Improved download and verify of build.sf

This commit is contained in:
Stefan Reimer 2014-10-04 13:35:46 -07:00
parent d484a86107
commit 660beda9c7

View File

@ -19,55 +19,91 @@ die() {
} }
verify_digest() {
local FILE_NAME=$1
local TYPE=$2
local DIGEST=$3
local PURGE=$4
case $TYPE in
sha512)
FILE_DIGEST=$(sha512sum ${FILE_NAME} | awk '{print $1}')
;;
md5)
FILE_DIGEST=$(md5sum ${FILE_NAME} | awk '{print $1}')
;;
*)
echo "Unknown DIGEST"
return 1
;;
esac
if [ ${FILE_DIGEST} == ${DIGEST} ]; then
echo "${TYPE} checksum for ${FILE_NAME} verified."
return 0
else
echo "Invalid checksum for ${FILE_NAME}!"
[ "x${PURGE}" != "x" ] && { echo "Removing cached copy." ; rm -f ${FILE_NAME}; }
return 1
fi
}
fetch_file() { fetch_file() {
local URL=$1 local URL=$1
local DIGEST=$2 local DIGEST_URL=$2
FILE_NAME=$(basename ${URL}) local FILE_NAME=$(basename ${URL})
SHA512=$(curl -q -s -S ${DIGEST} | grep -A1 -e "^# SHA512 HASH" | grep -o -E -e "^[0-9a-f]{128} *${FILE_NAME}$" | awk '{print $1}')
# Check if local cache is usable local DIGEST_TYPE
# Check cache
if [ ! -d ${LOCAL_CACHE} ] || [ ! -w ${LOCAL_CACHE} ]; then if [ ! -d ${LOCAL_CACHE} ] || [ ! -w ${LOCAL_CACHE} ]; then
die "Local cache ${LOCAL_CACHE} unusable!" echo "Cannot write to cache ${LOCAL_CACHE}"
return 1
fi fi
if [ -z ${SHA512} ]; then # If DIGEST requested get it
if [ ! -z ${DIGEST_URL} ]; then
DIGEST=$(curl -s -S ${DIGEST_URL} | grep -A1 -e "^# SHA512 HASH" | grep -o -E -e "^[0-9a-f]{128} *${FILE_NAME}$" | awk '{print $1}')
if [ -z ${DIGEST} ]; then
# Let's try md5sum before giving up # Let's try md5sum before giving up
MD5=$(curl -q -s -S ${DIGEST} | grep -o -E -e "^[0-9a-f]{32} *${FILE_NAME}$" | awk '{print $1}') DIGEST=$(curl -s -S ${DIGEST_URL} | grep -o -E -e "^[0-9a-f]{32} *${FILE_NAME}$" | awk '{print $1}')
if [ -z ${MD5} ]; then if [ -z ${DIGEST} ]; then
die "Unable to get checksum for ${FILE_NAME}, abort" echo "Unable to get checksum for ${FILE_NAME}, abort"
return 2
fi fi
fi DIGEST_TYPE="md5"
# Do we have local copy, if not download
if [ ! -f ${LOCAL_CACHE}/${FILE_NAME} ]; then
wget -O ${LOCAL_CACHE}/${FILE_NAME} ${URL} || die "Cannot download ${URL}!"
fi
if [ ! -z ${SHA512} ]; then
if [ $(sha512sum ${LOCAL_CACHE}/${FILE_NAME} | awk '{print $1}') = ${SHA512} ]; then
echo "SHA512 checksum for ${FILE_NAME} verified."
cp ${LOCAL_CACHE}/${FILE_NAME} .
return
else else
rm -f ${LOCAL_CACHE}/${FILE_NAME} DIGEST_TYPE="sha512"
die "Invalid checksum for ${LOCAL_CACHE}/${FILE_NAME}, removing cached copy."
fi fi
fi fi
if [ ! -z ${MD5} ]; then # Do we have local copy
if [ $(md5sum ${LOCAL_CACHE}/${FILE_NAME} | awk '{print $1}') = ${MD5} ]; then if [ -f ${LOCAL_CACHE}/${FILE_NAME} ]; then
echo "MD5 checksum for ${FILE_NAME} verified." verify_digest ${LOCAL_CACHE}/${FILE_NAME} $DIGEST_TYPE ${DIGEST} 1
if [ $? -eq 0 ]; then
cp ${LOCAL_CACHE}/${FILE_NAME} .
echo "Using cached ${LOCAL_CACHE}/${FILE_NAME}"
return 0
fi
fi
# We we are here either we didnt have a copy or the cached file was invalid
wget -q -O ${LOCAL_CACHE}/${FILE_NAME} ${URL}
if [ $? -eq 0 ]; then
echo "Downloaded ${URL} to ${LOCAL_CACHE}/${FILE_NAME}"
verify_digest ${LOCAL_CACHE}/${FILE_NAME} $DIGEST_TYPE ${DIGEST} 1
if [ $? -ne 0 ]; then
echo "Could not get a verified version of ${FILE_NAME}"
return 3
fi
cp ${LOCAL_CACHE}/${FILE_NAME} . cp ${LOCAL_CACHE}/${FILE_NAME} .
return
else else
rm -f ${LOCAL_CACHE}/${FILE_NAME} echo "Cannot download ${URL}!"
die "Invalid checksum for ${LOCAL_CACHE}/${FILE_NAME}, removing cached copy." return 4
