added checksum

mod/updates/handler.go

@@ -40,7 +40,8 @@ type UpdateConfig struct {
 			I386  string `json:"i386"`
 		} `json:"freebsd"`
 	} `json:"binary"`
-	Webpack string `json:"webpack"`
+	Webpack  string `json:"webpack"`
+	Checusum string `json:"checusum"`
 }
 
 func HandleUpdateCheckSize(w http.ResponseWriter, r *http.Request) {
@@ -79,6 +80,11 @@ func HandleUpdateDownloadRequest(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	checksum, err := common.Mv(r, "checksum", true)
+	if err != nil {
+		checksum = ""
+	}
+
 	//Update the connection to websocket
 	requireWebsocket, _ := common.Mv(r, "ws", false)
 	if requireWebsocket == "true" {
@@ -96,7 +102,7 @@ func HandleUpdateDownloadRequest(w http.ResponseWriter, r *http.Request) {
 			Progress   float64
 			StatusText string
 		}
-		err = DownloadUpdatesFromURL(binary, webpack, func(stage int, progress float64, statusText string) {
+		err = DownloadUpdatesFromURL(binary, webpack, checksum, func(stage int, progress float64, statusText string) {
 			thisProgress := Progress{
 				Stage:      stage,
 				Progress:   progress,
@@ -119,7 +125,7 @@ func HandleUpdateDownloadRequest(w http.ResponseWriter, r *http.Request) {
 
 	} else {
 		//Just download and return ok after finish
-		err = DownloadUpdatesFromURL(binary, webpack, func(stage int, progress float64, statusText string) {
+		err = DownloadUpdatesFromURL(binary, webpack, checksum, func(stage int, progress float64, statusText string) {
 			fmt.Println("Downloading Update, Stage: ", stage, " Progress: ", progress, " Status: ", statusText)
 		})
 		if err != nil {

mod/updates/internal.go

@@ -3,12 +3,14 @@ package updates
 import (
 	"archive/tar"
 	"compress/gzip"
+	"crypto/sha1"
 	"errors"
 	"io"
 	"net/http"
 	"os"
 	"path/filepath"
 	"strconv"
+	"strings"
 )
 
 func getFileSize(filename string) int64 {
@@ -101,3 +103,28 @@ func extractTarGz(gzipStream io.Reader, unzipPath string, progressUpdateFunction
 	}
 	return nil
 }
+
+func getSHA1Hash(filename string) (string, error) {
+	f, err := os.Open(filename)
+	if err != nil {
+		return "", err
+	}
+	defer f.Close()
+
+	h := sha1.New()
+	if _, err := io.Copy(h, f); err != nil {
+		return "", err
+	}
+	return string(h.Sum(nil)), nil
+}
+
+func readCheckSumFile(fileContent string, filename string, checksum string) bool {
+	checkSumFromFile := strings.Split(fileContent, "\r\n")
+	for _, line := range checkSumFromFile {
+		checkSumLine := strings.Split(line, " *")
+		if checkSumLine[1] == filename {
+			return checkSumLine[0] == checksum
+		}
+	}
+	return false
+}

mod/updates/updates.go

@@ -10,7 +10,7 @@ import (
 )
 
 //Download updates from given URL, return real time progress of stage (int),  progress (int) and status text (string)
-func DownloadUpdatesFromURL(binaryURL string, webpackURL string, progressUpdateFunction func(int, float64, string)) error {
+func DownloadUpdatesFromURL(binaryURL string, webpackURL string, checksumURL string, progressUpdateFunction func(int, float64, string)) error {
 	//Create the update download folder
 	os.RemoveAll("./updates")
 	os.MkdirAll("./updates", 0755)
@@ -24,6 +24,7 @@ func DownloadUpdatesFromURL(binaryURL string, webpackURL string, progressUpdateF
 	//Generate the download position
 	binaryDownloadTarget := "./updates/" + filepath.Base(binaryURL)
 	webpackDownloadTarget := "./updates/" + filepath.Base(webpackURL)
+	checksumDownloadTarget := "./updates/" + filepath.Base(checksumURL)
 
