[Pkg-gnupg-commit] [gnupg2] 142/159: speedo: Allow use of SHA-256 checksums
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 27 13:24:03 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 039a55716b8abd22ce23a96dce34cf2dc4be1862
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 25 09:03:50 2016 +0100
speedo: Allow use of SHA-256 checksums
* build-aux/getswdb.sh: Add option --find-sha256sum.
* build-aux/speedo.mk (libgpg_error_sha2): New var. Also for all
other packages.
(SHA2SUM): New.
(SETVARS, SETVARS_W64): Prefer sha256sum over sha1sum.
(installer-from-source): Create swdb fragment.
Signed-off-by: Werner Koch <wk at gnupg.org>
---
Makefile.am | 15 +++++++++++++++
build-aux/getswdb.sh | 20 ++++++++++++++++++++
build-aux/speedo.mk | 42 +++++++++++++++++++++++++++++++++++++++---
3 files changed, 74 insertions(+), 3 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 8bff2ef..19f13fe 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -103,6 +103,21 @@ dist_doc_DATA = README
dist-hook: gen-ChangeLog
+distcheck-hook:
+ set -e; ( \
+ pref="#+macro: gnupg21_" ;\
+ reldate="$$(date -u +%Y-%m-%d)" ;\
+ echo "$${pref}ver $(PACKAGE_VERSION)" ;\
+ echo "$${pref}date $${reldate}" ;\
+ list='$(DIST_ARCHIVES)'; for i in $$list; do \
+ case "$$i" in *.tar.bz2) \
+ echo "$${pref}size $$(wc -c <$$i|awk '{print int($$1/1024)}')k" ;\
+ echo "$${pref}sha1 $$(sha1sum <$$i|cut -d' ' -f1)" ;\
+ echo "$${pref}sha2 $$(sha256sum <$$i|cut -d' ' -f1)" ;;\
+ esac;\
+ done ) | tee $(distdir).swdb
+
+
if HAVE_W32_SYSTEM
install-data-hook:
set -e; \
diff --git a/build-aux/getswdb.sh b/build-aux/getswdb.sh
index e7f6fca..4a1730b 100755
--- a/build-aux/getswdb.sh
+++ b/build-aux/getswdb.sh
@@ -37,6 +37,7 @@ Options:
--skip-verify Do not check signatures
--skip-selfcheck Do not check GnuPG version
--find-sha1sum Print the name of the sha1sum utility
+ --find-sha256sum Print the name of the sha256sum utility
--help Print this help.
EOF
exit $1
@@ -49,6 +50,7 @@ skip_download=no
skip_verify=no
skip_selfcheck=no
find_sha1sum=no
+find_sha256sum=no
while test $# -gt 0; do
case "$1" in
# Set up `optarg'.
@@ -76,6 +78,9 @@ while test $# -gt 0; do
--find-sha1sum)
find_sha1sum=yes
;;
+ --find-sha256sum)
+ find_sha256sum=yes
+ ;;
*)
usage 1 1>&2
;;
@@ -96,6 +101,21 @@ if [ ${find_sha1sum} = yes ]; then
exit 1
fi
+# Mac OSX has only a shasum and not sha256sum
+if [ ${find_sha256sum} = yes ]; then
+ for i in 'shasum -a 256' sha256sum ; do
+ tmp=$($i </dev/null 2>/dev/null | cut -d ' ' -f1)
+ tmp2="e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+ if [ x"$tmp" = x"$tmp2" ]; then
+ echo "$i"
+ exit 0
+ fi
+ done
+ echo "false"
