[CentOS-devel] [PATCH] Added optional check for sha1sum of downloaded source file

Wed Jun 25 17:49:30 UTC 2014
Johnny Hughes <johnny at centos.org>

pushed

On 06/24/2014 08:46 AM, Pat Riehecky wrote:
> From: Pat Riehecky <riehecky at fnal.gov>
>
> ---
>  get_sources.sh |   13 +++++++++++++
>  1 files changed, 13 insertions(+), 0 deletions(-)
>
> diff --git a/get_sources.sh b/get_sources.sh
> index b43cb51..5533cfe 100755
> --- a/get_sources.sh
> +++ b/get_sources.sh
> @@ -19,6 +19,7 @@ fi
>  #parse command line args
>  BRANCH=''
>  QUIET=''
> +CHECK=0
>  while (($# > 0))
>  do
>    case $1 in
> @@ -32,6 +33,11 @@ do
>          surl=$2
>          shift 2
>          ;;
> +    --check)
> +        #verify the sha1sum of the downloaded file
> +        CHECK=1
> +        shift
> +        ;;
>       -q)
>          # Be less chatty
>          QUIET='--silent'
> @@ -103,5 +109,12 @@ while read -r fsha fname ; do
>      else
>        echo "${fname} exists. skipping"
>      fi
> +    if [ ${CHECK} -eq 1 ]; then
> +        downsum=$(sha1sum ${fname} | awk '{print $1}')
> +        if [ ${fsha} != ${downsum} ]; then
> +            rm -f ${fname}
> +            echo "failed to download ${fname}" >&2
> +        fi
> +    fi
>    fi
>  done < "${meta}"


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20140625/b4beacc2/attachment-0007.sig>