[pacman-dev] [PATCH] makepkg: check all integrity sums found in the PKGBUILD

[Dan McGee]

Currently we use the INTEGRITY_CHECK array from makepkg.conf to limit both
the integrity sums generated and checked. It doesn't make a whole lot of
sense to ignore integrity sums that are present in a PKGBUILD, so this patch
will enable checking any that are available, but will only print a warning
about missing sums for those types found in INTEGRITY_CHECK.

It also adds a slight optimization of checking for openssl- we only need to
check once now because we use the same program for all checks.

Signed-off-by: Dan McGee <[EMAIL PROTECTED]>
---
 scripts/makepkg.sh.in |   38 ++++++++++++++++++--------------------
 1 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index d641cbb..f6136ba 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -463,6 +463,11 @@ generate_checksums() {
        msg "$(gettext "Generating checksums for source files...")"
        plain ""
 
+       if [ ! $(type -p openssl) ]; then
+               error "$(gettext "Cannot find openssl.")"
+               exit 1 # $E_MISSING_PROGRAM
+       fi
+
        local integ
        for integ in [EMAIL PROTECTED]; do
                integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
@@ -473,11 +478,6 @@ generate_checksums() {
                                exit 1;; # $E_CONFIG_ERROR
                esac
 
-               if [ ! $(type -p openssl) ]; then
-                       error "$(gettext "Cannot find openssl.")"
-                       exit 1 # $E_MISSING_PROGRAM
-               fi
-
                local ct=0
                local [EMAIL PROTECTED]
                echo -n "${integ}sums=("
@@ -515,21 +515,13 @@ generate_checksums() {
 }
 
 check_checksums() {
-       local integ
-       for integ in [EMAIL PROTECTED]; do
-               integ="$(echo $integ | tr '[:upper:]' '[:lower:]')"
-               case "$integ" in
-                       md5|sha1|sha256|sha384|sha512) : ;;
-                       *)
-                               error "$(gettext "Invalid integrity algorithm 
'%s' specified")" "$integ"
-                               exit 1;; # $E_CONFIG_ERROR
-               esac
-
-               if [ ! $(type -p openssl) ]; then
-                       error "$(gettext "Cannot find openssl.")"
-                       exit 1 # $E_MISSING_PROGRAM
-               fi
+       if [ ! $(type -p openssl) ]; then
+               error "$(gettext "Cannot find openssl.")"
+               exit 1 # $E_MISSING_PROGRAM
+       fi
 
+       local integ required
+       for integ in md5 sha1 sha256 sha384 sha512; do
                local integrity_sums=($(eval echo "[EMAIL PROTECTED]"))
                if [ [EMAIL PROTECTED] -eq [EMAIL PROTECTED] ]; then
                        msg "$(gettext "Validating source files with %s...")" 
"${integ}sums"
@@ -567,7 +559,13 @@ check_checksums() {
                                exit 1 # TODO: error code
                        fi
                else
-                       warning "$(gettext "Integrity checks (%s) are missing 
or incomplete.")" "$integ"
+                       for required in [EMAIL PROTECTED]; do
+                               required="$(echo $required | tr '[:upper:]' 
'[:lower:]')"
+                               if [ "$integ" = "$required" ]; then
+                                       warning "$(gettext "Integrity checks 
(%s) are missing or incomplete.")" "$integ"
+                                       break
+                               fi
+                       done
                fi
        done
 }
-- 
1.6.0

_______________________________________________
pacman-dev mailing list
pacman-dev@archlinux.org
http://archlinux.org/mailman/listinfo/pacman-dev