summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2008-08-23 17:19:17 +0200
committerDan McGee <dan@archlinux.org>2008-08-23 17:19:17 +0200
commit496b687c3d4a56641051700e7c4e5e21b9c6607c (patch)
tree6f98908527e382279054b39618b98d7d3f317ee6
parentbaf58525553db8f1e680de16793b147c88df59e2 (diff)
downloadpacman-496b687c3d4a56641051700e7c4e5e21b9c6607c.tar.gz
pacman-496b687c3d4a56641051700e7c4e5e21b9c6607c.tar.xz
makepkg: check all integrity sums found in the PKGBUILD
Currently we use the INTEGRITY_CHECK array from makepkg.conf to limit both the integrity sums generated and checked. It doesn't make a whole lot of sense to ignore integrity sums that are present in a PKGBUILD, so this patch will enable checking any that are available, but will only print a warning about missing sums for those types found in INTEGRITY_CHECK. It also adds a slight optimization of checking for openssl- we only need to check once now because we use the same program for all checks. Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--scripts/makepkg.sh.in38
1 files changed, 18 insertions, 20 deletions
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index d641cbb6..f6136ba6 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -463,6 +463,11 @@ generate_checksums() {
msg "$(gettext "Generating checksums for source files...")"
plain ""
+ if [ ! $(type -p openssl) ]; then
+ error "$(gettext "Cannot find openssl.")"
+ exit 1 # $E_MISSING_PROGRAM
+ fi
+
local integ
for integ in ${INTEGRITY_CHECK[@]}; do
integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
@@ -473,11 +478,6 @@ generate_checksums() {
exit 1;; # $E_CONFIG_ERROR
esac
- if [ ! $(type -p openssl) ]; then
- error "$(gettext "Cannot find openssl.")"
- exit 1 # $E_MISSING_PROGRAM
- fi
-
local ct=0
local numsrc=${#source[@]}
echo -n "${integ}sums=("
@@ -515,21 +515,13 @@ generate_checksums() {
}
check_checksums() {
- local integ
- for integ in ${INTEGRITY_CHECK[@]}; do
- integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
- case "$integ" in
- md5|sha1|sha256|sha384|sha512) : ;;
- *)
- error "$(gettext "Invalid integrity algorithm '%s' specified")" "$integ"
- exit 1;; # $E_CONFIG_ERROR
- esac
-
- if [ ! $(type -p openssl) ]; then
- error "$(gettext "Cannot find openssl.")"
- exit 1 # $E_MISSING_PROGRAM
- fi
+ if [ ! $(type -p openssl) ]; then
+ error "$(gettext "Cannot find openssl.")"
+ exit 1 # $E_MISSING_PROGRAM
+ fi
+ local integ required
+ for integ in md5 sha1 sha256 sha384 sha512; do
local integrity_sums=($(eval echo "\${${integ}sums[@]}"))
if [ ${#integrity_sums[@]} -eq ${#source[@]} ]; then
msg "$(gettext "Validating source files with %s...")" "${integ}sums"
@@ -567,7 +559,13 @@ check_checksums() {
exit 1 # TODO: error code
fi
else
- warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ"
+ for required in ${INTEGRITY_CHECK[@]}; do
+ required="$(echo $required | tr '[:upper:]' '[:lower:]')"
+ if [ "$integ" = "$required" ]; then
+ warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ"
+ break
+ fi
+ done
fi
done
}