From 4119eea13b27d488f0f034c4d90688c67a68ec0e Mon Sep 17 00:00:00 2001
From: espie <espie@openbsd.org>
Date: Tue, 7 Jan 2014 13:26:17 +0000
Subject: [PATCH] let's verify all checksums. I forgot about special files,
 since they've been extracted early, but they can be checked nonetheless.

(prevents people from tampering with DESC and the like)
---
 usr.sbin/pkg_add/OpenBSD/Add.pm            | 10 ++++++++-
 usr.sbin/pkg_add/OpenBSD/PackingElement.pm | 26 +++++++++++++++++++++-
 usr.sbin/pkg_add/OpenBSD/Replace.pm        |  9 +++++++-
 3 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/usr.sbin/pkg_add/OpenBSD/Add.pm b/usr.sbin/pkg_add/OpenBSD/Add.pm
index fcbf9fffb50..922469b7f9e 100644
--- a/usr.sbin/pkg_add/OpenBSD/Add.pm
+++ b/usr.sbin/pkg_add/OpenBSD/Add.pm
@@ -1,5 +1,5 @@
 # ex:ts=8 sw=4:
-# $OpenBSD: Add.pm,v 1.136 2014/01/07 10:22:05 espie Exp $
+# $OpenBSD: Add.pm,v 1.137 2014/01/07 13:26:17 espie Exp $
 #
 # Copyright (c) 2003-2007 Marc Espie <espie@openbsd.org>
 #
@@ -709,6 +709,14 @@ sub copy_info
 		$self->fullname, $dest, $!);
 }
 
+sub install
+{
+	my ($self, $state) = @_;
+	if (!$state->{extracted_first}) {
+		$self->may_verify_digest($state);
+	}
+}
+
 package OpenBSD::PackingElement::FCONTENTS;
 sub copy_info
 {
diff --git a/usr.sbin/pkg_add/OpenBSD/PackingElement.pm b/usr.sbin/pkg_add/OpenBSD/PackingElement.pm
index 717ca72e7c0..7edf37cfd67 100644
--- a/usr.sbin/pkg_add/OpenBSD/PackingElement.pm
+++ b/usr.sbin/pkg_add/OpenBSD/PackingElement.pm
@@ -1,5 +1,5 @@
 # ex:ts=8 sw=4:
-# $OpenBSD: PackingElement.pm,v 1.220 2014/01/04 14:14:55 espie Exp $
+# $OpenBSD: PackingElement.pm,v 1.221 2014/01/07 13:26:18 espie Exp $
 #
 # Copyright (c) 2003-2010 Marc Espie <espie@openbsd.org>
 #
@@ -1663,6 +1663,26 @@ sub new
 	&OpenBSD::PackingElement::UniqueOption::new;
 }
 
+sub may_verify_digest
+{
+	my ($self, $state) = @_;
+	if (!$state->{check_digest}) {
+		return;
+	}
+	if (!defined $self->{d}) {
+		$state->log->fatal($state->f("#1 does not have a signature",
+		    $self->fullname));
+	}
+	my $d = $self->compute_digest($self->fullname);
+	if (!$d->equals($self->{d})) {
+		$state->log->fatal($state->f("checksum for #1 does not match",
+		    $self->fullname));
+	}
+	if ($state->verbose >= 3) {
+		$state->say("Checksum match for #1", $self->fullname);
+	}
+}
+
 package OpenBSD::PackingElement::FCONTENTS;
 our @ISA=qw(OpenBSD::PackingElement::SpecialFile);
 sub name() { OpenBSD::PackageInfo::CONTENTS }
@@ -1678,6 +1698,10 @@ sub copy_deep_if
 {
 }
 
+# CONTENTS doesn't have a checksum
+sub may_verify_digest
+{
+}
 package OpenBSD::PackingElement::FCOMMENT;
 our @ISA=qw(OpenBSD::PackingElement::SpecialFile);
 sub name() { OpenBSD::PackageInfo::COMMENT }
diff --git a/usr.sbin/pkg_add/OpenBSD/Replace.pm b/usr.sbin/pkg_add/OpenBSD/Replace.pm
index 9ab688218d3..dd01020877b 100644
--- a/usr.sbin/pkg_add/OpenBSD/Replace.pm
+++ b/usr.sbin/pkg_add/OpenBSD/Replace.pm
@@ -1,5 +1,5 @@
 # ex:ts=8 sw=4:
-# $OpenBSD: Replace.pm,v 1.84 2012/04/28 12:00:10 espie Exp $
+# $OpenBSD: Replace.pm,v 1.85 2014/01/07 13:26:18 espie Exp $
 #
 # Copyright (c) 2004-2010 Marc Espie <espie@openbsd.org>
 #
@@ -129,6 +129,13 @@ sub extract
 {
 }
 
+package OpenBSD::PackingElement::SpecialFile;
+sub extract
+{
+	my ($self, $state) = @_;
+	$self->may_verify_digest($state);
+}
+
 package OpenBSD::PackingElement::Exec;
 sub update_issue
 {
-- 
2.20.1