Permalink
Browse files

add sha512 validation, improved handling of checksums

  • Loading branch information...
1 parent 27ce130 commit 30dc04dbbbd01bd816353ae5322da258286fdcc4 @mpapis mpapis committed Aug 23, 2012
Showing with 182 additions and 91 deletions.
  1. +3 −3 scripts/base
  2. +19 −33 scripts/fetch
  3. +156 −0 scripts/functions/checksum
  4. +4 −9 scripts/functions/installer
  5. +0 −46 scripts/md5
View
@@ -42,7 +42,7 @@ then
if [[ -n "${rvm_prefix:-}" ]] && ! [[ "$HOME/.rvmrc" -ef "${rvm_prefix}/.rvmrc" ]]
then rvm_rvmrc_files+=( "${rvm_prefix}/.rvmrc" )
fi
-
+
for rvmrc in "${rvm_rvmrc_files[@]}"
do
if [[ -f "$rvmrc" ]]
@@ -60,7 +60,7 @@ Error:
fi
fi
done
- unset rvm_rvmrc_files
+ unset rvm_rvmrc_files
fi
export rvm_path
@@ -95,7 +95,7 @@ esac
typeset -a scripts
scripts=(
- logging utility init cleanup env rvmrc install environment gemset db bundler
+ logging utility init cleanup env rvmrc install environment gemset db bundler checksum
)
for entry in ${scripts[@]} ; do
source "$rvm_scripts_path/functions/$entry"
View
@@ -30,33 +30,24 @@ try_ftp=0
result=0
retry=0
-[[ -n "$archive_md5" ]] || archive_md5="$( "$rvm_scripts_path/db" "$rvm_path/config/md5" "$url" | head -n 1 )"
-[[ -n "$archive_md5" ]] || archive_md5="$( "$rvm_scripts_path/db" "$rvm_user_path/md5" "$url" | head -n 1 )"
-if
- [[ "$url" =~ "?" ]] # try url without ?... like ?rvm={version}
-then
- [[ -n "$archive_md5" ]] || archive_md5="$( "$rvm_scripts_path/db" "$rvm_path/config/md5" "${url%?*}" | head -n 1 )"
- [[ -n "$archive_md5" ]] || archive_md5="$( "$rvm_scripts_path/db" "$rvm_user_path/md5" "${url%?*}" | head -n 1 )"
-fi
-[[ -n "$archive_md5" ]] || archive_md5="$( "$rvm_scripts_path/db" "$rvm_path/config/md5" "$archive" | head -n 1 )"
-[[ -n "$archive_md5" ]] || archive_md5="$( "$rvm_scripts_path/db" "$rvm_user_path/md5" "$archive" | head -n 1 )"
-[[ -n "$archive_md5" ]] || rvm_warn "There is no md5 for '$archive', it's not possible to validate it."
+__rvm_checksum_read "$url" "$archive" ||
+ rvm_warn "There is no checksum for '$archive', it's not possible to validate it."
# Check first if we have the correct archive
if
- [[ -e "$archive" && -n "$archive_md5" ]]
+ [[ -e "$archive" ]]
then
if
- "$rvm_scripts_path"/md5 "$rvm_archives_path/${archive}" "$archive_md5"
+ __rvm_checksum_validate_file "$rvm_archives_path/${archive}"
then
- rvm_debug "Archive md5 matched, not downloading"
+ rvm_debug "Archive checksum matched, not downloading"
download=0
else
- rvm_debug "Archive md5 did not match, downloading"
+ rvm_debug "Archive checksum did not match, downloading"
download=1
fi
else
- rvm_debug "No archive or no MD5, downloading"
+ rvm_debug "No archive, downloading"
download=1
fi
@@ -95,37 +86,32 @@ then
then
rvm_log "Trying ftp:// URL instead."
url="${url/http:/ftp:/}"
- retry=1
fi
if
- [[ $retry -eq 1 ]]
+ [[ $try_ftp -eq 1 || $retry -eq 1 ]]
then
- if
- eval $fetch_command "$url"
- then
- true
- else
- result=$?
- rvm_fail "There was an error($result), please check ${rvm_log_path}/$rvm_ruby_string/*.log" $result
- fi
+ eval $fetch_command "$url"
+ result=$?
fi
+ (( result == 0 )) ||
+ rvm_fail "There was an error($result), please check ${rvm_log_path}/$rvm_ruby_string/*.log" $result