+ exit 1
+fi
+
+
# Get GnuPG version from VERSION file. For a GIT checkout this means
# that ./autogen.sh must have been run first. For a regular tarball
# VERSION is always available.
diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk
index cd3a66d..5dde0fe 100644
--- a/build-aux/speedo.mk
+++ b/build-aux/speedo.mk
@@ -260,39 +260,51 @@ gnupg_ver := $(shell awk '$$1=="gnupg21_ver" {print $$2}' swdb.lst)
libgpg_error_ver := $(shell awk '$$1=="libgpg_error_ver" {print $$2}' swdb.lst)
libgpg_error_sha1:= $(shell awk '$$1=="libgpg_error_sha1" {print $$2}' swdb.lst)
+libgpg_error_sha2:= $(shell awk '$$1=="libgpg_error_sha2" {print $$2}' swdb.lst)
npth_ver := $(shell awk '$$1=="npth_ver" {print $$2}' swdb.lst)
npth_sha1 := $(shell awk '$$1=="npth_sha1" {print $$2}' swdb.lst)
+npth_sha2 := $(shell awk '$$1=="npth_sha2" {print $$2}' swdb.lst)
libgcrypt_ver := $(shell awk '$$1=="libgcrypt_ver" {print $$2}' swdb.lst)
libgcrypt_sha1 := $(shell awk '$$1=="libgcrypt_sha1" {print $$2}' swdb.lst)
+libgcrypt_sha2 := $(shell awk '$$1=="libgcrypt_sha2" {print $$2}' swdb.lst)
libassuan_ver := $(shell awk '$$1=="libassuan_ver" {print $$2}' swdb.lst)
libassuan_sha1 := $(shell awk '$$1=="libassuan_sha1" {print $$2}' swdb.lst)
+libassuan_sha2 := $(shell awk '$$1=="libassuan_sha2" {print $$2}' swdb.lst)
libksba_ver := $(shell awk '$$1=="libksba_ver" {print $$2}' swdb.lst)
libksba_sha1 := $(shell awk '$$1=="libksba_sha1" {print $$2}' swdb.lst)
+libksba_sha2 := $(shell awk '$$1=="libksba_sha2" {print $$2}' swdb.lst)
gpgme_ver := $(shell awk '$$1=="gpgme_ver" {print $$2}' swdb.lst)
gpgme_sha1 := $(shell awk '$$1=="gpgme_sha1" {print $$2}' swdb.lst)
+gpgme_sha2 := $(shell awk '$$1=="gpgme_sha2" {print $$2}' swdb.lst)
pinentry_ver := $(shell awk '$$1=="pinentry_ver" {print $$2}' swdb.lst)
pinentry_sha1 := $(shell awk '$$1=="pinentry_sha1" {print $$2}' swdb.lst)
+pinentry_sha2 := $(shell awk '$$1=="pinentry_sha2" {print $$2}' swdb.lst)
gpa_ver := $(shell awk '$$1=="gpa_ver" {print $$2}' swdb.lst)
gpa_sha1 := $(shell awk '$$1=="gpa_sha1" {print $$2}' swdb.lst)
+gpa_sha2 := $(shell awk '$$1=="gpa_sha2" {print $$2}' swdb.lst)
gpgex_ver := $(shell awk '$$1=="gpgex_ver" {print $$2}' swdb.lst)
gpgex_sha1 := $(shell awk '$$1=="gpgex_sha1" {print $$2}' swdb.lst)
+gpgex_sha2 := $(shell awk '$$1=="gpgex_sha2" {print $$2}' swdb.lst)
zlib_ver := $(shell awk '$$1=="zlib_ver" {print $$2}' swdb.lst)
zlib_sha1 := $(shell awk '$$1=="zlib_sha1_gz" {print $$2}' swdb.lst)
+zlib_sha2 := $(shell awk '$$1=="zlib_sha2_gz" {print $$2}' swdb.lst)
bzip2_ver := $(shell awk '$$1=="bzip2_ver" {print $$2}' swdb.lst)
bzip2_sha1 := $(shell awk '$$1=="bzip2_sha1_gz" {print $$2}' swdb.lst)
+bzip2_sha2 := $(shell awk '$$1=="bzip2_sha2_gz" {print $$2}' swdb.lst)
adns_ver := $(shell awk '$$1=="adns_ver" {print $$2}' swdb.lst)
