Add vendored sha256 #2684
Add vendored sha256 #2684
Conversation
mistydemeo
force-pushed
the
add_vendored_sha256
branch
from
b7e286b
to
7dcb74f
Compare
|
Is there nothing in e.g. old Rubies or other macOS system libraries on Tigerbrew versions that could calculate a SHA256? I begrudingly think upstreaming Tigerbrew code to Homebrew/brew is worth it despite the lower user base but I'm much less convinced for language modules and particularly non-Ruby modules. |
Absolutely nothing. Perl doesn't include this, OpenSSL is missing it, there's no CommonCrypto, and there are no other tools with support. Without this, there's no way to calculate sha256 checksums at all. |
|
With both this and #2683 I'm wondering if there's any way we can push any of this stuff into e.g. an external command that lives in Tigerbrew/homebrew-core. I'd really like to have Tigerbrew be able to run Homebrew/brew unpatched eventually but want to avoid large chunks of relatively complex, untested code that are Tigerbrew (or Linuxbrew) specific. |
|
My comment was stupid, I apologise 😄. Elaboration - I presumed at first glance this was a broader discussion about the need/desire to be able to calculate SHA256 hashes on older macOS platforms within Ruby, but the code obviously isn't doing that here & this is more exclusively limited to ensuring the vendored Ruby can be checksum-verified during installation, hence Dom's an idiot. |
mistydemeo
force-pushed
the
add_vendored_sha256
branch
from
7dcb74f
to
0bbcb51
Compare
|
Having just made a ridiculous discovery, I'm rethinking this. It turns out Ruby 1.8.2 does include sha2 - not via openssl, but via a vendored copy of Aaron Gifford's sha2 tool. The constant name is different, but otherwise the API is compatible. Fortunately, newer Rubies include the
I'm not sure there's an easy way to do that with curl, unfortunately. :/ Setting up curl happens so early in the process of bootstrapping Homebrew, it doesn't really feel like there's a nice way to bootstrap a curl without using the same mechanism that's already being used for Ruby. |
| @@ -82,6 +82,9 @@ fetch() { | |||
| elif [[ -x "$(which sha256sum)" ]] | |||
| then | |||
| sha="$(sha256sum "$CACHED_LOCATION" | cut -d' ' -f1)" | |||
| elif [[ -x "$(which ruby)" ]] | |||
| then | |||
| sha="$(ruby -e "require 'digest/sha2'; digest = Digest::SHA256.new; File.open('$CACHED_LOCATION', 'rb') { |f| digest.update(f.read) }; puts digest.hexdigest")" | |||
There was a problem hiding this comment.
Is it worth using a heredoc here so this can live on multiple lines?
There was a problem hiding this comment.
Good idea, done! Idented the Ruby code in slightly past the ruby line.
|
One suggestion but once green (I suspect after a rebase) I'm 👍 to ship. Nice work finding the SHA256 thing 👏 |
Digest::SHA2 wasn't exposed under that name in older versions of Ruby.
mistydemeo
force-pushed
the
add_vendored_sha256
branch
from
0bbcb51
to
b45b6c3
Compare
But still prefer shasum/sha256sum where present.
mistydemeo
force-pushed
the
add_vendored_sha256
branch
from
b45b6c3
to
587f338
Compare
| require 'digest/sha2' | ||
| digest = Digest::SHA256.new | ||
| File.open('$CACHED_LOCATION', 'rb') { |f| digest.update(f.read) } | ||
| puts digest.hexdigest |
brew testswith your changes locally?This adds a pure-Perl sha256 implementation, which is compatible with essentially any version of Perl released in the last 15 years. It's suitable for use on older versions of OS X, or Linuces which lack a
shasumorsha256sum; this makes it very useful for installing a vendored Ruby.This script was originally contributed to Tigerbrew by @geoff-codes.
cc @xu-cheng, @sjackman