centos/centos-git-common
1
0
Fork 0
mirror of https://git.centos.org/centos-git-common.git synced 2025-02-24 00:32:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow get_sources.sh hash verification to work with hashes other than sha1

Browse source
This commit is contained in:
Tyler Parsons 2014-06-27 13:06:10 -05:00 committed by Johnny Hughes
parent 64562123ea
commit d96c00fa0f
1 changed files with 40 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
get_sources.sh
View file

@ -7,6 +7,7 @@
# Updates: # Updates:
# Mike McLean <mikem@redhat.com> # Mike McLean <mikem@redhat.com>
# Pat Riehecky <riehecky@fnal.gov> # Pat Riehecky <riehecky@fnal.gov>
# Tyler Parsons <tparsons@fnal.gov>
##################################################################### #####################################################################
@ -112,13 +113,28 @@ if [[ $? -ne 0 ]]; then
exit 1 exit 1
fi fi
if [[ ${CHECK} -eq 1 ]]; then # should go into a function section at some point
which sha1sum >/dev/null 2>&1 weakHashDetection () {
if [[ $? -ne 0 ]]; then strHash=${1};
echo 'You need sha1sum in PATH' >&2 case $((`echo ${strHash}|wc -m` - 1 )) in
exit 1 128)
fi hashBin='sha512sum'
fi ;;
64)
hashBin='sha256sum'
;;
40)
hashBin='sha1sum'
;;
32)
hashBin='md5sum'
;;
*)
hashBin='unknown'
;;
esac
echo ${hashBin};
}
# check metadata file and extract package name # check metadata file and extract package name
shopt -s nullglob shopt -s nullglob
@ -171,6 +187,19 @@ while read -r fsha fname ; do
# zero byte file # zero byte file
touch ${fname} touch ${fname}
else else
if [ ${CHECK} -eq 1 ]; then
hashType=$(weakHashDetection ${fsha})
if [ "${hashType}" == "unknown" ]; then
echo 'Failure: Hash type unknown.' >&2
exit 1;
else
which ${hashType} >/dev/null 2>&1
if [[ $? -ne 0 ]]; then
echo "Failure: You need ${hashType} in PATH." >&2
exit 1;
fi
fi
fi
if [ ! -e "${fname}" ]; then if [ ! -e "${fname}" ]; then
for br in "${branches[@]}" for br in "${branches[@]}"
do do
@ -181,10 +210,11 @@ while read -r fsha fname ; do
echo "${fname} exists. skipping" echo "${fname} exists. skipping"
fi fi
if [ ${CHECK} -eq 1 ]; then if [ ${CHECK} -eq 1 ]; then
downsum=$(sha1sum ${fname} | awk '{print $1}') downsum=$(${hashType} ${fname} | awk '{print $1}')
if [ ${fsha} != ${downsum} ]; then if [ "${fsha}" != "${downsum}" ]; then
rm -f ${fname} rm -f ${fname}
echo "failed to download ${fname}" >&2 echo "Failure: ${fname} hash does not match hash from the .metadata file" >&2
exit 1;
fi fi
fi fi
fi fi