[ioquake3] 97/136: Verify libTom source archives aren't tampered with.
Simon McVittie
smcv at debian.org
Thu Jun 15 09:09:14 UTC 2017
This is an automated email from the git hooks/post-receive script.
smcv pushed a commit to branch debian/master
in repository ioquake3.
commit 7542966e3360ab994972f9d3db5aac8a3edec06d
Author: Ryan C. Gordon <icculus at icculus.org>
Date: Sun Jun 4 01:15:38 2017 -0400
Verify libTom source archives aren't tampered with.
---
code/autoupdater/rsa_tools/build-libtom-unix.sh | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/code/autoupdater/rsa_tools/build-libtom-unix.sh b/code/autoupdater/rsa_tools/build-libtom-unix.sh
index 8700e86..4e61732 100755
--- a/code/autoupdater/rsa_tools/build-libtom-unix.sh
+++ b/code/autoupdater/rsa_tools/build-libtom-unix.sh
@@ -22,22 +22,31 @@ elif [ "$NCPU" = "0" ]; then
NCPU=1
fi
-if [ ! -f ./crypt-$LTCVER.tar.bz2 ]; then
- echo "Downloading LibTomCrypt $LTCVER sources..."
- curl -L -o crypt-$LTCVER.tar.bz2 https://github.com/libtom/libtomcrypt/releases/download/$LTCVER/crypt-$LTCVER.tar.bz2 || exit 1
-fi
-
if [ ! -f tfm-$TFMVER.tar.xz ]; then
echo "Downloading TomsFastMath $TFMVER sources..."
curl -L -o tfm-$TFMVER.tar.xz https://github.com/libtom/tomsfastmath/releases/download/v$TFMVER/tfm-$TFMVER.tar.xz || exit 1
fi
+if [ ! -f ./crypt-$LTCVER.tar.bz2 ]; then
+ echo "Downloading LibTomCrypt $LTCVER sources..."
+ curl -L -o crypt-$LTCVER.tar.bz2 https://github.com/libtom/libtomcrypt/releases/download/$LTCVER/crypt-$LTCVER.tar.bz2 || exit 1
+fi
+
if [ ! -d tomsfastmath-$TFMVER ]; then
+ echo "Checking TomsFastMath archive hash..."
+ if [ "`shasum -a 256 tfm-$TFMVER.tar.xz |awk '{print $1;}'`" != "47c97a1ada3ccc9fcbd2a8a922d5859a84b4ba53778c84c1d509c1a955ac1738" ]; then
+ echo "Uhoh, tfm-$TFMVER.tar.xz does not have the sha256sum we expected!"
+ exit 1
+ fi
echo "Unpacking TomsFastMath $TFMVER sources..."
tar -xJvvf ./tfm-$TFMVER.tar.xz
fi
if [ ! -d libtomcrypt-$LTCVER ]; then
+ if [ "`shasum -a 256 crypt-$LTCVER.tar.bz2 |awk '{print $1;}'`" != "e33b47d77a495091c8703175a25c8228aff043140b2554c08a3c3cd71f79d116" ]; then
+ echo "Uhoh, crypt-$LTCVER.tar.bz2 does not have the sha256sum we expected!"
+ exit 1
+ fi
echo "Unpacking LibTomCrypt $LTCVER sources..."
tar -xjvvf ./crypt-$LTCVER.tar.bz2
fi
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-games/ioquake3.git
More information about the Pkg-games-commits
mailing list