- hashSize = sha512.Size
- case HashAlgoBLAKE2b256:
- hasherNew = blake2b256New
- hashSize = blake2b.Size256
- default:
- log.Println(
- "error", r.RemoteAddr, "pypi",
- filename, "unknown digest", hashAlgo,
- )
- http.Error(w, "unknown digest algorithm", http.StatusBadGateway)
- return false
- }
- if len(digest) != hashSize {
- log.Println(
- "error", r.RemoteAddr, "pypi",
- filename, "invalid digest length")
- http.Error(w, "invalid digest length", http.StatusBadGateway)
- return false
+ hashAlgo = HashAlgoSHA512
+ digest = d
+ } else {
+ if pkgURL.Fragment == "" {
+ log.Println(r.RemoteAddr, "pypi", filename, "no digest")
+ http.Error(w, "no digest provided", http.StatusBadGateway)
+ return false
+ }
+ digestInfo := strings.Split(pkgURL.Fragment, "=")
+ if len(digestInfo) == 1 {
+ // Ancient non PEP-0503 PyPIs, assume MD5
+ digestInfo = []string{"md5", digestInfo[0]}
+ } else if len(digestInfo) != 2 {
+ log.Println("error", r.RemoteAddr, "pypi", filename, "invalid digest")
+ http.Error(w, "invalid digest provided", http.StatusBadGateway)
+ return false
+ }
+ var err error
+ digest, err = hex.DecodeString(digestInfo[1])
+ if err != nil {
+ log.Println("error", r.RemoteAddr, "pypi", filename, "invalid digest")
+ http.Error(w, err.Error(), http.StatusBadGateway)
+ return false
+ }
+ hashAlgo = digestInfo[0]
+ var hashSize int
+ switch hashAlgo {
+ case HashAlgoBLAKE2b256:
+ hasherNew = blake2b256New
+ hashSize = blake2b.Size256
+ case HashAlgoSHA256:
+ hasherNew = sha256.New
+ hashSize = sha256.Size
+ case HashAlgoSHA512:
+ hasherNew = sha512.New
+ hashSize = sha512.Size
+ case HashAlgoMD5:
+ hasherNew = md5.New
+ hashSize = md5.Size
+ default:
+ log.Println(
+ "error", r.RemoteAddr, "pypi",
+ filename, "unknown digest", hashAlgo,
+ )
+ http.Error(w, "unknown digest algorithm", http.StatusBadGateway)
+ return false
+ }
+ if len(digest) != hashSize {
+ log.Println(
+ "error", r.RemoteAddr, "pypi",
+ filename, "invalid digest length")
+ http.Error(w, "invalid digest length", http.StatusBadGateway)
+ return false
+ }