aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBryan Quigley <code@bryanquigley.com>2020-12-17 10:37:01 -0800
committerJake Hunsaker <jhunsake@redhat.com>2021-02-09 13:25:16 -0500
commitdc6cf40c4f637110162c305311f616f0fe60b89f (patch)
treee941b24716d58ced7c5b4749b98968fb62db4d66
parent93842c416f1ea6837e02a81965a3233ff8508948 (diff)
downloadsos-dc6cf40c4f637110162c305311f616f0fe60b89f.tar.gz
[policy] switch to sha256 sum
Move cleaner to ignore both sha256/md5s Move collector to use sha256 as well. Move to get hash from stdout Resolves: #2351 Closes: #1204 Signed-off-by: Bryan Quigley <code@bryanquigley.com> Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
-rw-r--r--sos/cleaner/__init__.py9
-rw-r--r--sos/collector/__init__.py4
-rw-r--r--sos/collector/sosnode.py25
-rw-r--r--sos/policies/__init__.py2
-rw-r--r--sos/policies/distros/__init__.py19
-rwxr-xr-xtests/simple.sh2
6 files changed, 24 insertions, 37 deletions
diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py
index ba972ad4..1bc792b0 100644
--- a/sos/cleaner/__init__.py
+++ b/sos/cleaner/__init__.py
@@ -215,7 +215,8 @@ third party.
nested_archives = []
for _file in archive.getmembers():
if (re.match('sosreport-.*.tar', _file.name.split('/')[-1]) and not
- _file.name.endswith('.md5')):
+ (_file.name.endswith('.md5') or
+ _file.name.endswith('.sha256'))):
nested_archives.append(_file.name.split('/')[-1])
if nested_archives:
@@ -270,7 +271,8 @@ third party.
for _file in os.listdir(self.opts.target):
if _file == 'sos_logs':
self.report_paths.append(self.opts.target)
- if re.match('sosreport.*.tar.*[^md5]', _file):
+ if (_file.startswith('sosreport') and
+ (_file.endswith(".tar.gz") or _file.endswith(".tar.xz"))):
self.report_paths.append(os.path.join(self.opts.target,
_file))
if not self.report_paths:
@@ -279,9 +281,6 @@ third party.
else:
self.inspect_target_archive()
- # remove any lingering md5 files
- self.report_paths = [p for p in self.report_paths if '.md5' not in p]
-
if not self.report_paths:
self.ui_log.error("No valid sos archives or directories found\n")
self._exit(1)
diff --git a/sos/collector/__init__.py b/sos/collector/__init__.py
index 228b7109..fb1b119b 100644
--- a/sos/collector/__init__.py
+++ b/sos/collector/__init__.py
@@ -1206,8 +1206,6 @@ this utility or remote systems that it connects to.
self.log_info('Creating archive of sosreports...')
for fname in arc_paths:
dest = fname.split('/')[-1]
- if fname.endswith(('.md5',)):
- dest = os.path.join('checksums', fname.split('/')[-1])
if do_clean:
dest = cleaner.obfuscate_string(dest)
name = os.path.join(self.tmpdir, fname)
@@ -1217,7 +1215,7 @@ this utility or remote systems that it connects to.
checksum = cleaner.get_new_checksum(fname)
if checksum:
name = os.path.join('checksums', fname.split('/')[-1])
- name += '.md5'
+ name += '.sha256'
self.archive.add_string(checksum, name)
self.archive.add_file(self.sos_log_file,
dest=os.path.join('sos_logs', 'sos.log'))
diff --git a/sos/collector/sosnode.py b/sos/collector/sosnode.py
index 0f3a3058..a1679655 100644
--- a/sos/collector/sosnode.py
+++ b/sos/collector/sosnode.py
@@ -773,6 +773,7 @@ class SosNode():
self.ui_msg('Generating sosreport...')
