From a1d6524dce0a382fbcaff5da125363bdebe3ded4 Mon Sep 17 00:00:00 2001 From: Matthias Beyer Date: Wed, 13 Jan 2021 15:06:22 +0100 Subject: Revert "Reimplement hash verification" This reverts commit c3fc1281142ec10414197a31070cc45930a859e3 and commit 18b256e040881ac674463913b2a7e290125ea738. The problem here is that we introduced "ring" to our dependencies, which has a unappropriate license (ISC and openssl thing). We should not depend on such a library, because it may conflict with our own EPL 2.0 (IANAL). Signed-off-by: Matthias Beyer --- src/source/mod.rs | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) (limited to 'src/source') diff --git a/src/source/mod.rs b/src/source/mod.rs index 75a1609..295d7a9 100644 --- a/src/source/mod.rs +++ b/src/source/mod.rs @@ -91,29 +91,29 @@ impl SourceEntry { } pub async fn verify_hash(&self) -> Result<()> { + let p = self.source_file_path(); - trace!("Reading: {}", p.display()); + trace!("Reading to buffer: {}", p.display()); - // we can clone() here, because the object itself is just a representation of "what hash - // type do we use here", which is rather cheap to clone (because it is - // crate::package::SourceHash, that is not more than an enum + String). - // - // We need to clone to move into the closure below. - let source_hash = self.package_source.hash().clone(); + let path = p.clone(); + let buf = tokio::task::spawn_blocking(move || { + use std::io::Read; - tokio::task::spawn_blocking(move || { + let mut buf = vec![]; std::fs::OpenOptions::new() .create(false) .create_new(false) .read(true) - .open(&p) - .map_err(Error::from) - .map(std::io::BufReader::new) - .and_then(|reader| { - source_hash.matches_hash_of(reader) - }) + .open(path)? + .read_to_end(&mut buf) + .map(|_| buf) }) - .await? + .await??; + + trace!("Reading to buffer finished: {}", p.display()); + self.package_source + .hash() + .matches_hash_of(&buf) } pub async fn create(&self) -> Result { -- cgit v1.2.3