adns_sha1 := $(shell awk '$$1=="adns_sha1" {print $$2}' swdb.lst)
+adns_sha2 := $(shell awk '$$1=="adns_sha2" {print $$2}' swdb.lst)
$(info Information from the version database)
$(info GnuPG ..........: $(gnupg_ver) (building $(gnupg_ver_this)))
@@ -628,6 +640,10 @@ SHA1SUM := $(shell $(topsrc)/build-aux/getswdb.sh --find-sha1sum)
ifeq ($(SHA1SUM),false)
$(error The sha1sum tool is missing)
endif
+SHA2SUM := $(shell $(topsrc)/build-aux/getswdb.sh --find-sha256sum)
+ifeq ($(SHA2SUM),false)
+$(error The sha256sum tool is missing)
+endif
BUILD_ISODATE=$(shell date -u +%Y-%m-%d)
@@ -705,6 +721,7 @@ define SETVARS
git="$(call GETVAR,speedo_pkg_$(1)_git)"; \
gitref="$(call GETVAR,speedo_pkg_$(1)_gitref)"; \
tar="$(call GETVAR,speedo_pkg_$(1)_tar)"; \
+ sha2="$(call GETVAR,$(1)_sha2)"; \
sha1="$(call GETVAR,$(1)_sha1)"; \
pkgsdir="$(sdir)/$(1)"; \
if [ "$(1)" = "gnupg" ]; then \
@@ -739,6 +756,7 @@ define SETVARS_W64
git="$(call GETVAR,speedo_pkg_$(1)_git)"; \
gitref="$(call GETVAR,speedo_pkg_$(1)_gitref)"; \
tar="$(call GETVAR,speedo_pkg_$(1)_tar)"; \
+ sha2="$(call GETVAR,$(1)_sha2)"; \
sha1="$(call GETVAR,$(1)_sha1)"; \
pkgsdir="$(sdir)/$(1)"; \
if [ "$(1)" = "gnupg" ]; then \
@@ -814,11 +832,19 @@ $(stampdir)/stamp-$(1)-00-unpack: $(stampdir)/stamp-directories
| $$$${pretar} | tar x$$$${opt}f - ;; \
esac; \
if [ -f tmp.tgz ]; then \
- if [ -n "$$$${sha1}" ]; then \
+ if [ -n "$$$${sha2}" ]; then \
+ tmp=$$$$($(SHA2SUM) <tmp.tgz|cut -d' ' -f1);\
+ if [ "$$$${tmp}" != "$$$${sha2}" ]; then \
+ echo "speedo:"; \
+ echo "speedo: ERROR: SHA-256 checksum mismatch for $(1)";\
+ echo "speedo:"; \
+ exit 1; \
+ fi; \
+ elif [ -n "$$$${sha1}" ]; then \
tmp=$$$$($(SHA1SUM) <tmp.tgz|cut -d' ' -f1);\
if [ "$$$${tmp}" != "$$$${sha1}" ]; then \
echo "speedo:"; \
- echo "speedo: ERROR: checksum mismatch for $(1)";\
+ echo "speedo: ERROR: SHA-1 checksum mismatch for $(1)";\
echo "speedo:"; \
exit 1; \
fi; \
@@ -1128,7 +1154,17 @@ installer-from-source: dist-source
tar xJf "../$(INST_NAME)-$(INST_VERSION)_$(BUILD_DATESTR).tar.xz";\
cd $(INST_NAME)-$(INST_VERSION); \
$(MAKE) -f build-aux/speedo.mk this-w32-installer SELFCHECK=0;\
- mv "PLAY/inst/$(INST_NAME)-$(INST_VERSION)_$(BUILD_DATESTR).exe" ../.. ;\
+ reldate="$$(date -u +%Y-%m-%d)" ;\
+ exefile="$(INST_NAME)-$(INST_VERSION)_$(BUILD_DATESTR).exe" ;\
+ mv "PLAY/inst/$$exefile" ../.. ;\
+ exefile="../../$$exefile" ;\
+ ( pref="#+macro: gnupg21_w32_" ;\
+ echo "$${pref}ver $(INST_VERSION)_$(BUILD_DATESTR)" ;\
+ echo "$${pref}date $${reldate}" ;\
+ echo "$${pref}size $$(wc -c <$$exefile|awk '{print int($$1/1024)}')k";\
+ echo "$${pref}sha1 $$(sha1sum <$$exefile|cut -d' ' -f1)" ;\
+ echo "$${pref}sha2 $$(sha256sum <$$exefile|cut -d' ' -f1)" ;\
+ ) | tee $$exefile.swdb ;\
)
endif
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list