Resource#fetch: verify downloads by default.

This API is used internally correctly and externally mostly correctly but #6230 reveals the external usage is fairly confusing and a bit unsafe by default. Preserve the existing API while verifying the checksum by default and providing an opt-out. Using the existing, safe method will result in a double verification of the checksum which is harmless. A Homebrew/homebrew-core PR will follow shortly to address those cases. Fixes #6230
2019-06-15 17:22:45 +01:00 · 2019-06-15 17:22:45 +01:00 · 3cfb028e7f
commit 3cfb028e7f
parent 3ca10fb59c
5 changed files with 12 additions and 16 deletions
--- a/Library/Homebrew/cmd/fetch.rb
+++ b/Library/Homebrew/cmd/fetch.rb
@ -133,7 +133,7 @@ module Homebrew
    already_fetched = f.cached_download.exist?

    begin
-      download = f.fetch
+      download = f.fetch(verify_download_integrity: false)
    rescue DownloadError
      retry if retry_fetch? f
      raise
--- a/Library/Homebrew/dev-cmd/mirror.rb
+++ b/Library/Homebrew/dev-cmd/mirror.rb
@ -47,7 +47,6 @@ module Homebrew
      downloader = f.downloader

      downloader.fetch
-      f.verify_download_integrity(downloader.cached_location)

      filename = downloader.basename

--- a/Library/Homebrew/formula.rb
+++ b/Library/Homebrew/formula.rb
@ -1688,8 +1688,8 @@ class Formula
  end

  # @private
-  def fetch
-    active_spec.fetch
+  def fetch(verify_download_integrity: true)
+    active_spec.fetch(verify_download_integrity: verify_download_integrity)
  end

  # @private
@ -2057,10 +2057,7 @@ class Formula
    active_spec.add_legacy_patches(patches) if respond_to?(:patches)

    patchlist.grep(DATAPatch) { |p| p.path = path }
-
-    patchlist.each do |patch|
-      patch.verify_download_integrity(patch.fetch) if patch.external?
-    end
+    patchlist.select(&:external?).each(&:fetch)
  end

  # The methods below define the formula DSL.
--- a/Library/Homebrew/formula_installer.rb
+++ b/Library/Homebrew/formula_installer.rb
@ -948,8 +948,9 @@ class FormulaInstaller
      downloader = LocalBottleDownloadStrategy.new(bottle_path)
    else
      downloader = formula.bottle
-      downloader.verify_download_integrity(downloader.fetch)
+      downloader.fetch
    end
+
    HOMEBREW_CELLAR.cd do
      downloader.stage
    end
--- a/Library/Homebrew/resource.rb
+++ b/Library/Homebrew/resource.rb
@ -70,17 +70,14 @@ class Resource
  def stage(target = nil, &block)
    raise ArgumentError, "target directory or block is required" unless target || block

-    verify_download_integrity(fetch)
+    fetch
    prepare_patches
    unpack(target, &block)
  end

  def prepare_patches
    patches.grep(DATAPatch) { |p| p.path = owner.owner.path }
-
-    patches.each do |patch|
-      patch.verify_download_integrity(patch.fetch) if patch.external?
-    end
+    patches.select(&:external?).each(&:fetch)
  end

  def apply_patches
@ -114,7 +111,7 @@ class Resource
    Partial.new(self, files)
  end

-  def fetch
+  def fetch(verify_download_integrity: true)
    HOMEBREW_CACHE.mkpath

    begin
@ -123,7 +120,9 @@ class Resource
      raise DownloadError.new(self, e)
    end

-    cached_download
+    download = cached_download
+    verify_download_integrity(download) if verify_download_integrity
+    download
  end

  def verify_download_integrity(fn)