fi fi
fi
die "No checksum available for ${FILE_NAME}!"
} }
@ -111,22 +147,23 @@ bootstrap() {
[ -d ${ROOT_FS} ] || die "${ROOT_FS} does not exists" [ -d ${ROOT_FS} ] || die "${ROOT_FS} does not exists"
[ -w ${ROOT_FS} ] || die "${ROOT_FS} isn't writable" [ -w ${ROOT_FS} ] || die "${ROOT_FS} isn't writable"
# install stage 3
cd ${ROOT_FS} cd ${ROOT_FS}
# first install stage 3
if [ -d "usr" ] ; then if [ -d "usr" ] ; then
echo "There seems to be already files in ${ROOT_FS} !" echo "There seems to be already files in ${ROOT_FS} !"
echo "Press <Ctrl+c> to abort, or <Return> to proceed with extracting stage3 ..." echo "Press <Ctrl+c> to abort, or <Return> to proceed without extracting stage3 ..."
read -r REPLY read -r REPLY
fi else
fetch_file "${STAGE_TARBALL}" "${STAGE_TARBALL}.DIGESTS" fetch_file "${STAGE_TARBALL}" "${STAGE_TARBALL}.DIGESTS" || die "Cannot get ${STAGE_TARBALL}"
echo "Extracting stage3 to ${ROOT_FS} ..." echo "Extracting stage3 to ${ROOT_FS} ..."
tar jxpf $(basename ${STAGE_TARBALL}) || die "Extracting stage file failed" tar jxpf $(basename ${STAGE_TARBALL}) || die "Extracting stage3 failed"
rm -f $(basename ${STAGE_TARBALL}) rm -f $(basename ${STAGE_TARBALL})
fi
# Portage snapshot # Portage snapshot
PORTAGE_SNAPSHOT="${GENTOO_MIRROR}/releases/snapshots/current/portage-latest.tar.bz2" PORTAGE_SNAPSHOT="${GENTOO_MIRROR}/releases/snapshots/current/portage-latest.tar.bz2"
if [ ${BIND_PORTAGE} = 1 ] ; then if [ ${BIND_PORTAGE} = 1 ] ; then
if [ ! -r $MAKE_CONF ]; then if [ ! -r $MAKE_CONF ]; then
@ -143,7 +180,11 @@ bootstrap() {
mount --bind ${HOST_PORTDIR} ${ROOT_FS}/${HOST_PORTDIR} || die "Error mounting ${HOST_PORTDIR}" mount --bind ${HOST_PORTDIR} ${ROOT_FS}/${HOST_PORTDIR} || die "Error mounting ${HOST_PORTDIR}"
else else
# install latest portage snapshot # install latest portage snapshot
if [ ! -d "usr/portage" ] ; then if [ -d "usr/portage" ] ; then
echo "There seems to be already portage files!"
echo "Press <Ctrl+c> to abort, or <Return> to proceed without extracting portage ..."
read -r REPLY
else
fetch_file "${PORTAGE_SNAPSHOT}" "${PORTAGE_SNAPSHOT}.md5sum" fetch_file "${PORTAGE_SNAPSHOT}" "${PORTAGE_SNAPSHOT}.md5sum"
echo "Extracting latest portage snapshot to ${ROOT_FS}/usr ..." echo "Extracting latest portage snapshot to ${ROOT_FS}/usr ..."
tar jxf $(basename ${PORTAGE_SNAPSHOT}) -C "${ROOT_FS}/usr" || die "Extracting portage snapshot failed" tar jxf $(basename ${PORTAGE_SNAPSHOT}) -C "${ROOT_FS}/usr" || die "Extracting portage snapshot failed"
@ -207,7 +248,7 @@ OPTIONS:
-r chroot location (default $IMAGE_ROOT ) -r chroot location (default $IMAGE_ROOT )
-c local cache (default $LOCAL_CACHE) -c local cache (default $LOCAL_CACHE)
-b bind mount host portage tree -b bind mount host portage tree
-i interactive, setting up chroot and enter it, skip extracting stage3, portage, etc. -i interactive, after setting up chroot and enter it
-m make.conf to source portage location,etc. defaults to /etc/portage/make.conf -m make.conf to source portage location,etc. defaults to /etc/portage/make.conf
-v Verbose -v Verbose
EOF EOF
@ -249,9 +290,7 @@ if [ ${VERBOSE} -eq 1 ]; then
set -x set -x
fi fi
if [ ${INTERACTIVE} -eq 0 ]; then bootstrap ${IMAGE_ROOT} ${PROFILE} ${ARCH}
bootstrap ${IMAGE_ROOT} ${PROFILE} ${ARCH}
fi
# From here make sure we don't leave stuff around # From here make sure we don't leave stuff around
trap "cleanup ${IMAGE_ROOT}" INT TERM EXIT trap "cleanup ${IMAGE_ROOT}" INT TERM EXIT