fi
fi
# Check if we have downloaded the correct archive
if
- [[ -n "$archive_md5" ]]
+ __rvm_checksum_any
then
if
- "$rvm_scripts_path"/md5 "$rvm_archives_path/${archive}" "$archive_md5"
+ __rvm_checksum_validate_file "$rvm_archives_path/${archive}"
then
- rvm_debug "Downloaded archive md5 matched."
+ rvm_debug "Downloaded archive checksum matched."
else
rm -f $archive
- rvm_fail "Downloaded archive md5 did not match, removing!"
+ rvm_fail "Downloaded archive checksum did not match, removing!"
fi
else
- rvm_debug "No md5, recording."
- archive_md5="$( "$rvm_scripts_path"/md5 "$rvm_archives_path/${archive}" )"
- "$rvm_scripts_path/db" "$rvm_user_path/md5" "$archive" "$archive_md5"
+ rvm_debug "No checksum, recording."
+ __rvm_checksum_calculate_file "$archive"
+ __rvm_checksum_write "$archive"
fi
View
@@ -0,0 +1,156 @@
+#!/usr/bin/env bash
+
+__rvm_md5_calculate()
+{
+ if
+ builtin command -v md5 > /dev/null 2>&1
+ then
+ md5 -q "$@"
+ return $?
+ elif
+ builtin command -v md5sum > /dev/null 2>&1
+ then
+ md5sum "$@" | \awk 'NR==1{print $1}'
+ return 0
+ else
+ for _path in /usr/gnu/bin /sbin /bin /usr/bin /usr/sbin
+ do
+ if
+ [[ -x "${_path}/md5" ]]
+ then
+ ${_path}/md5 -q "$@"
+ return $?
+ elif
+ [[ -x "${_path}/md5sum" ]]
+ then
+ ${_path}/md5sum "$@" | \awk 'NR==1{print $1}'
+ return 0
+ fi
+ done
+ fi
+
+ rvm_error "Neither md5sum nor md5 found in the PATH"
+ return 1
+}
+
+__rvm_sha__calculate()
+{
+ typeset bits
+ bits=${1:-512}
+ shift
+
+ if
+ builtin command -v sha${bits}sum >/dev/null
+ then
+ sha${bits}sum "$@" | \awk 'NR==1{print $1}'
+ return 0
+ elif
+ builtin command -v sha${bits} >/dev/null
+ then
+ sha${bits} "$@" | \awk 'NR==1{print $1}'
+ return 0
+ elif
+ builtin command -v shasum >/dev/null
+ then
+ shasum -a${bits} "$@" | \awk 'NR==1{print $1}'
+ return 0
+ fi
+
+ rvm_error "Neither sha512sum nor shasum found in the PATH"
+ return 1
+}
+
+# __rvm_checksum_calculate_file {file}
+# ENV out: _checksum_md5 _checksum_sha512
+__rvm_checksum_calculate_file()
+{
+ _checksum_md5="$( __rvm_md5_calculate "${1:-}" )"
+ _checksum_sha512="$( __rvm_sha__calculate 512 "${1:-}" )"
+}
+
+__rvm_checksum_none() [[ -z "${_checksum_md5:-}" && -z "${_checksum_sha512:-}" ]]
+__rvm_checksum_any() [[ -n "${_checksum_md5:-}" || -n "${_checksum_sha512:-}" ]]
+__rvm_checksum_all() [[ -n "${_checksum_md5:-}" && -n "${_checksum_sha512:-}" ]]
+
+# __rvm_checksum_validate_file {file}
+# ENV in: _checksum_md5 _checksum_sha512
+__rvm_checksum_validate_file()
+{
+ __rvm_checksum_any || return 1
+ if
+ [[ -n "${_checksum_md5:-}" ]]
+ then
+ [[ "$(__rvm_md5_calculate "${1:-}")" == "${_checksum_md5:-}" ]] || return $?
+ fi
+ if
+ [[ -n "${_checksum_sha512:-}" ]]
+ then
+ [[ "$(__rvm_sha__calculate 512 "${1:-}")" == "${_checksum_sha512:-}" ]] || return $?
+ fi
+ return 0
+}
+
+# __rvm_checksum_read {name...}
+# name - list of names to check, like:
+#
+# __rvm_checksum_read https://rvm.io/binary/.../ruby-1.9.3-p194.tar.bz2 bin-ruby-1.9.3-p194.tar.bz2
+#
+# ENV in/out: _checksum_md5 _checksum_sha512
+__rvm_checksum_read()
+{
+ __rvm_checksum_none || return 0
+ typeset _type _value _name
+ typeset -a _list
+ list=()
+
+ for _name in "$@" # iterate urls, but respect order if name is before url
