mirror of
https://github.com/moparisthebest/pacman
synced 2024-12-23 00:08:50 -05:00
makepkg: check all integrity sums found in the PKGBUILD
Currently we use the INTEGRITY_CHECK array from makepkg.conf to limit both the integrity sums generated and checked. It doesn't make a whole lot of sense to ignore integrity sums that are present in a PKGBUILD, so this patch will enable checking any that are available, but will only print a warning about missing sums for those types found in INTEGRITY_CHECK. It also adds a slight optimization of checking for openssl- we only need to check once now because we use the same program for all checks. Signed-off-by: Dan McGee <dan@archlinux.org>
This commit is contained in:
parent
baf5852555
commit
496b687c3d
@ -463,6 +463,11 @@ generate_checksums() {
|
||||
msg "$(gettext "Generating checksums for source files...")"
|
||||
plain ""
|
||||
|
||||
if [ ! $(type -p openssl) ]; then
|
||||
error "$(gettext "Cannot find openssl.")"
|
||||
exit 1 # $E_MISSING_PROGRAM
|
||||
fi
|
||||
|
||||
local integ
|
||||
for integ in ${INTEGRITY_CHECK[@]}; do
|
||||
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
|
||||
@ -473,11 +478,6 @@ generate_checksums() {
|
||||
exit 1;; # $E_CONFIG_ERROR
|
||||
esac
|
||||
|
||||
if [ ! $(type -p openssl) ]; then
|
||||
error "$(gettext "Cannot find openssl.")"
|
||||
exit 1 # $E_MISSING_PROGRAM
|
||||
fi
|
||||
|
||||
local ct=0
|
||||
local numsrc=${#source[@]}
|
||||
echo -n "${integ}sums=("
|
||||
@ -515,21 +515,13 @@ generate_checksums() {
|
||||
}
|
||||
|
||||
check_checksums() {
|
||||
local integ
|
||||
for integ in ${INTEGRITY_CHECK[@]}; do
|
||||
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
|
||||
case "$integ" in
|
||||
md5|sha1|sha256|sha384|sha512) : ;;
|
||||
*)
|
||||
error "$(gettext "Invalid integrity algorithm '%s' specified")" "$integ"
|
||||
exit 1;; # $E_CONFIG_ERROR
|
||||
esac
|
||||
|
||||
if [ ! $(type -p openssl) ]; then
|
||||
error "$(gettext "Cannot find openssl.")"
|
||||
exit 1 # $E_MISSING_PROGRAM
|
||||
fi
|
||||
|
||||
local integ required
|
||||
for integ in md5 sha1 sha256 sha384 sha512; do
|
||||
local integrity_sums=($(eval echo "\${${integ}sums[@]}"))
|
||||
if [ ${#integrity_sums[@]} -eq ${#source[@]} ]; then
|
||||
msg "$(gettext "Validating source files with %s...")" "${integ}sums"
|
||||
@ -567,7 +559,13 @@ check_checksums() {
|
||||
exit 1 # TODO: error code
|
||||
fi
|
||||
else
|
||||
for required in ${INTEGRITY_CHECK[@]}; do
|
||||
required="$(echo $required | tr '[:upper:]' '[:lower:]')"
|
||||
if [ "$integ" = "$required" ]; then
|
||||
warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ"
|
||||
break
|
||||
fi
|
||||
done
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user