mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-09-17 18:50:11 +02:00
update: add stricter checking when updating repo index using rsync
rsync uses the modification time and size of the file when deciding whether to update a file. These are relatively easy to control in malicious code, so instead make rsync use a full MD5 checksum when decided whether the index needs to be updated. I suppose we could add an option to use checksum checking on all files, but since the signed repo already provides a checksum check, it seems not worth the added load on the process. Also, renamed 'index' to 'indexxml' to make it clear what is the XML and what is the JAR.
This commit is contained in:
parent
b86bfb94fb
commit
0adb2575fe
@ -116,23 +116,24 @@ def update_awsbucket(repo_section):
|
||||
|
||||
|
||||
def update_serverwebroot(repo_section):
|
||||
rsyncargs = ['rsync', '-u', '-r', '--delete']
|
||||
rsyncargs = ['rsync', '--update', '--recursive', '--delete']
|
||||
if options.verbose:
|
||||
rsyncargs += ['--verbose']
|
||||
if options.quiet:
|
||||
rsyncargs += ['--quiet']
|
||||
index = os.path.join(repo_section, 'index.xml')
|
||||
indexxml = os.path.join(repo_section, 'index.xml')
|
||||
indexjar = os.path.join(repo_section, 'index.jar')
|
||||
# serverwebroot is guaranteed to have a trailing slash in common.py
|
||||
if subprocess.call(rsyncargs +
|
||||
['--exclude', index, '--exclude', indexjar,
|
||||
['--exclude', indexxml, '--exclude', indexjar,
|
||||
repo_section, config['serverwebroot']]) != 0:
|
||||
sys.exit(1)
|
||||
if subprocess.call(rsyncargs +
|
||||
[index, config['serverwebroot'] + repo_section]) != 0:
|
||||
# use stricter checking on the indexes since they provide the signature
|
||||
rsyncargs += ['--checksum']
|
||||
sectionpath = config['serverwebroot'] + repo_section
|
||||
if subprocess.call(rsyncargs + [indexxml, sectionpath]) != 0:
|
||||
sys.exit(1)
|
||||
if subprocess.call(rsyncargs +
|
||||
[indexjar, config['serverwebroot'] + repo_section]) != 0:
|
||||
if subprocess.call(rsyncargs + [indexjar, sectionpath]) != 0:
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user