try:
path = False
+ checksum = False
res = self.run_command(self.sos_cmd,
timeout=self.opts.timeout,
get_pty=True, need_root=True,
@@ -781,6 +782,19 @@ class SosNode():
for line in res['stdout'].splitlines():
if fnmatch.fnmatch(line, '*sosreport-*tar*'):
path = line.strip()
+ if line.startswith((" sha256\t", " md5\t")):
+ checksum = line.split("\t")[1]
+ elif line.startswith("The checksum is: "):
+ checksum = line.split()[3]
+
+ if checksum is not None:
+ self.manifest.add_field('checksum', checksum)
+ if len(checksum) == 32:
+ self.manifest.add_field('checksum_type', 'md5')
+ elif len(checksum) == 64:
+ self.manifest.add_field('checksum_type', 'sha256')
+ else:
+ self.manifest.add_field('checksum_type', 'unknown')
else:
err = self.determine_sos_error(res['status'], res['stdout'])
self.log_debug("Error running sosreport. rc = %s msg = %s"
@@ -857,10 +871,6 @@ class SosNode():
except Exception:
self.log_error('Failed to make archive readable')
return False
- try:
- self.make_archive_readable(self.sos_path + '.md5')
- except Exception:
- self.log_debug('Failed to make md5 readable')
self.soslog.info('Retrieving sosreport from %s' % self.address)
self.ui_msg('Retrieving sosreport...')
ret = self.retrieve_file(self.sos_path)
@@ -870,9 +880,6 @@ class SosNode():
else:
self.log_error('Failed to retrieve sosreport')
raise SystemExit
- self.hash_retrieved = self.retrieve_file(self.sos_path + '.md5')
- if self.hash_retrieved:
- self.file_list.append(self.sos_path.split('/')[-1] + '.md5')
return True
else:
# sos sometimes fails but still returns a 0 exit code
@@ -901,7 +908,9 @@ class SosNode():
def cleanup(self):
"""Remove the sos archive from the node once we have it locally"""
self.remove_sos_archive()
- if self.hash_retrieved:
+ if os.path.isfile(self.sos_path + '.sha256'):
+ self.remove_file(self.sos_path + '.sha256')
+ elif os.path.isfile(self.sos_path + '.md5'):
self.remove_file(self.sos_path + '.md5')
cleanup = self.host.set_cleanup_cmd()
if cleanup:
diff --git a/sos/policies/__init__.py b/sos/policies/__init__.py
index a123926d..64e0da14 100644
--- a/sos/policies/__init__.py
+++ b/sos/policies/__init__.py
@@ -378,7 +378,7 @@ any third party.
def get_preferred_hash_name(self):
"""Returns the string name of the hashlib-supported checksum algorithm
to use"""
- return "md5"
+ return "sha256"
def display_results(self, archive, directory, checksum, archivestat=None,
map_file=None):
diff --git a/sos/policies/distros/__init__.py b/sos/policies/distros/__init__.py
index a4f550c9..022ba7f4 100644
--- a/sos/policies/distros/__init__.py
+++ b/sos/policies/distros/__init__.py
@@ -101,25 +101,6 @@ class LinuxPolicy(Policy):
'/etc/shadow'
]
- def get_preferred_hash_name(self):
-
- if self._preferred_hash_name:
- return self._preferred_hash_name
-
- checksum = "md5"
- try:
- fp = open("/proc/sys/crypto/fips_enabled", "r")
- except IOError:
- self._preferred_hash_name = checksum
- return checksum
-
- fips_enabled = fp.read()
- if fips_enabled.find("1") >= 0:
- checksum = "sha256"
- fp.close()
- self._preferred_hash_name = checksum
- return checksum
-
def default_runlevel(self):
try:
with open("/etc/inittab") as fp:
diff --git a/tests/simple.sh b/tests/simple.sh
index f1d530dc..e323cffc 100755
--- a/tests/simple.sh
+++ b/tests/simple.sh
@@ -56,7 +56,7 @@ run_expecting_success () {
if [ "extract" = "$2" ]; then
echo "### start extraction"
- rm -f /var/tmp/sosreport*md5
+ rm -f /var/tmp/sosreport*sha256
mkdir /var/tmp/sosreport_test/
tar xfa /var/tmp/sosreport*.tar* -C /var/tmp/sosreport_test --strip-components=1
if [ -s /var/tmp/sosreport_test/sos_logs/*errors.txt ]; then