[Lunar-commits] CVS: theedge/var/lib/lunar/plugins
verify-gpg.plugin, NONE, 1.1 verify-md5.plugin, NONE,
1.1 verify-sha1.plugin, NONE, 1.1 download-generic.plugin, 1.1, 1.2
Auke Kok
sofar at lunar-linux.org
Thu Mar 24 16:39:02 UTC 2005
- Previous message: [Lunar-commits] CVS: theedge/usr/share/man/man8 lin.8, 1.8,
1.9 lrm.8, 1.4, 1.5
- Next message: [Lunar-commits] CVS: theedge/var/lib/lunar/functions build.lunar,
1.27, 1.28 check.lunar, 1.23, 1.24 depends.lunar, 1.48,
1.49 download.lunar, 1.54, 1.55 edit.lunar, 1.15,
1.16 logging.lunar, 1.3, 1.4 main.lunar, 1.24,
1.25 modules.lunar, 1.52, 1.53 plugins.lunar, 1.1,
1.2 sizes.lunar, 1.8, 1.9 sources.lunar, 1.28, 1.29 temp.lunar,
1.7, 1.8 tracking.lunar, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /var/cvs/lunar/theedge/var/lib/lunar/plugins
In directory espresso.foo-projects.org:/home/sofar/active/theedge/var/lib/lunar/plugins
Modified Files:
download-generic.plugin
Added Files:
verify-gpg.plugin verify-md5.plugin verify-sha1.plugin
Log Message:
Mega merge:
* source verification is now a plugin too
* rewrote gpg verification a bit
* removed versioned modules (only one remains: gcc/3.4.3)
* Implemented nested sections: moonbase/gnome/apps is now possible
--- NEW FILE: verify-gpg.plugin ---
#!/bin/bash
#############################################################
# #
# verify-gpg.plugin - plugin that performs gpg signature #
# checking #
# #
#############################################################
# #
# Copyright 2005 by Auke Kok under GPLv2 #
# #
#############################################################
plugin_source_verify_gpg() {
# check if we can handle this type of VFY:
if [ "${2:0:4}" != "gpg:" ] ; then
return 2
fi
debug_msg "plugin_source_verify_gpg ($@)"
if [ ! -x /usr/bin/gpg ] ; then
# warn but don't fail
message "${PROBLEM_COLOR}! Cannot verify sources without ${MODULE_COLOR}gpg${DEFAULT_COLOR}${PROBLEM_COLOR} installed${DEFAULT_COLOR}"
return 2
fi
if [ ! -d /var/state/lunar/gpg ]; then
mkdir -p /var/state/lunar/gpg
chmod 700 /var/state/lunar/gpg
fi
GPG_SIG=$(echo $2 | sed 's/^gpg://' | cut -d, -f1)
GPG_KEY=$(echo $2 | sed 's/^gpg://' | cut -d, -f2-)
# do we need to download a keyset?
if [ -n "$GPG_KEY" ] ; then
TMP_GPG_KEYS=$(temp_create "gpg-pubkeys")
verbose_msg "Downloading pub keys from \"$GPG_KEY\""
# TODO calling wget is a hack... we should accept file: urls too
if download_url $GPG_KEY $TMP_GPG_KEYS -q ; then
TMP_GPG_OUTPUT=$(temp_create "gpg-output")
GNUPGHOME=/var/state/lunar/gpg/ gpg --import $TMP_GPG_KEYS > $TMP_GPG_OUTPUT 2>&1
grep -v 'not changed$' $TMP_GPG_OUTPUT | while read LINE; do
message "${MESSAGE_COLOR}$LINE${DEFAULT_COLOR}"
done
temp_destroy $TMP_GPG_OUTPUT
fi
fi
# try to get the required key
TMP_GPG_SIG=$(temp_create "gpg-signature")
verbose_msg "Downloading signature \"$GPG_SIG\""
# TODO calling wget is a hack... we should accept file: urls too
if download_url $GPG_SIG $TMP_GPG_SIG -q ; then
verbose_msg "Verifying signature of \"$SOURCE_CACHE/$1\""
verbose_msg "GNUPGHOME=/var/state/lunar/gpg/ gpg --verify $TMP_GPG_SIG $SOURCE_CACHE/$1"
TMP_GPG_OUTPUT=$(temp_create "gpg-output")
if ! GNUPGHOME=/var/state/lunar/gpg/ gpg --verify $TMP_GPG_SIG $SOURCE_CACHE/$1 > $TMP_GPG_OUTPUT 2>&1 ; then
verbose_msg "gpg exited with \"$?\""
RESULT=1
fi
cat $TMP_GPG_OUTPUT | while read LINE; do
if echo $LINE | grep -qw 'WARNING' ; then
message "${LRM_COLOR}$LINE${DEFAULT_COLOR}"
else
message "${MESSAGE_COLOR}$LINE${DEFAULT_COLOR}"
fi
done
temp_destroy $TMP_GPG_OUTPUT
else
message "cannot download key!"
