Validate checksums for plugins if available #12888
Merged
Commits on Aug 14, 2015
-
Validate checksums for plugins if available
When a plugin is downloaded, this change additionally tries to download `${pluginurl}.sha1` and verify the SHA1 checksum for the file. If no .sha1 file is found, it tries `${pluginurl}.md5`. Note that if neither checksum file is found, a notice is printed but the plugin can still be installed. If the checksum check fails, the plugin install is aborted. Example output if no checksums are available: ``` bin/plugin install elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT -> Installing elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT... Trying http://download.elastic.co/elasticsearch/elasticsearch-analysis-icu/elasticsearch-analysis-icu-2.6.0-SNAPSHOT.zip ... Trying http://search.maven.org/remotecontent?filepath=elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT/elasticsearch-analysis-icu-2.6.0-SNAPSHOT.zip ... Trying https://oss.sonatype.org/service/local/repositories/releases/content/elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT/elasticsearch-analysis-icu-2.6.0-SNAPSHOT.zip ... Trying https://github.com/elasticsearch/elasticsearch-analysis-icu/archive/2.6.0-SNAPSHOT.zip ... Trying https://github.com/elasticsearch/elasticsearch-analysis-icu/archive/master.zip ... Downloading .....................................DONE Verifying https://github.com/elasticsearch/elasticsearch-analysis-icu/archive/master.zip checksums if available ... NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify) ``` Example output if checksums are available: ``` bin/plugin install elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT -> Installing elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT... Trying http://download.elastic.co/elasticsearch/elasticsearch-analysis-icu/elasticsearch-analysis-icu-2.6.0-SNAPSHOT.zip ... Trying http://search.maven.org/remotecontent?filepath=elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT/elasticsearch-analysis-icu-2.6.0-SNAPSHOT.zip ... Trying https://oss.sonatype.org/service/local/repositories/releases/content/elasticsearch/elasticsearch-analysis-icu/2.6.0-SNAPSHOT/elasticsearch-analysis-icu-2.6.0-SNAPSHOT.zip ... Trying https://github.com/elasticsearch/elasticsearch-analysis-icu/archive/2.6.0-SNAPSHOT.zip ... Trying https://github.com/elasticsearch/elasticsearch-analysis-icu/archive/master.zip ... Downloading .....................................DONE Verifying https://github.com/elasticsearch/elasticsearch-analysis-icu/archive/master.zip checksums if available ... Downloading .DONE ``` Example output if checksums fail: ``` bin/plugin install elasticsearch/elasticsearch-analysis-kuromoji/2.5.0 -url http://localhost:8000/elasticsearch-analysis-kuromoji-2.5.0.zip -> Installing elasticsearch/elasticsearch-analysis-kuromoji/2.5.0... Trying http://localhost:8000/elasticsearch-analysis-kuromoji-2.5.0.zip ... Downloading .............................................DONE Verifying http://localhost:8000/elasticsearch-analysis-kuromoji-2.5.0.zip checksums if available ... Downloading .DONE ERROR: incorrect hash, file hash: [dbdc9c2cd32782054497a21fbdcae3ca1ff23c80], expected: [dbdc9c2cd32782054497a21fbdcae3ca1ff23c80-bad] ``` Resolves elastic#12750 -
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.