Karl/BobStore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "The same, but clearer and less code?"

Browse Source 
This reverts commit f5d8419d69b279112d5b7fa42a30c606a54e764c. Tunedal came
up with a better idea.
This commit is contained in:
Ciaran Gultnieks 2011-02-16 21:52:47 +00:00
parent f5d8419d69
commit a364364d99
1 changed files with 110 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

211
src/org/fdroid/fdroid/RepoXMLHandler.java
View File

@ -223,128 +223,123 @@ public class RepoXMLHandler extends DefaultHandler {
public static boolean doUpdates(Context ctx, DB db) { public static boolean doUpdates(Context ctx, DB db) {
long startTime = System.currentTimeMillis(); long startTime = System.currentTimeMillis();
boolean success = false; boolean success = true;
db.beginUpdate(); db.beginUpdate();
try Vector<DB.Repo> repos = db.getRepos();
{ for (DB.Repo repo : repos) {
Vector<DB.Repo> repos = db.getRepos(); if (repo.inuse) {
for (DB.Repo repo : repos) {
if (repo.inuse) {
try { try {
if (repo.pubkey != null) { if (repo.pubkey != null) {
// This is a signed repo - we download the jar file, // This is a signed repo - we download the jar file,
// check the signature, and extract the index... // check the signature, and extract the index...
Log.d("FDroid", "Getting signed index from " Log.d("FDroid", "Getting signed index from "
+ repo.address); + repo.address);
getRemoteFile(ctx, repo.address + "/index.jar", getRemoteFile(ctx, repo.address + "/index.jar",
"tempindex.jar"); "tempindex.jar");
String jarpath = ctx.getFilesDir() + "/tempindex.jar"; String jarpath = ctx.getFilesDir() + "/tempindex.jar";
JarFile jar = new JarFile(jarpath); JarFile jar = new JarFile(jarpath);
JarEntry je = (JarEntry) jar.getEntry("index.xml"); JarEntry je = (JarEntry) jar.getEntry("index.xml");
File efile = new File(ctx.getFilesDir(), File efile = new File(ctx.getFilesDir(),
"/tempindex.xml"); "/tempindex.xml");
InputStream in = new BufferedInputStream(jar InputStream in = new BufferedInputStream(jar
.getInputStream(je), 8192); .getInputStream(je), 8192);
OutputStream out = new BufferedOutputStream( OutputStream out = new BufferedOutputStream(
new FileOutputStream(efile), 8192); new FileOutputStream(efile), 8192);
byte[] buffer = new byte[8192]; byte[] buffer = new byte[8192];
while (true) { while (true) {
int nBytes = in.read(buffer); int nBytes = in.read(buffer);
if (nBytes <= 0) if (nBytes <= 0)
break; break;
out.write(buffer, 0, nBytes); out.write(buffer, 0, nBytes);
} }
out.flush(); out.flush();
out.close(); out.close();
in.close(); in.close();
java.security.cert.Certificate[] certs = je java.security.cert.Certificate[] certs = je
.getCertificates(); .getCertificates();
jar.close(); jar.close();
if (certs == null) { if (certs == null) {
Log.d("FDroid", "No signature found in index"); Log.d("FDroid", "No signature found in index");
return false; return success = false;
} }
if (certs.length != 1) { if (certs.length != 1) {
Log.d("FDroid", "Expected one signature - found " Log.d("FDroid", "Expected one signature - found "
+ certs.length); + certs.length);
return false; return success = false;
}
byte[] sig = certs[0].getEncoded();
byte[] csig = new byte[sig.length * 2];
for (int j = 0; j < sig.length; j++) {
byte v = sig[j];
int d = (v >> 4) & 0xf;
csig[j * 2] = (byte) (d >= 10 ? ('a' + d - 10)
: ('0' + d));
d = v & 0xf;
csig[j * 2 + 1] = (byte) (d >= 10 ? ('a' + d - 10)
: ('0' + d));
}
String ssig = new String(csig);
if (!ssig.equals(repo.pubkey)) {
Log.d("FDroid", "Index signature mismatch");
return false;
}
} else {
// It's an old-fashioned unsigned repo...
Log.d("FDroid", "Getting unsigned index from "
+ repo.address);
getRemoteFile(ctx, repo.address + "/index.xml",
"tempindex.xml");
} }
// Process the index... byte[] sig = certs[0].getEncoded();
SAXParserFactory spf = SAXParserFactory.newInstance(); byte[] csig = new byte[sig.length * 2];
SAXParser sp = spf.newSAXParser(); for (int j = 0; j < sig.length; j++) {
XMLReader xr = sp.getXMLReader(); byte v = sig[j];
RepoXMLHandler handler = new RepoXMLHandler(repo.address, int d = (v >> 4) & 0xf;
db); csig[j * 2] = (byte) (d >= 10 ? ('a' + d - 10)
xr.setContentHandler(handler); : ('0' + d));
d = v & 0xf;
csig[j * 2 + 1] = (byte) (d >= 10 ? ('a' + d - 10)
: ('0' + d));
}
String ssig = new String(csig);
InputStreamReader isr = new FileReader(new File(ctx if (!ssig.equals(repo.pubkey)) {
.getFilesDir() Log.d("FDroid", "Index signature mismatch");
+ "/tempindex.xml")); return success = false;
InputSource is = new InputSource(isr);
xr.parse(is);
if (handler.pubkey != null && repo.pubkey == null) {
// We read an unsigned index, but that indicates that
// a signed version is now available...
Log
.d("FDroid",
"Public key found - switching to signed repo for future updates");
repo.pubkey = handler.pubkey;
db.updateRepoByAddress(repo);
} }
} catch (Exception e) { } else {
Log.e("FDroid", "Exception updating from " + repo.address
+ ":\n" + Log.getStackTraceString(e)); // It's an old-fashioned unsigned repo...
return false; Log.d("FDroid", "Getting unsigned index from "
} finally { + repo.address);
ctx.deleteFile("tempindex.xml"); getRemoteFile(ctx, repo.address + "/index.xml",
ctx.deleteFile("tempindex.jar"); "tempindex.xml");
} }
// Process the index...
SAXParserFactory spf = SAXParserFactory.newInstance();
SAXParser sp = spf.newSAXParser();
XMLReader xr = sp.getXMLReader();
RepoXMLHandler handler = new RepoXMLHandler(repo.address,
db);
xr.setContentHandler(handler);
InputStreamReader isr = new FileReader(new File(ctx
.getFilesDir()
+ "/tempindex.xml"));
InputSource is = new InputSource(isr);
xr.parse(is);
if (handler.pubkey != null && repo.pubkey == null) {
// We read an unsigned index, but that indicates that
// a signed version is now available...
Log
.d("FDroid",
"Public key found - switching to signed repo for future updates");
repo.pubkey = handler.pubkey;
db.updateRepoByAddress(repo);
}
} catch (Exception e) {
Log.e("FDroid", "Exception updating from " + repo.address
+ ":\n" + Log.getStackTraceString(e));
return success = false;
} finally {
ctx.deleteFile("tempindex.xml");
ctx.deleteFile("tempindex.jar");
if (!success)
db.cancelUpdate();
} }
} }
success=true;
db.endUpdate();
Log.d("FDroid", "Update completed in "
+ ((System.currentTimeMillis() - startTime) / 1000)
+ " seconds.");
return true;
} finally {
if(!success)
db.cancelUpdate();
} }
db.endUpdate();
Log.d("FDroid", "Update completed in "
+ ((System.currentTimeMillis() - startTime) / 1000)
+ " seconds.");
return true;
} }
} }