kiss: rewrite checksum verification

- fixes bug where mismatch would not occur.
- removes awk usage.
- removes pipe.
- removes subshell.
This commit is contained in:
Dylan Araps 2021-07-04 11:01:49 +00:00
parent aaed6fb8c3
commit 58e90fa779
No known key found for this signature in database
GPG Key ID: 13295DAC2CF13B5C

46
kiss
View File

@ -701,8 +701,10 @@ pkg_build() {
shift shift
done done
for pkg do pkg_sources "$pkg"; done for pkg do
pkg_verify "$@" pkg_sources "$pkg"
pkg_verify "$pkg"
done
# Finally build and create tarballs for all passed packages and # Finally build and create tarballs for all passed packages and
# dependencies. # dependencies.
@ -811,35 +813,31 @@ pkg_checksums() {
pkg_verify() { pkg_verify() {
# Verify all package checksums. This is achieved by generating a new set # Verify all package checksums. This is achieved by generating a new set
# of checksums and then comparing those with the old set. # of checksums and then comparing those with the old set.
verify_cmd="NR==FNR{a[\$1];next}/^SKIP$/{next}!((\$1)in a){exit 1}" log "$1" "Checking sources"
for pkg do pkg_find "$1"
pkg_find "$pkg"
[ -f "$repo_dir/sources" ] || continue [ -f "$repo_dir/sources" ] || return 0
verify_sum=$(pkg_checksums "$pkg") # Read the repository checksums into a list.
while read -r chk _ || [ "$chk" ]; do
set -- "$@" "$chk"
done < "$repo_dir/checksums"
[ "$verify_sum" ] || continue # Generate a new set of checksums to compare against.
[ -f "$repo_dir/checksums" ] || die "$pkg" "checksums file missing" pkg_checksums "$1" > "$mak_dir/v"
# Check that the first column (separated by whitespace) match in both # Check that the first column (separated by whitespace) match in both
# checksum files. If any part of either file differs, mismatch. Abort. # checksum files. If any part of either file differs, mismatch. Abort.
printf '%s\n' "$verify_sum" | while read -r new _; do shift
printf 'old %s\nnew %s\n' "${1:-missing}" "$new"
awk "$verify_cmd" - "$repo_dir/checksums" || { case $new-${1:-null} in
log "$pkg" "Checksum mismatch" "$1-$new"|"$new-SKIP") ;;
# Instead of dying above, log it to the terminal. Also define a *) die "${repo_dir##*/}" "Checksum mismatch"
# variable so we *can* die after all checksum files have been esac
# checked. done < "$mak_dir/v"
mismatch="$mismatch$pkg "
}
done
[ -z "$mismatch" ] || die "Checksum mismatch with: ${mismatch% }"
log "Verified all checksums"
} }
pkg_conflicts() { pkg_conflicts() {