Re: [OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
Hi Bastian, I recently added openssl as a generic build dependency for OpenWrt as part of the new package signing infrastructure thus I don't think using openssl sha256 is problematic. Can you give an example please where there is an openssl without sha256 support? Thanks, Steven ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
* Etienne Champetier etienne.champet...@free.fr [09.10.2013 09:09]: I've read here http://stackoverflow.com/questions/592620/check-if-a-program-exists-from-a-bash-script that it's better to use command -v or hash instead of which interesting, but http://www.cyberciti.biz/faq/unix-linux-shell-find-out-posixcommand-exists-or-not/ says in the comments: According to The Open Group Base Specifications, `command -v` is not completely portable and `type -P` is not portable either: i'am even unsure of 'hash', because it's an builtin. And 'which' is also poorly defined: at least i can find the definition for the exitcode under ubuntu 'man which'. i'am lost - any other links for pro or contra? bye, bastian ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
* Steven Barth cy...@openwrt.org [09.10.2013 09:45]: I recently added openssl as a generic build dependency for OpenWrt as part of the new package signing infrastructure thus I don't think using openssl sha256 is problematic. it's not 'openssl' itself in my case, but the ability to handle 'sha256': user@farm:~/openwrt$ openssl sha256 Makefile openssl:Error: 'sha256' is an invalid command. Standard commands asn1parse ca cipherscrlcrl2pkcs7 dgst dh dhparamdsadsaparam ec ecparamencengine errstr gendh gendsa genrsa nseq ocsp passwd pkcs12 pkcs7 pkcs8 prime rand reqrsarsautl s_client s_server s_time sess_idsmime speed spkac verify versionx509 Message Digest commands (see the `dgst' command for more details) md2md4md5rmd160 sha sha1 Cipher commands (see the `enc' command for more details) aes-128-cbcaes-128-ecbaes-192-cbcaes-192-ecbaes-256-cbc aes-256-ecbbase64 bf bf-cbc bf-cfb bf-ecb bf-ofb cast cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb desdes-cbc des-cfbdes-ecbdes-ededes-ede-cbcdes-ede-cfb des-ede-ofbdes-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofbdes3 desx rc2rc2-40-cbc rc2-64-cbc rc2-cbcrc2-cfbrc2-ecbrc2-ofb rc4rc4-40 user@farm:~/openwrt$ openssl OpenSSL version OpenSSL 0.9.8o 01 Jun 2010 ok, it's old - but installed 8-) bye, bastian ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
On 2013-10-09 9:48 AM, Bastian Bittorf wrote: * Steven Barth cy...@openwrt.org [09.10.2013 09:45]: I recently added openssl as a generic build dependency for OpenWrt as part of the new package signing infrastructure thus I don't think using openssl sha256 is problematic. it's not 'openssl' itself in my case, but the ability to handle 'sha256': I think we should probably just put a self-contained utility in tools/ and use that instead of relying on different kinds of host tools. - Felix ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
* Felix Fietkau n...@openwrt.org [09.10.2013 19:54]: it's not 'openssl' itself in my case, but the ability to handle 'sha256': I think we should probably just put a self-contained utility in tools/ and use that instead of relying on different kinds of host tools. So selfcompiling a small tool on the host? I'am unsure if this is needed, if we rely on openssl-sha256 anyway? than it would be better to check not only for the existence of 'openssl' but for the ability to work with 'sha256'. openssl is available for on all host platforms anyway. if 'sha256' is not supportet (like on my install), than the build should abort... bye, bastian ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
Le 9 oct. 2013 20:06, Bastian Bittorf bitt...@bluebottle.com a écrit : * Felix Fietkau n...@openwrt.org [09.10.2013 19:54]: it's not 'openssl' itself in my case, but the ability to handle 'sha256': I think we should probably just put a self-contained utility in tools/ and use that instead of relying on different kinds of host tools. So selfcompiling a small tool on the host? I'am unsure if this is needed, if we rely on openssl-sha256 anyway? than it would be better to check not only for the existence of 'openssl' but for the ability to work with 'sha256'. openssl is available for on all host platforms anyway. if 'sha256' is not supportet (like on my install), than the build should abort... PostgreSQL has a self-contained BSD licensed sh256 implementation here: http://doxygen.postgresql.org/sha2_8c_source.html which could possibly be wrapped to read from a file and output the hash on stdout. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256' openssl is not available on all systems (or maybe not the implementation of sha256), but maybe sha256sum. use openssl if 'sha256sum' is not installed. Signed-off-by: Bastian Bittorf bitt...@bluebottle.com --- scripts/ipkg-make-index.sh | 14 +- 1 files changed, 13 insertions(+), 1 deletions(-) diff --git a/scripts/ipkg-make-index.sh b/scripts/ipkg-make-index.sh index a2f3dea..07c97f0 100755 --- a/scripts/ipkg-make-index.sh +++ b/scripts/ipkg-make-index.sh @@ -10,6 +10,18 @@ fi which md5sum /dev/null 21 || alias md5sum=md5 +if which sha256sum /dev/null; then + get_hash_sha256() + { + sha256sum $1 | cut -d' ' -f1 + } +else + get_hash_sha256() + { + openssl sha256 $1 | cut -d' ' -f2 + } +fi + for pkg in `find $pkg_dir -name '*.ipk' | sort`; do name=${pkg##*/} name=${name%%_*} @@ -18,7 +30,7 @@ for pkg in `find $pkg_dir -name '*.ipk' | sort`; do echo Generating index for package $pkg 2 file_size=$(ls -l $pkg | awk '{print $5}') md5sum=$(md5sum $pkg | awk '{print $1}') - sha256sum=$(openssl sha256 $pkg | awk '{print $2}') + sha256sum=$(get_hash_sha256 $pkg) # Take pains to make variable value sed-safe sed_safe_pkg=`echo $pkg | sed -e 's/^\.\///g' -e 's/\\//\\//g'` tar -xzOf $pkg ./control.tar.gz | tar xzOf - ./control | sed -e s/^Description:/Filename: $sed_safe_pkg\\ -- 1.7.2.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256'
Hi Le 08/10/2013 20:49, Bastian Bittorf a écrit : build: generate_package_index: use 'sha256sum' in favor of 'openssl sha256' openssl is not available on all systems (or maybe not the implementation of sha256), but maybe sha256sum. use openssl if 'sha256sum' is not installed. Signed-off-by: Bastian Bittorf bitt...@bluebottle.com --- scripts/ipkg-make-index.sh | 14 +- 1 files changed, 13 insertions(+), 1 deletions(-) diff --git a/scripts/ipkg-make-index.sh b/scripts/ipkg-make-index.sh index a2f3dea..07c97f0 100755 --- a/scripts/ipkg-make-index.sh +++ b/scripts/ipkg-make-index.sh @@ -10,6 +10,18 @@ fi which md5sum /dev/null 21 || alias md5sum=md5 +if which sha256sum /dev/null; then I've read here http://stackoverflow.com/questions/592620/check-if-a-program-exists-from-a-bash-script that it's better to use command -v or hash instead of which Regards Etienne ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel