From b3038a0a41079130351e6c5d9ec19587a9a08a03 Mon Sep 17 00:00:00 2001 From: Alexey Neyman Date: Fri, 29 Sep 2017 17:05:22 -0700 Subject: Add digests for all packages Also fix test-packages: it was saving the output from CT_DoLog into the checksum file. Also use one file per version. Signed-off-by: Alexey Neyman --- scripts/functions | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) (limited to 'scripts') diff --git a/scripts/functions b/scripts/functions index 055fc74d..c3ef29e0 100644 --- a/scripts/functions +++ b/scripts/functions @@ -775,18 +775,29 @@ CT_DoVerifyDigest() local dir="${path%/*}" local pkgdir="$2" local alg="${CT_VERIFY_DOWNLOAD_DIGEST_ALG}" + local chksum a f c - if [ ! -r "${pkgdir}/${file}.${alg}" ]; then + if [ ! -r "${pkgdir}/chksum" ]; then CT_DoLog WARN "Not verifying '${file}': digest missing" - return + return 0 fi CT_DoLog EXTRA "Verifying ${alg^^} checksum for '${file}'" - CT_Pushd "${dir}" - if ! CT_DoExecLog ALL "${alg}sum" -c "${pkgdir}/${file}.${alg}"; then - CT_Popd - return 1 - fi - CT_Popd + chksum=`"${alg}sum" "${path}"` + chksum="${chksum%%[[:space:]]*}" + while read a f c; do + if [ "${a}" != "${alg}" -o "${f}" != "${file}" ]; then + continue + fi + if [ "${c}" = "${chksum}" ]; then + CT_DoLog DEBUG "Correct ${alg} digest for ${file}: ${chksum}" + return 0 + else + CT_DoLog ERROR "Bad ${alg} digest for ${file}: ${chksum}, expect ${c}" + return 1 + fi + done < "${pkgdir}/chksum" + CT_DoLog WARN "Downloaded file ${file} reference digest not available" + return 0 } # Decompress a file to stdout @@ -834,6 +845,7 @@ CT_DoVerifySignature() local sigfile local cat + CT_DoLog EXTRA "Verifying detached signature for '${file}'" case "${method}" in packed) # Typical case: release is packed, then signed -- cgit v1.2.3