 	//Check if the webpack is .tar.gz
 	if filepath.Ext(webpackDownloadTarget) != ".gz" {
@@ -86,7 +87,46 @@ func DownloadUpdatesFromURL(binaryURL string, webpackURL string, progressUpdateF
 	}
 	webpackDownloadComplete = 1
 
-	//Download completed. Try unzip webpack
+	//Download completed.
+	//check checksum if exists
+	//just a small file, dont need progress bar
+	if checksumURL != "" {
+		err = downloadFile(checksumURL, checksumDownloadTarget)
+		if err != nil {
+			errorMessage = err.Error()
+			return err
+		}
+		checksumFileContent, err := os.ReadFile(checksumDownloadTarget)
+		if err != nil {
+			errorMessage = err.Error()
+			return err
+		}
+		binaryHash, err := getSHA1Hash(binaryDownloadTarget)
+		if err != nil {
+			errorMessage = err.Error()
+			return err
+		}
+		webpackHash, err := getSHA1Hash(webpackDownloadTarget)
+		if err != nil {
+			errorMessage = err.Error()
+			return err
+		}
+		binaryBool := readCheckSumFile(string(checksumFileContent), filepath.Base(binaryURL), binaryHash)
+		webPackBool := readCheckSumFile(string(checksumFileContent), filepath.Base(webpackURL), webpackHash)
+		os.Remove(checksumDownloadTarget)
+		if !binaryBool {
+			progressUpdateFunction(1, 100, "Binary checksum mismatch")
+			errorMessage = err.Error()
+			return err
+		}
+		if !webPackBool {
+			progressUpdateFunction(1, 100, "Web pack checksum mismatch")
+			errorMessage = err.Error()
+			return err
+		}
+	}
+
+	//Try unzip webpack
 	gzipstrean, err := os.Open(webpackDownloadTarget)
 	if err != nil {
 		return err

system/update.json

@@ -1,29 +1,30 @@
 {
-	"Vendor":"ArozOS Github",
-	"binary":{
-		"windows": {
-			"amd64":"https://github.com/tobychui/arozos/releases/latest/download/arozos_windows_amd64.exe",
-			"arm":"",
-			"arm64":"",
-			"i386":""
-		},
-		"linux":{
-			"arm":"https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_arm",
-			"armv7":"https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_armv7",
-			"arm64":"https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_arm64",
-			"amd64":"https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_amd64",
-			"mipsle":""
-		},
-		"darwin":{
-			"amd64":"https://github.com/tobychui/arozos/releases/latest/download/arozos_darwin_amd64",
-			"arm64":""
-		},
-		"freebsd":{
-			"amd64":"",
-			"arm":"",
-			"arm64":"",
-			"i386":""
-		}
-	},
-	"webpack":"https://github.com/tobychui/arozos/releases/latest/download/web.tar.gz"
+    "Vendor": "ArozOS Github",
+    "binary": {
+        "windows": {
+            "amd64": "https://github.com/tobychui/arozos/releases/latest/download/arozos_windows_amd64.exe",
+            "arm": "",
+            "arm64": "",
+            "i386": ""
+        },
+        "linux": {
+            "arm": "https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_arm",
+            "armv7": "https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_armv7",
+            "arm64": "https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_arm64",
+            "amd64": "https://github.com/tobychui/arozos/releases/latest/download/arozos_linux_amd64",
+            "mipsle": ""
+        },
+        "darwin": {
+            "amd64": "https://github.com/tobychui/arozos/releases/latest/download/arozos_darwin_amd64",
+            "arm64": ""
+        },
+        "freebsd": {
+            "amd64": "",
+            "arm": "",
+            "arm64": "",
+            "i386": ""
+        }
+    },
+    "webpack": "https://github.com/tobychui/arozos/releases/latest/download/web.tar.gz",
+    "checksum": ""
 }