum and not verify_file_checksum(pathname, 'SHA1', sha1sum, size): - return False - if sha256sum and not verify_file_checksum(pathname, 'SHA256', sha256sum, size): + checksums = {} + if sha1sum: + checksums['SHA1'] = sha1sum + if sha256sum: + checksums['SHA256'] = sha256sum + if not verify_file_checksums(pathname, checksums, size): return False return True