🌍
English
Announcement
- [2024-04-17] Piwigo 14.4.0
- [2024-04-01] Piwigo in Hobbit runes
- [2024-03-01] Piwigo 14.3.0
- [2024-01-30] Piwigo 14.2.0
- [2023-12-29] Piwigo 14.1.0
Pages: 1
- » Extensions
- » [resolved] check_files_integrity: checksum inconsistency when updated a plugin
#1 2021-11-05 11:47:47
- alb
- Member
- 2021-01-25
- 18
[resolved] check_files_integrity: checksum inconsistency when updated a plugin
Hello/Hi/Greetings,
I am running piwigo-11.5 on my site. I updated the AdminTools plugin from version 11.5.0 to version 11.5.0.1 using the update facility in the piwigo application. Then the check_files_integrity plugin complains in red:
plugins/AdminTools/main.inc.php has been modified
The diff looks quite reasonable and doesn't make me suspicious of tampering with files:
Code:
$ diff [webapp-root]/plugins/AdminTools/main.inc.php [backup]/plugins/AdminTools/main.inc.php
4c4
< Version: 11.5.0.1
---
> Version: 11.5.0
9d8
< Has Settings: webmaster
43a43
> add_event_handler('get_admin_plugin_menu_links', 'admintools_admin_link');
52a53,62
> }
>
> function admintools_admin_link($menu)
> {
> $menu[] = array(
> 'NAME' => 'Admin Tools',
> 'URL' => ADMINTOOLS_ADMIN,
> );
>
> return $menu;The file plugins/check_files_integrity/data/piwigo-11.5.0-sums.txt has rw permissions for php interpreter and lists sha1 digest of the old file:
Code:
$ grep -F AdminTools/main.inc.php plugins/check_files_integrity/data/piwigo-11.5.0-sums.txt d99b7d467a8a252e409bc2a1eb24d3a047009c14 plugins/AdminTools/main.inc.php
I haven't researched about the mechanism which updates the checksums. But I see that the checksum has not updated and this may indicate a bug somewhere. Of course, I can recalculate any checksum manually but what is the right course of action when performing the updates and later on when checksums are found inconsistent?
Piwigo 11.5.0 Check for upgrade
Operating system: Linux
PHP: 7.4.25 (Show info) [2021-11-05 10:44:28]
MySQL: 5.5.5-10.5.10-MariaDB-log [2021-11-05 13:44:28]
Graphics Library: External ImageMagick 7.1.0-5
Piwigo URL: https://unseen.photo
Offline
#2 2021-11-05 13:59:00
- plg
- Piwigo Team
- Nantes, France, Europe
- 2002-04-05
- 13791
Re: [resolved] check_files_integrity: checksum inconsistency when updated a plugin
That's because the plugins embedded with Piwigo downloadable bundle are listed in the Check Files Integrity checksums. When we updated the plugin AdminTools we didn't update the Piwigo 11.5.0 bundle, thus the checksums in Check Files Integrity. So that's all normal.
By the way, I just pushed a new version of [extension by plg] Check Files Integrity with checksums for Piwigo 12.0.0 :-)
Offline
#3 2021-11-05 18:47:03
- alb
- Member
- 2021-01-25
- 18
Re: [resolved] check_files_integrity: checksum inconsistency when updated a plugin
Hi Pierrick!
Thank you for the explanation (and for the excellent software)!
I assumed that the checksum are somehow recalculated in the update process, even if the updated part was originally part of the bundle.
Regarding the 12.0, as soon as you published the news item about the release, I briefly looked through the code (noticed that you now bundle the most recent (6.5.1) PHPMailer instead of the seemingly vulnerable version 5.2.21 in 11.5.0, in particular). Unfortunately, I found that all plugins I use are considered incompatible with 12.0 (and some are actually broken, OpenSteetMap, in particular). So I would rather wait in the hope that extensions' authors will update their work for 12.0.
Offline
Pages: 1
- » Extensions
- » [resolved] check_files_integrity: checksum inconsistency when updated a plugin