---
get_sources.sh | 45 ++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 44 insertions(+), 1 deletion(-)
diff --git a/get_sources.sh b/get_sources.sh
index 6451bd0..456e140 100755
--- a/get_sources.sh
+++ b/get_sources.sh
@@ -16,6 +16,28 @@ if [ -f /etc/centos-git-common ]; then
. /etc/centos-git-common
fi
+weakHashDetection () {
+ strHash=${1};
+ case $((`echo ${strHash}|wc -m` - 1 )) in
+ 128)
+ hashBin='sha512sum'
+ ;;
+ 64)
+ hashBin='sha256sum'
+ ;;
+ 40)
+ hashBin='sha1sum'
+ ;;
+ 32)
+ hashBin='md5sum'
+ ;;
+ *)
+ hashBin='unknown'
+ ;;
+ esac
+ echo ${hashBin};
+}
+
#parse command line args
BRANCH=''
while (($# > 0))
@@ -92,7 +114,28 @@ while read -r fsha fname ; do
if [ ! -e "${fname}" ]; then
for br in "${branches[@]}"
do
- curl -f "${surl}/${pn}/${br}/${fsha}" -o "${fname}" && break
+ curl -f "${surl}/${pn}/${br}/${fsha}" -o "${fname}"
+ if [ $? -eq 0 ]; then
+ hashType=$(weakHashDetection ${fsha})
+ if [ "${hashType}" != "unknown" ]; then
+ renderedHash=$($hashType ${fname}|awk '{print $1}')
+ if [ "${renderedHash}" == "${fsha}" ]; then
+ break
+ else
+ echo "ERROR: ${surl}/${pn}/${br}/${fsha} does not match hash of downloaded file ${fname}:${renderedHash}"
+ newFName=$(mktemp ${fname}.XXXX)
+ echo " - Archiving File To: ${newFName}"
+ mv ${fname} ${newFName}
+ exit 1
+ fi
+ else
+ echo "ERROR: unknown hash used, file ${fname} can not be verified."
+ newFName=$(mktemp ${fname}.XXXX)
+ echo " - Archiving File To: ${newFName}"
+ mv ${fname} ${newFName}
+ exit 1
+ fi
+ fi
done
else
echo "${fname} exists. skipping"
--
1.8.4