Removed the branch element from the script and forced use of SHA512 algorithm

2025-02-23 16:22:56 +00:00 · 2022-04-21 21:56:51 +01:00 · 2022-04-21 21:56:51 +01:00 · 050ddddbeb
commit 050ddddbeb
parent bb01e710ed
1 changed files with 81 additions and 148 deletions
--- a/127
+++ b/127
@ -8,24 +8,22 @@

 # Some variables, switch for new url
 lookaside_baseurl=$LOOKASIDE_BASEURL
+hash_parameter="sha512"

-if [ -z $LOOKASIDE_BASEURL ];then
+if [ -z $LOOKASIDE_BASEURL ]; then
 	lookaside_baseurl="https://git.centos.org"
 	echo "Base URL set to default: $lookaside_baseurl"
 fi

 function usage {

-  cat <<  EOF
+	cat <<EOF

 	You need to call the script like this : $0 -arguments
 	
 			-f : filename/source to upload (required, default:none)
-          -a : hash parameter (optional, default: none, example "b6804fa")
 			-n : package name for that source (requred, default:none, example "httpd")
-          -b : "branch" where to upload to (optional, default:none, example "c7-sig-core")
 			-h : display this help
-  As far as branch and hash parameters are optional, one of them need to be specified.

 	It is also possible to amend the default base url (currently set to https://git.centos.org):
 	LOOKASIDE_BASEURL=<urlOfYourChoice> ./lookaside_upload_sig ...
@ -33,7 +31,7 @@ EOF
 }

 function varcheck {
-  if [ -z "$1" ] ; then
+	if [ -z "$1" ]; then
 		usage
 		exit 1
 	fi
@ -44,26 +42,18 @@ function f_log {
 	echo "[+] CentOS Lookaside upload tool -> $*"
 }

-
-while getopts “hf:a:n:b:” OPTION
-do
+while getopts “hf:n:” OPTION; do
 	case $OPTION in
 	h)
 		usage
 		exit 1
 		;;
-         a)
-             hash=$OPTARG
-             ;;
 	f)
 		file=$OPTARG
 		;;
 	n)
 		pkgname=$OPTARG
 		;;
-         b)
-             branch=$OPTARG
-             ;;
 	?)
 		usage
 		exit
@ -71,48 +61,28 @@ do
 	esac
 done

-if [ -z "${hash}" ] && [ -z "${branch}" ] ;then
-  f_log "Neither -a hash or -b branch parameters were provided."
-  usage
-  exit 1
-fi
-
 varcheck $file
 varcheck $pkgname

-if [ ! -f ~/.centos.cert ] ;then
+if [ ! -f ~/.centos.cert ]; then
 	f_log "No mandatory TLS cert found (~/.centos.cert) .."
 	f_log "please use centos-cert to retrieve your ACO TLS cert"
 	exit 1
 fi

-if [ ! -f "${file}" ] ;then
+if [ ! -f "${file}" ]; then
 	f_log "Source to upload ${file} not found"
 	exit 2
 fi

-if [ -n "${hash}" ]; then
-  checksum="$(${hash}sum ${file}|awk '{print $1}')"
-else
-  checksum=$(sha1sum ${file}|awk '{print $1}')
-fi
+checksum="$(${hash_parameter}sum ${file} | awk '{print $1}')"

 f_log "Checking if file already uploaded"
 local_size=$(stat -c %s ${file})
+http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash_parameter}/${checksum})
+remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash_parameter}/${checksum} | grep "Content-Length" | cut -f 2 -d ':' | tr -d [:blank:] | tr -d '\r')

-# -z parameter optional #
-
-if [ -z "${branch}" ] ;then
-  f_log "Branch parameter not given"
-  http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum})
-  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
-else	
-  http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum})
-  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
-fi
-
-
-if [ "$http_code" -eq 200 ] && [ "$local_size" -eq "$remote_size" ] ; then
+if [ "$http_code" -eq 200 ] && [ "$local_size" -eq "$remote_size" ]; then
 	f_log "File already uploaded"
 	exit 3
 fi
@ -120,72 +90,35 @@ fi
 f_log "Initialing new upload to lookaside"
 f_log "URL : $lookaside_baseurl"
 f_log "Source to upload : ${file} "
-f_log "Hash parameter : ${hash}"
+f_log "Hash parameter : ${hash_parameter}"
 f_log "Package name: $pkgname"
 f_log "sha1sum: ${checksum}"
+f_log " ====== Trying to upload ======="
+echo ""

-# Ugly way of implementing conditional parameter
-
-if [ -z "${branch}" ] && [ !-z"${hash}" ]; then
-  f_log "Remote branch not specified" 
-  f_log " ====== Trying to upload ======="
-  echo ""
-  # Concatenating sha256
-  hash_cmd="$(${hash}sum ${file}|awk '{print $1}')"
-  curl ${lookaside_baseurl}/sources/upload_sig.cgi \
+# Concatenating sha512
+hash_cmd="$(${hash_parameter}sum ${file} | awk '{print $1}')"
+curl ${lookaside_baseurl}/sources/upload_sig.cgi \
 	--fail \
 	--cert ~/.centos.cert \
 	--form "name=${pkgname}" \
-    --form "hash=${hash}" \
-    --form "${hash}sum=${hash_cmd}" \
-    --form "file=@${file}" \
-    --progress-bar | tee /dev/null \
-
-  upload_result="${PIPESTATUS[0]}"
-
-  if [ "$upload_result" -ne "0" ] ;then
-    f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${checksum}"
-    f_log "[ERROR] Verify at the server side"
-    exit 1
-  fi
-
-  f_log "Validating that source was correctly uploaded ...."
-  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
-  if [ "$local_size" -eq "$remote_size" ] ; then
-    f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}"
-  else
-    f_log "[ERROR] it seems there is a mismatch with source size and remote file size"
-  fi
-elif [ -z "${hash}" ] && [ !-z"${branch}" ] ;then
-  f_log "Remote branch: ${branch}" 
-  f_log " ====== Trying to upload ======="
-  echo "" 
-
-  curl ${lookaside_baseurl}/sources/upload.cgi \
-    --fail \
-    --cert ~/.centos.cert \
-    --form "name=${pkgname}" \
-    --form "branch=${branch}" \
-    --form "sha1sum=${checksum}" \
+	--form "hash=${hash_parameter}" \
+	--form "${hash_parameter}sum=${hash_cmd}" \
 	--form "file=@${file}" \
 	--progress-bar | tee /dev/null

-  upload_result="${PIPESTATUS[0]}"
+upload_result="${PIPESTATUS[0]}"

-  if [ "$upload_result" -ne "0" ] ;then
-    f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"
+if [ "$upload_result" -ne "0" ]; then
+	f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${checksum}"
 	f_log "[ERROR] Verify at the server side"
 	exit 1
-  fi
-	 
-  f_log "Validating that source was correctly uploaded ...."
-  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
-  if [ "$local_size" -eq "$remote_size" ] ; then
-    f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"
-  else
-    f_log "[ERROR] it seems there is a mismatch with source size and remote file size"
-  fi
-else
-  f_log "[ERROR] Neither branch or hash parameters were specified"
-  exit 1
+fi
+
+f_log "Validating that source was correctly uploaded ...."
+remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum} | grep "Content-Length" | cut -f 2 -d ':' | tr -d [:blank:] | tr -d '\r')
+if [ "$local_size" -eq "$remote_size" ]; then
+	f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}"
+else
+	f_log "[ERROR] it seems there is a mismatch with source size and remote file size"
 fi