diff options
author | Dan McGee <dan@archlinux.org> | 2008-08-23 17:19:17 +0200 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2008-08-23 17:19:17 +0200 |
commit | 496b687c3d4a56641051700e7c4e5e21b9c6607c (patch) | |
tree | 6f98908527e382279054b39618b98d7d3f317ee6 | |
parent | baf58525553db8f1e680de16793b147c88df59e2 (diff) | |
download | pacman-496b687c3d4a56641051700e7c4e5e21b9c6607c.tar.gz pacman-496b687c3d4a56641051700e7c4e5e21b9c6607c.tar.xz |
makepkg: check all integrity sums found in the PKGBUILD
Currently we use the INTEGRITY_CHECK array from makepkg.conf to limit both
the integrity sums generated and checked. It doesn't make a whole lot of
sense to ignore integrity sums that are present in a PKGBUILD, so this patch
will enable checking any that are available, but will only print a warning
about missing sums for those types found in INTEGRITY_CHECK.
It also adds a slight optimization of checking for openssl- we only need to
check once now because we use the same program for all checks.
Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r-- | scripts/makepkg.sh.in | 38 |
1 files changed, 18 insertions, 20 deletions
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index d641cbb6..f6136ba6 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -463,6 +463,11 @@ generate_checksums() { msg "$(gettext "Generating checksums for source files...")" plain "" + if [ ! $(type -p openssl) ]; then + error "$(gettext "Cannot find openssl.")" + exit 1 # $E_MISSING_PROGRAM + fi + local integ for integ in ${INTEGRITY_CHECK[@]}; do integ="$(echo $integ | tr '[:upper:]' '[:lower:]')" @@ -473,11 +478,6 @@ generate_checksums() { exit 1;; # $E_CONFIG_ERROR esac - if [ ! $(type -p openssl) ]; then - error "$(gettext "Cannot find openssl.")" - exit 1 # $E_MISSING_PROGRAM - fi - local ct=0 local numsrc=${#source[@]} echo -n "${integ}sums=(" @@ -515,21 +515,13 @@ generate_checksums() { } check_checksums() { - local integ - for integ in ${INTEGRITY_CHECK[@]}; do - integ="$(echo $integ | tr '[:upper:]' '[:lower:]')" - case "$integ" in - md5|sha1|sha256|sha384|sha512) : ;; - *) - error "$(gettext "Invalid integrity algorithm '%s' specified")" "$integ" - exit 1;; # $E_CONFIG_ERROR - esac - - if [ ! $(type -p openssl) ]; then - error "$(gettext "Cannot find openssl.")" - exit 1 # $E_MISSING_PROGRAM - fi + if [ ! $(type -p openssl) ]; then + error "$(gettext "Cannot find openssl.")" + exit 1 # $E_MISSING_PROGRAM + fi + local integ required + for integ in md5 sha1 sha256 sha384 sha512; do local integrity_sums=($(eval echo "\${${integ}sums[@]}")) if [ ${#integrity_sums[@]} -eq ${#source[@]} ]; then msg "$(gettext "Validating source files with %s...")" "${integ}sums" @@ -567,7 +559,13 @@ check_checksums() { exit 1 # TODO: error code fi else - warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ" + for required in ${INTEGRITY_CHECK[@]}; do + required="$(echo $required | tr '[:upper:]' '[:lower:]')" + if [ "$integ" = "$required" ]; then + warning "$(gettext "Integrity checks (%s) are missing or incomplete.")" "$integ" + break + fi + done fi done } |