+ do
+ list+=( "$_name" )
+ if
+ [[ "$_name" =~ "?" ]] # try url without ?... like ?rvm={version}
+ then
+ _name="${_name%\?*}"
+ list+=( "$_name" )
+ fi
+ done
+
+ for _name in "$@" # iterate names
+ do
+ if
+ [[ "$_name" =~ "/" ]] # try file name of url
+ then
+ _name="${_name%\?*}"
+ _name="${_name##*/}"
+ list+=( "$_name" )
+ fi
+ done
+
+ for _name in "${list[@]}"
+ do
+ _checksum_md5="$( "$rvm_scripts_path/db" "$rvm_path/config/md5" "$_name" | head -n 1 )"
+ [[ -n "${_checksum_md5:-}" ]] ||
+ _checksum_md5="$( "$rvm_scripts_path/db" "$rvm_user_path/md5" "$_name" | head -n 1 )"
+
+ _checksum_sha512="$( "$rvm_scripts_path/db" "$rvm_path/config/sha512" "$_name" | head -n 1 )"
+ [[ -n "${_checksum_sha512:-}" ]] ||
+ _checksum_sha512="$( "$rvm_scripts_path/db" "$rvm_user_path/sha512" "$_name" | head -n 1 )"
+
+ __rvm_checksum_none || return 0
+ done
+
+ return 1 # not found
+}
+
+# Record checksums in user settings
+# Usage: __rvm_checksum_write {name}
+# ENV in/out: _checksum_md5 _checksum_sha512
+__rvm_checksum_write()
+{
+ [[ -n "${1:-}" ]] || return 1
+ __rvm_checksum_any || return 1
+
+ [[ -z "${_checksum_md5:-}" ]] || "$rvm_scripts_path/db" "$rvm_user_path/md5" "${1:-}" "${_checksum_md5:-}"
+ [[ -z "${_checksum_sha512:-}" ]] || "$rvm_scripts_path/db" "$rvm_user_path/sha512" "${1:-}" "${_checksum_sha512:-}"
+
+ return 0
+}
@@ -324,16 +324,11 @@ setup_configuration_files()
then
mv config/rvmrcs user/rvmrcs
else
- if [[ ! -f user/rvmrcs ]]
- then
- touch user/rvmrcs
- fi
+ [[ -f user/rvmrcs ]] || touch user/rvmrcs
fi
- if [[ ! -f user/md5 ]]
- then
- touch user/md5
- fi
+ [[ -f user/md5 ]] || touch user/md5
+ [[ -f user/sha512 ]] || touch user/sha512
# Prune old (keyed-by-hash) trust entries
GREP_OPTIONS="" \grep '^_' user/rvmrcs > user/rvmrcs.new || true
@@ -607,7 +602,7 @@ correct_binary_permissions()
files=(
manage alias cleanup current db disk-usage docs env
- fetch gemsets get hash help hook info install list maglev match md5 migrate
+ fetch gemsets get hash help hook info install list maglev match migrate
monitor notes override_gem package patchsets repair rtfm rubygems rvm selector
selector_gemsets set snapshot tools upgrade wrapper
)
View
@@ -1,46 +0,0 @@
-#!/usr/bin/env bash
-
-if
- (( ${rvm_trace_flag:-0} == 2 ))
-then
- set -x
- export rvm_trace_flag
-fi
-
-_archive="${1}"
-md5="${2:-}"
-shift || rvm_fail "archive name not given in first param"
-
-# Swiped from SMF
-if
- builtin command -v md5 > /dev/null 2>&1
-then
- archive_md5=$(md5 -q "${_archive}")
-elif
- builtin command -v md5sum > /dev/null 2>&1
-then
- archive_md5="$(md5sum "${_archive}")"
- archive_md5="${archive_md5%% *}"
-else
- for _path in /usr/gnu/bin /sbin /bin /usr/bin /usr/sbin
- do
- if
- [[ -x "${_path}/md5" ]]
- then
- archive_md5=$(${_path}/md5 -q "${_archive}")
- elif
- [[ -x "${_path}/md5sum" ]]
- then
- archive_md5="$(${_path}/md5sum "${_archive}")"
- archive_md5="${archive_md5%% *}"
- fi
- done
-fi
-
-if
- [[ -n "${md5}" ]]
-then
- [[ "${archive_md5}" == "${md5}" ]] || exit $?
-else
- echo "${archive_md5}"
-fi

1 comment on commit 30dc04d

Member

richo commented on 30dc04d Aug 23, 2012

You beat me to it. This looks great.

Please sign in to comment.