mirror of
https://github.com/moparisthebest/pacman
synced 2024-11-15 13:55:09 -05:00
makepkg: check all integrity sums found in the PKGBUILD
Currently we use the INTEGRITY_CHECK array from makepkg.conf to limit both the integrity sums generated and checked. It doesn't make a whole lot of sense to ignore integrity sums that are present in a PKGBUILD, so this patch will enable checking any that are available, but will only print a warning about missing sums for those types found in INTEGRITY_CHECK. It also adds a slight optimization of checking for openssl- we only need to check once now because we use the same program for all checks. Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
parent
baf5852555
commit
496b687c3d
@ -463,6 +463,11 @@ generate_checksums() {
|
|||||||
msg "$(gettext "Generating checksums for source files...")"
|
msg "$(gettext "Generating checksums for source files...")"
|
||||||
plain ""
|
plain ""
|
||||||
|
|
||||||
|
if [ ! $(type -p openssl) ]; then
|
||||||
|
error "$(gettext "Cannot find openssl.")"
|
||||||
|
exit 1 # $E_MISSING_PROGRAM
|
||||||
|
fi
|
||||||
|
|
||||||
local integ
|
local integ
|
||||||
for integ in ${INTEGRITY_CHECK[@]}; do
|
for integ in ${INTEGRITY_CHECK[@]}; do
|
||||||
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
|
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
|
||||||
@ -473,11 +478,6 @@ generate_checksums() {
|
|||||||
exit 1;; # $E_CONFIG_ERROR
|
exit 1;; # $E_CONFIG_ERROR
|
||||||
esac
|
esac
|
||||||
|
|
||||||
if [ ! $(type -p openssl) ]; then
|
|
||||||
error "$(gettext "Cannot find openssl.")"
|
|
||||||
exit 1 # $E_MISSING_PROGRAM
|
|
||||||
fi
|
|
||||||
|
|
||||||
local ct=0
|
local ct=0
|
||||||
local numsrc=${#source[@]}
|
local numsrc=${#source[@]}
|
||||||
echo -n "${integ}sums=("
|
echo -n "${integ}sums=("
|
||||||
@ -515,21 +515,13 @@ generate_checksums() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
check_checksums() {
|
check_checksums() {
|
||||||
local integ
|
|
||||||
for integ in ${INTEGRITY_CHECK[@]}; do
|
|
||||||
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
|
|
||||||
case "$integ" in
|
|
||||||
md5|sha1|sha256|sha384|sha512) : ;;
|
|
||||||
*)
|
|
||||||
error "$(gettext "Invalid integrity algorithm '%s' specified")" "$integ"
|
|
||||||
exit 1;; # $E_CONFIG_ERROR
|
|
||||||
esac
|
|
||||||
|
|
||||||
if [ ! $(type -p openssl) ]; then
|
if [ ! $(type -p openssl) ]; then
|
||||||
error "$(gettext "Cannot find openssl.")"
|
error "$(gettext "Cannot find openssl.")"
|
||||||
exit 1 # $E_MISSING_PROGRAM
|
exit 1 # $E_MISSING_PROGRAM
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
local integ required
|
||||||
|
for integ in md5 sha1 sha256 sha384 sha512; do
|
||||||
local integrity_sums=($(eval echo "\${${integ}sums[@]}"))
|
local integrity_sums=($(eval echo "\${${integ}sums[@]}"))
|
||||||
if [ ${#integrity_sums[@]} -eq ${#source[@]} ]; then
|
if [ ${#integrity_sums[@]} -eq ${#source[@]} ]; then
|
||||||
msg "$(gettext "Validating source files with %s...")" "${integ}sums"
|
msg "$(gettext "Validating source files with %s...")" "${integ}sums"
|
||||||
@ -567,7 +559,13 @@ check_checksums() {
|
|||||||
exit 1 # TODO: error code
|
exit 1 # TODO: error code
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
|
for required in ${INTEGRITY_CHECK[@]}; do
|
||||||
|
required="$(echo $required | tr '[:upper:]' '[:lower:]')"
|
||||||
|
if [ "$integ" = "$required" ]; then
|
||||||
warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ"
|
warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ"
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user