diff options
author | Bryan Quigley <code@bryanquigley.com> | 2020-12-17 10:37:01 -0800 |
---|---|---|
committer | Jake Hunsaker <jhunsake@redhat.com> | 2021-02-09 13:25:16 -0500 |
commit | dc6cf40c4f637110162c305311f616f0fe60b89f (patch) | |
tree | e941b24716d58ced7c5b4749b98968fb62db4d66 | |
parent | 93842c416f1ea6837e02a81965a3233ff8508948 (diff) | |
download | sos-dc6cf40c4f637110162c305311f616f0fe60b89f.tar.gz |
[policy] switch to sha256 sum
Move cleaner to ignore both sha256/md5s
Move collector to use sha256 as well.
Move to get hash from stdout
Resolves: #2351
Closes: #1204
Signed-off-by: Bryan Quigley <code@bryanquigley.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
-rw-r--r-- | sos/cleaner/__init__.py | 9 | ||||
-rw-r--r-- | sos/collector/__init__.py | 4 | ||||
-rw-r--r-- | sos/collector/sosnode.py | 25 | ||||
-rw-r--r-- | sos/policies/__init__.py | 2 | ||||
-rw-r--r-- | sos/policies/distros/__init__.py | 19 | ||||
-rwxr-xr-x | tests/simple.sh | 2 |
6 files changed, 24 insertions, 37 deletions
diff --git a/sos/cleaner/__init__.py b/sos/cleaner/__init__.py index ba972ad4..1bc792b0 100644 --- a/sos/cleaner/__init__.py +++ b/sos/cleaner/__init__.py @@ -215,7 +215,8 @@ third party. nested_archives = [] for _file in archive.getmembers(): if (re.match('sosreport-.*.tar', _file.name.split('/')[-1]) and not - _file.name.endswith('.md5')): + (_file.name.endswith('.md5') or + _file.name.endswith('.sha256'))): nested_archives.append(_file.name.split('/')[-1]) if nested_archives: @@ -270,7 +271,8 @@ third party. for _file in os.listdir(self.opts.target): if _file == 'sos_logs': self.report_paths.append(self.opts.target) - if re.match('sosreport.*.tar.*[^md5]', _file): + if (_file.startswith('sosreport') and + (_file.endswith(".tar.gz") or _file.endswith(".tar.xz"))): self.report_paths.append(os.path.join(self.opts.target, _file)) if not self.report_paths: @@ -279,9 +281,6 @@ third party. else: self.inspect_target_archive() - # remove any lingering md5 files - self.report_paths = [p for p in self.report_paths if '.md5' not in p] - if not self.report_paths: self.ui_log.error("No valid sos archives or directories found\n") self._exit(1) diff --git a/sos/collector/__init__.py b/sos/collector/__init__.py index 228b7109..fb1b119b 100644 --- a/sos/collector/__init__.py +++ b/sos/collector/__init__.py @@ -1206,8 +1206,6 @@ this utility or remote systems that it connects to. self.log_info('Creating archive of sosreports...') for fname in arc_paths: dest = fname.split('/')[-1] - if fname.endswith(('.md5',)): - dest = os.path.join('checksums', fname.split('/')[-1]) if do_clean: dest = cleaner.obfuscate_string(dest) name = os.path.join(self.tmpdir, fname) @@ -1217,7 +1215,7 @@ this utility or remote systems that it connects to. checksum = cleaner.get_new_checksum(fname) if checksum: name = os.path.join('checksums', fname.split('/')[-1]) - name += '.md5' + name += '.sha256' self.archive.add_string(checksum, name) self.archive.add_file(self.sos_log_file, dest=os.path.join('sos_logs', 'sos.log')) diff --git a/sos/collector/sosnode.py b/sos/collector/sosnode.py index 0f3a3058..a1679655 100644 --- a/sos/collector/sosnode.py +++ b/sos/collector/sosnode.py @@ -773,6 +773,7 @@ class SosNode(): self.ui_msg('Generating sosreport...') try: path = False + checksum = False res = self.run_command(self.sos_cmd, timeout=self.opts.timeout, get_pty=True, need_root=True, @@ -781,6 +782,19 @@ class SosNode(): for