moparisthebest/pacman
1
0
Fork 0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-15 13:55:09 -05:00
Code Issues Releases Wiki Activity

makepkg: check all integrity sums found in the PKGBUILD

Browse Source 
Currently we use the INTEGRITY_CHECK array from makepkg.conf to limit both
the integrity sums generated and checked. It doesn't make a whole lot of
sense to ignore integrity sums that are present in a PKGBUILD, so this patch
will enable checking any that are available, but will only print a warning
about missing sums for those types found in INTEGRITY_CHECK.

It also adds a slight optimization of checking for openssl- we only need to
check once now because we use the same program for all checks.

Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
Dan McGee 2008-08-23 10:19:17 -05:00
parent baf5852555
commit 496b687c3d
1 changed files with 18 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
scripts/makepkg.sh.in
View File

@ -463,6 +463,11 @@ generate_checksums() {
msg "$(gettext "Generating checksums for source files...")" msg "$(gettext "Generating checksums for source files...")"
plain "" plain ""
if [ ! $(type -p openssl) ]; then
error "$(gettext "Cannot find openssl.")"
exit 1 # $E_MISSING_PROGRAM
fi
local integ local integ
for integ in ${INTEGRITY_CHECK[@]}; do for integ in ${INTEGRITY_CHECK[@]}; do
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')" integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
@ -473,11 +478,6 @@ generate_checksums() {
exit 1;; # $E_CONFIG_ERROR exit 1;; # $E_CONFIG_ERROR
esac esac
if [ ! $(type -p openssl) ]; then
error "$(gettext "Cannot find openssl.")"
exit 1 # $E_MISSING_PROGRAM
fi
local ct=0 local ct=0
local numsrc=${#source[@]} local numsrc=${#source[@]}
echo -n "${integ}sums=(" echo -n "${integ}sums=("
@ -515,21 +515,13 @@ generate_checksums() {
} }
check_checksums() { check_checksums() {
local integ if [ ! $(type -p openssl) ]; then
for integ in ${INTEGRITY_CHECK[@]}; do error "$(gettext "Cannot find openssl.")"
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')" exit 1 # $E_MISSING_PROGRAM
case "$integ" in fi
md5|sha1|sha256|sha384|sha512) : ;;
*)
error "$(gettext "Invalid integrity algorithm '%s' specified")" "$integ"
exit 1;; # $E_CONFIG_ERROR
esac
if [ ! $(type -p openssl) ]; then
error "$(gettext "Cannot find openssl.")"
exit 1 # $E_MISSING_PROGRAM
fi
local integ required
for integ in md5 sha1 sha256 sha384 sha512; do
local integrity_sums=($(eval echo "\${${integ}sums[@]}")) local integrity_sums=($(eval echo "\${${integ}sums[@]}"))
if [ ${#integrity_sums[@]} -eq ${#source[@]} ]; then if [ ${#integrity_sums[@]} -eq ${#source[@]} ]; then
msg "$(gettext "Validating source files with %s...")" "${integ}sums" msg "$(gettext "Validating source files with %s...")" "${integ}sums"
@ -567,7 +559,13 @@ check_checksums() {
exit 1 # TODO: error code exit 1 # TODO: error code
fi fi
else else
warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ" for required in ${INTEGRITY_CHECK[@]}; do
required="$(echo $required | tr '[:upper:]' '[:lower:]')"
if [ "$integ" = "$required" ]; then
warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ"
break
fi
done
fi fi
done done
} }