-
-
Notifications
You must be signed in to change notification settings - Fork 9.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add vendored sha256 #2684
Add vendored sha256 #2684
Conversation
b7e286b
to
7dcb74f
Compare
Is there nothing in e.g. old Rubies or other macOS system libraries on Tigerbrew versions that could calculate a SHA256? I begrudingly think upstreaming Tigerbrew code to Homebrew/brew is worth it despite the lower user base but I'm much less convinced for language modules and particularly non-Ruby modules. |
Absolutely nothing. Perl doesn't include this, OpenSSL is missing it, there's no CommonCrypto, and there are no other tools with support. Without this, there's no way to calculate sha256 checksums at all. |
With both this and #2683 I'm wondering if there's any way we can push any of this stuff into e.g. an external command that lives in Tigerbrew/homebrew-core. I'd really like to have Tigerbrew be able to run Homebrew/brew unpatched eventually but want to avoid large chunks of relatively complex, untested code that are Tigerbrew (or Linuxbrew) specific. |
My comment was stupid, I apologise 😄. Elaboration - I presumed at first glance this was a broader discussion about the need/desire to be able to calculate SHA256 hashes on older macOS platforms within Ruby, but the code obviously isn't doing that here & this is more exclusively limited to ensuring the vendored Ruby can be checksum-verified during installation, hence Dom's an idiot. |
7dcb74f
to
0bbcb51
Compare
Having just made a ridiculous discovery, I'm rethinking this. It turns out Ruby 1.8.2 does include sha2 - not via openssl, but via a vendored copy of Aaron Gifford's sha2 tool. The constant name is different, but otherwise the API is compatible. Fortunately, newer Rubies include the
I'm not sure there's an easy way to do that with curl, unfortunately. :/ Setting up curl happens so early in the process of bootstrapping Homebrew, it doesn't really feel like there's a nice way to bootstrap a curl without using the same mechanism that's already being used for Ruby. |
@@ -82,6 +82,9 @@ fetch() { | |||
elif [[ -x "$(which sha256sum)" ]] | |||
then | |||
sha="$(sha256sum "$CACHED_LOCATION" | cut -d' ' -f1)" | |||
elif [[ -x "$(which ruby)" ]] | |||
then | |||
sha="$(ruby -e "require 'digest/sha2'; digest = Digest::SHA256.new; File.open('$CACHED_LOCATION', 'rb') { |f| digest.update(f.read) }; puts digest.hexdigest")" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it worth using a heredoc here so this can live on multiple lines?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea, done! Idented the Ruby code in slightly past the ruby
line.
One suggestion but once green (I suspect after a rebase) I'm 👍 to ship. Nice work finding the SHA256 thing 👏 |
Digest::SHA2 wasn't exposed under that name in older versions of Ruby.
0bbcb51
to
b45b6c3
Compare
But still prefer shasum/sha256sum where present.
b45b6c3
to
587f338
Compare
require 'digest/sha2' | ||
digest = Digest::SHA256.new | ||
File.open('$CACHED_LOCATION', 'rb') { |f| digest.update(f.read) } | ||
puts digest.hexdigest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!
brew tests
with your changes locally?This adds a pure-Perl sha256 implementation, which is compatible with essentially any version of Perl released in the last 15 years. It's suitable for use on older versions of OS X, or Linuces which lack a
shasum
orsha256sum
; this makes it very useful for installing a vendored Ruby.This script was originally contributed to Tigerbrew by @geoff-codes.
cc @xu-cheng, @sjackman