line in res['stdout'].splitlines(): if fnmatch.fnmatch(line, '*sosreport-*tar*'): path = line.strip() + if line.startswith((" sha256\t", " md5\t")): + checksum = line.split("\t")[1] + elif line.startswith("The checksum is: "): + checksum = line.split()[3] + + if checksum is not None: + self.manifest.add_field('checksum', checksum) + if len(checksum) == 32: + self.manifest.add_field('checksum_type', 'md5') + elif len(checksum) == 64: + self.manifest.add_field('checksum_type', 'sha256') + else: + self.manifest.add_field('checksum_type', 'unknown') else: err = self.determine_sos_error(res['status'], res['stdout']) self.log_debug("Error running sosreport. rc = %s msg = %s" @@ -857,10 +871,6 @@ class SosNode(): except Exception: self.log_error('Failed to make archive readable') return False - try: - self.make_archive_readable(self.sos_path + '.md5') - except Exception: - self.log_debug('Failed to make md5 readable') self.soslog.info('Retrieving sosreport from %s' % self.address) self.ui_msg('Retrieving sosreport...') ret = self.retrieve_file(self.sos_path) @@ -870,9 +880,6 @@ class SosNode(): else: self.log_error('Failed to retrieve sosreport') raise SystemExit - self.hash_retrieved = self.retrieve_file(self.sos_path + '.md5') - if self.hash_retrieved: - self.file_list.append(self.sos_path.split('/')[-1] + '.md5') return True else: # sos sometimes fails but still returns a 0 exit code @@ -901,7 +908,9 @@ class SosNode(): def cleanup(self): """Remove the sos archive from the node once we have it locally""" self.remove_sos_archive() - if self.hash_retrieved: + if os.path.isfile(self.sos_path + '.sha256'): + self.remove_file(self.sos_path + '.sha256') + elif os.path.isfile(self.sos_path + '.md5'): self.remove_file(self.sos_path + '.md5') cleanup = self.host.set_cleanup_cmd() if cleanup: diff --git a/sos/policies/__init__.py b/sos/policies/__init__.py index a123926d..64e0da14 100644 --- a/sos/policies/__init__.py +++ b/sos/policies/__init__.py @@ -378,7 +378,7 @@ any third party. def get_preferred_hash_name(self): """Returns the string name of the hashlib-supported checksum algorithm to use""" - return "md5" + return "sha256" def display_results(self, archive, directory, checksum, archivestat=None, map_file=None): diff --git a/sos/policies/distros/__init__.py b/sos/policies/distros/__init__.py index a4f550c9..022ba7f4 100644 --- a/sos/policies/distros/__init__.py +++ b/sos/policies/distros/__init__.py @@ -101,25 +101,6 @@ class LinuxPolicy(Policy): '/etc/shadow' ] - def get_preferred_hash_name(self): - - if self._preferred_hash_name: - return self._preferred_hash_name - - checksum = "md5" - try: - fp = open("/proc/sys/crypto/fips_enabled", "r") - except IOError: - self._preferred_hash_name = checksum - return checksum - - fips_enabled = fp.read() - if fips_enabled.find("1") >= 0: - checksum = "sha256" - fp.close() - self._preferred_hash_name = checksum - return checksum - def default_runlevel(self): try: with open("/etc/inittab") as fp: diff --git a/tests/simple.sh b/tests/simple.sh index f1d530dc..e323cffc 100755 --- a/tests/simple.sh +++ b/tests/simple.sh @@ -56,7 +56,7 @@ run_expecting_success () { if [ "extract" = "$2" ]; then echo "### start extraction" - rm -f /var/tmp/sosreport*md5 + rm -f /var/tmp/sosreport*sha256 mkdir /var/tmp/sosreport_test/ tar xfa /var/tmp/sosreport*.tar* -C /var/tmp/sosreport_test --strip-components=1 if [ -s /var/tmp/sosreport_test/sos_logs/*errors.txt ]; then |