Date: 2005-07-20 Initial Package Version: 2.9.6 Origin: Miklos Vajna Description: Adds support for sha1 hash arrays to makepkg. doc/makepkg.8.in | 14 ++++++++++ scripts/makepkg | 75 +++++++++++++++++++++++++++++++++++++++++++++++++------ 2 files changed, 81 insertions(+), 8 deletions(-) diff -Naur pacman-2.9.6.orig/doc/makepkg.8.in pacman-2.9.6/doc/makepkg.8.in --- pacman-2.9.6.orig/doc/makepkg.8.in 2004-08-04 07:57:17.000000000 +0200 +++ pacman-2.9.6/doc/makepkg.8.in 2005-08-19 00:00:00.000000000 +0200 @@ -275,6 +275,15 @@ \fImd5sums\fP line from the bottom to an appropriate location. .TP +.B sha1sums \fI(array)\fP +If this field is present, it should contain an SHA1 hash for every source file +specified in the \fIsource\fP array (in the same order). makepkg will use +this to verify source file integrity during subsequent builds. To easily +generate sha1sums, first build using the FrugalBuild then run +\fBmakepkg -g >>FrugalBuild\fP. Then you can edit the FrugalBuild and move the +\fIsha1sums\fP line from the bottom to an appropriate location. + +.TP .B groups \fI(array)\fP This is an array of symbolic names that represent groups of packages, allowing you to install multiple packages by requesting a single target. For example, @@ -347,10 +356,15 @@ file already exists in the build directory. You can override this behaviour with the \fB--force\fP switch. .TP -.B "\-g, \-\-genmd5" +.B "\-g, \-\-gensha1" +Download all source files (if required) and use \fIsha1sum\fP to generate sha1 hashes +for each of them. You can then redirect the output into your FrugalBuild for source +validation (makepkg -g >>FrugalBuild). +.TP +.B "\-G, \-\-genmd5" Download all source files (if required) and use \fImd5sum\fP to generate md5 hashes for each of them. You can then redirect the output into your PKGBUILD for source -validation (makepkg -g >>PKGBUILD). +validation (makepkg -G >>PKGBUILD). .TP .B "\-h, \-\-help" Output syntax and commandline options. diff -Naur pacman-2.9.6.orig/scripts/makepkg pacman-2.9.6/scripts/makepkg --- pacman-2.9.6.orig/scripts/makepkg 2005-08-02 21:07:13.000000000 +0200 +++ pacman-2.9.6/scripts/makepkg 2005-08-02 21:09:01.000000000 +0200 @@ -194,7 +194,8 @@ echo " -d, --nodeps Skip all dependency checks" echo " -e, --noextract Do not extract source files (use existing src/ dir)" echo " -f, --force Overwrite existing package" - echo " -g, --genmd5 Generate MD5sums for source files" + echo " -g, --gensha1 Generate SHA1sums for source files" + echo " -G, --genmd5 Generate MD5sums for source files" echo " -h, --help This help" echo " -i, --install Install package after successful build" echo " -j Set MAKEFLAGS to \"-j\" before building" @@ -221,6 +222,7 @@ CLEANUP=0 CLEANCACHE=0 INSTALL=0 +GENSHA1=0 GENMD5=0 DEP_BIN=0 DEP_SRC=0 @@ -252,6 +254,7 @@ --nostrip) NOSTRIP=1 ;; --nobuild) NOBUILD=1 ;; --nocolor) USE_COLOR="n" ;; + --gensha1) GENSHA1=1 ;; --genmd5) GENMD5=1 ;; --rmdeps) RMDEPS=1 ;; --noup2date) NOUP2DATE=1 ;; @@ -265,7 +268,7 @@ exit 1 ;; -*) - while getopts "cCsbdehifgj:mnorp:w:-" opt; do + while getopts "cCsbdehifgGj:mnorp:w:-" opt; do case $opt in a) SEARCHDEPS=1 ;; c) CLEANUP=1 ;; @@ -274,7 +277,8 @@ d) NODEPS=1 ;; e) NOEXTRACT=1 ;; f) FORCE=1 ;; - g) GENMD5=1 ;; + g) GENSHA1=1 ;; + G) GENMD5=1 ;; h) usage exit 0 @@ -405,7 +409,7 @@ exit 1 fi -if [ -f $PKGDEST/${pkgname}-${pkgver}-${pkgrel}.pkg.tar.gz -a "$FORCE" = "0" -a "$GENMD5" = "0" ]; then +if [ -f $PKGDEST/${pkgname}-${pkgver}-${pkgrel}.pkg.tar.gz -a "$FORCE" = "0" -a "$GENMD5" = "0" -a "$GENSHA1" = "0" ]; then if [ "$INSTALL" = "1" ]; then warning "a package has already been built, installing existing package." pacman --upgrade $PKGDEST/${pkgname}-${pkgver}-${pkgrel}.pkg.tar.gz @@ -524,38 +528,66 @@ fi done -if [ "$GENMD5" = "0" ]; then +if [ "$GENMD5" = "0" -a "$GENSHA1" = "0" ]; then if [ "$NOEXTRACT" = "1" ]; then warning "Skipping source extraction -- using existing src/ tree" warning "Skipping source integrity checks -- using existing src/ tree" else + # SHA1 validation + if [ ${#sha1sums[@]} -eq ${#source[@]} ]; then + if [ `type -p sha1sum` ]; then + msg "Validating source files with SHA1sums" + errors=0 + idx=0 + for netfile in ${source[@]}; do + file=`strip_url $netfile` + echo -n " $file ... " >&2 + echo "${sha1sums[$idx]} $file" | sha1sum -c - >/dev/null 2>&1 + if [ $? -ne 0 ]; then + echo "FAILED" >&2 + errors=1 + else + echo "Passed" >&2 + fi + idx=$(($idx+1)) + done + if [ $errors -gt 0 ]; then + error "One or more files did not pass the validity check!" + exit 1 + fi + else + warning "The sha1sum program is missing. Cannot verify source files!" + sleep 1 + fi # MD5 validation - if [ ${#md5sums[@]} -ne ${#source[@]} ]; then - warning "MD5sums are missing or incomplete. Cannot verify source integrity." - #sleep 1 - elif [ `type -p md5sum` ]; then - msg "Validating source files with MD5sums" - errors=0 - idx=0 - for netfile in ${source[@]}; do - file=`strip_url $netfile` - echo -n " $file ... " >&2 - echo "${md5sums[$idx]} $file" | md5sum -c - >/dev/null 2>&1 - if [ $? -ne 0 ]; then - echo "FAILED" >&2 - errors=1 - else - echo "Passed" >&2 - fi - idx=$(($idx+1)) - done - if [ $errors -gt 0 ]; then - error "One or more files did not pass the validity check!" - exit 1 + elif [ ${#md5sums[@]} -eq ${#source[@]} ]; then + if [ `type -p md5sum` ]; then + msg "Validating source files with MD5sums" + errors=0 + idx=0 + for netfile in ${source[@]}; do + file=`strip_url $netfile` + echo -n " $file ... " >&2 + echo "${md5sums[$idx]} $file" | md5sum -c - >/dev/null 2>&1 + if [ $? -ne 0 ]; then + echo "FAILED" >&2 + errors=1 + else + echo "Passed" >&2 + fi + idx=$(($idx+1)) + done + if [ $errors -gt 0 ]; then + error "One or more files did not pass the validity check!" + exit 1 + fi + else + warning "The md5sum program is missing. Cannot verify source files!" + sleep 1 fi + else - warning "The md5sum program is missing. Cannot verify source files!" - sleep 1 + warning "MD5sums and SHA1sums are missing or incomplete. Cannot verify source integrity." fi # extract sources msg "Extracting Sources..." @@ -594,6 +626,7 @@ fi else # generate md5 hashes + if [ "$GENMD5" = "1" ]; then if [ ! `type -p md5sum` ]; then error "Cannot find the md5sum program." exit 1 @@ -629,6 +662,37 @@ done plain "" exit 0 + # generate sha1 hashes + elif [ "$GENSHA1" = "1" ]; then + if [ ! `type -p sha1sum` ]; then + error "Cannot find the sha1sum program." + exit 1 + fi + msg "Generating SHA1sums for source files" + plain "" + ct=0 + newline=0 + numsrc=${#source[@]} + for netfile in ${source[@]}; do + file=`strip_url $netfile` + sum=`sha1sum $file | cut -d' ' -f 1` + if [ $ct -eq 0 ]; then + echo -n "sha1sums=(" + else + echo -ne "\t " + fi + echo -n "'$sum'" + ct=$(($ct+1)) + if [ $ct -eq $numsrc ]; then + echo ')' + else + echo ' \' + newline=0 + fi + done + plain "" + exit 0 + fi fi