RESULT=1
fi
temp_destroy $TMP_GPG_SIG
temp_destroy $TMP_GPG_KEYS
if [ "$RESULT" == 1 ]; then
message "${PROBLEM_COLOR}! gpg signature check failed for ${DEFAULT_COLOR}${FILE_COLOR}$SRC1${DEFAULT_COLOR}"
return 1
else
# always return 'continue' plugin value
return 2
fi
}
plugin_register SOURCE_VERIFY plugin_source_verify_gpg
--- NEW FILE: verify-md5.plugin ---
#!/bin/bash
#############################################################
# #
# verify-md5.plugin - plugin that performs md5check #
# #
#############################################################
# #
# Copyright 2005 by Auke Kok under GPLv2 #
# #
#############################################################
plugin_source_verify_md5() {
# check if we can handle this type of VFY:
if [ "${2:0:4}" != "md5:" ] ; then
return 2
fi
debug_msg "plugin_source_verify_md5 ($@)"
TMP_MD5=$(md5sum $SOURCE_CACHE/$1 | cut -d " " -f 1-1)
if [ "${2:4}" != "$TMP_MD5" ] ; then
message "${PROBLEM_COLOR}! md5sum check failed for ${DEFAULT_COLOR}${FILE_COLOR}$1${DEFAULT_COLOR}"
verbose_msg "offending md5sum: $TMP_MD5"
verbose_msg "should be md5sum: ${2:4}"
return 1
else
# always return 'continue' plugin value
return 2
fi
}
plugin_register SOURCE_VERIFY plugin_source_verify_md5
--- NEW FILE: verify-sha1.plugin ---
#!/bin/bash
#############################################################
# #
# verify-sha1.plugin - plugin that performs sha1check #
# #
#############################################################
# #
# Copyright 2005 by Auke Kok under GPLv2 #
# #
#############################################################
plugin_source_verify_sha1() {
# check if we can handle this type of VFY:
if [ "${2:0:5}" != "sha1:" ] ; then
return 2
fi
debug_msg "plugin_source_verify_sha1 ($@)"
TMP_MD5=$(sha1sum $SOURCE_CACHE/$1 | cut -d " " -f 1-1)
if [ "${2:5}" != "$TMP_MD5" ] ; then
message "${PROBLEM_COLOR}! sha1sum check failed for ${DEFAULT_COLOR}${FILE_COLOR}$1${DEFAULT_COLOR}"
verbose_msg "offending sha1sum: $TMP_MD5"
verbose_msg "should be sha1sum: ${2:5}"
return 1
else
# always return 'continue' plugin value
return 2
fi
}
plugin_register SOURCE_VERIFY plugin_source_verify_sha1
Index: download-generic.plugin
===================================================================
RCS file: /var/cvs/lunar/theedge/var/lib/lunar/plugins/download-generic.plugin,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- download-generic.plugin 23 Mar 2005 16:18:13 -0000 1.1
+++ download-generic.plugin 24 Mar 2005 16:38:59 -0000 1.2
@@ -50,8 +50,10 @@
if erase $TMP_FILE && wget $WGET_CACHE $WGET_RATE $WGET_FTP_CONNECTION $WGET_RETRIES $WGET_PARTIAL "$1" --output-document "$TMP_FILE" ; then
# looks like it worked
if testpack $TMP_FILE ; then
- install -m644 $TMP_FILE $(dirname $2)/$(basename $TMP_FILE)
- rm $TMP_FILE
+ if [ "$TMP_FILE" != "$(dirname $2)/$(basename $TMP_FILE)" ]; then
+ install -m644 $TMP_FILE $(dirname $2)/$(basename $TMP_FILE)
+ rm $TMP_FILE
+ fi
verbose_msg "download of \"$1\" successful"
else
rm -f $TMP_FILE
- Previous message: [Lunar-commits] CVS: theedge/usr/share/man/man8 lin.8, 1.8,
1.9 lrm.8, 1.4, 1.5
- Next message: [Lunar-commits] CVS: theedge/var/lib/lunar/functions build.lunar,
1.27, 1.28 check.lunar, 1.23, 1.24 depends.lunar, 1.48,
1.49 download.lunar, 1.54, 1.55 edit.lunar, 1.15,
1.16 logging.lunar, 1.3, 1.4 main.lunar, 1.24,
1.25 modules.lunar, 1.52, 1.53 plugins.lunar, 1.1,
1.2 sizes.lunar, 1.8, 1.9 sources.lunar, 1.28, 1.29 temp.lunar,
1.7, 1.8 tracking.lunar, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Lunar-commits
mailing list