From: "Brian Inglis" <brian.ing...@systematicsw.ab.ca>
Some package upstreams offer only checksums, for example .sha512sum, .sha256sum,
for verification rather than gpg signatures, for example .asc, .sig, .sign, etc;
use these checksum files when provided in a similar manner to gpg signatures;
these files are often provided with fixed names which may be renamed on download
to unique values using cygport URI fragment support like
#/$NAME-VERSION.sha...sum;
use coreutils cksum as it supports all modern and legacy checksums and formats.
define __sum_verify() after __gpg_verify();
add to readonly function definition list
unpack(): skip files matching *.*sum
__src_prep():
define file types or prefixes in variable sum_exts;
in src files loop after __gpg_verify():
match file checksum type and call __sum_verify()
Signed-off-by: Brian Inglis <brian.ing...@systematicsw.ab.ca>
---
lib/src_prep.cygpart | 56
++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 55 insertions(+), 1 deletion(-)
--- lib/src_prep.cygpart 2024-01-15 05:09:23.000000000 -0700
+++ lib/src_prep.cygpart 2024-04-30 11:41:01.218878400 -0600
@@ -88,6 +88,7 @@ unpack() {
# determine correct source decompression command
case ${unpack_file_path} in
*.asc|*.md5|*.sig|*.sign) continue ;;
+ *.*sum) continue ;;
*.tar.lrz)
check_prog_req lrzuntar lrzip
unpack_cmd="lrzuntar"
@@ -200,6 +201,43 @@ __gpg_verify() {
fi
}
+__sum_verify() {
+ local _file=${1#${DISTDIR}/};
+ local _filedesc=${2};
+ local _filetype=${3};
+ local _sum=${3%sum};
+
+ if ! check_prog cksum
+ then
+ # display notice only once
+ if ! defined _cksum_not_found_
+ then
+ inform "cksum must be installed in order to check
checksums.";
+ _cksum_not_found_=1
+ fi
+
+ return 0;
+ fi
+
+ # {b2,b2b}{,sum} -> blake2b; ck{,sum} -> crc; {,sum} -> bsd
+ [ -z "${_sum}" ] && _sum=${_sum:-bsd}
+ [ "b2" = "${_sum}" ] && _sum=blake2b
+ [ "b2b" = "${_sum}" ] && _sum=blake2b
+ [ "ck" = "${_sum}" ] && _sum=crc
+
+ if defined DISTDIR && [ -d ${DISTDIR} ] && [ -f ${DISTDIR}/${_file} ]
+ then
+ cd ${DISTDIR}
+ inform "${_filedesc} ${_filetype} checksum verification
follows:";
+ if [ "${_sum}" = "crc" ] || [ "${_sum}" = "bsd" ] || [
"${_sum}" = "sysv" ]
+ then
+ cksum -a ${_sum} ${_file%.${_filetype}} || true;
+ else
+ cksum -a ${_sum} -c ${_file} || true;
+ fi
+ fi
+}
+
__mkdirs() {
cd ${top};
mkdir -p ${srcdir} ${origsrcdir} ${B} ${D} ${T} ${configdir} ${logdir}
${distdir} ${patchdir} ${spkgdir};
@@ -298,6 +336,10 @@ __src_prep() {
local src_pkg;
local tar_patch;
local n=1;
+ local sum_exts="sha512 sha384 sha256 sha224 b2 b2b blake2b sm3 sha1 md5
ck crc bsd sysv";
+ # prefer newer stronger keys for faster lookup
+ # blake2b bsd crc md5 sha1 sha224 sha256 sha384 sha512 sm3 sysv
+ # {b2,b2b}{,sum} -> blake2b; ck{,sum} -> crc; {,sum} -> bsd
cd ${top};
@@ -328,6 +370,18 @@ __src_prep() {
__gpg_verify ${src_pkg} "SOURCE $((n++))"
${sigext};
fi
done
+ for sigext in ${sum_exts} '' # final entry is BSD .sum -> ''
+ do
+ if [ "${src_pkg}" != "${src_pkg%.${sigext}sum}" ]
+ then
+ __sum_verify ${src_pkg} "SOURCE $((n++))"
"${sigext}sum";
+ break;
+ elif [ "${src_pkg}" != "${src_pkg%.${sigext}}" ] #
fail if '' unless *.
+ then
+ __sum_verify ${src_pkg} "SOURCE $((n++))"
"${sigext}";
+ break;
+ fi
+ done
done
for src_patch in ${_src_orig_patches}
@@ -510,4 +564,4 @@ __src_prep() {
}
readonly -f __cpio_gz_extract __gem_extract __srpm_extract unpack \
- __gpg_verify __mkdirs cygpatch __src_prep
+ __gpg_verify __sum_verify __mkdirs cygpatch __src_prep
