diff options
-rw-r--r-- | sys/apps/simplepkg/Manifest | 22 | ||||
-rwxr-xr-x | sys/apps/simplepkg/simplepkg.SlackBuild | 73 |
2 files changed, 92 insertions, 3 deletions
diff --git a/sys/apps/simplepkg/Manifest b/sys/apps/simplepkg/Manifest new file mode 100644 index 00000000..c1a4eb9f --- /dev/null +++ b/sys/apps/simplepkg/Manifest @@ -0,0 +1,22 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +MKBUILD simplepkg.mkbuild 2078 MD5 9d6b84cc3e6653099aabdd1ee2421e03 RMD160 dc95e1cc381342dfef1f3df1cff88c2ac96735a5 SHA1 5bc3c1cc704874479acabb69cc758195bb6c56af SHA256 6e00eb3bf95437bcfb131267b7c6e3d30e51520f51ca8d5ac3d3e22ebc94e7e1 SHA512 bf2df86580eff507ea6309d4a272dce874cefbefb1df3d856c1f7dd76a8799079c35c42b0e922e9a78b16c5c294e824590d81bbdd78c0d5c2aa04c7cb296b685 +SLACKBUILD simplepkg.SlackBuild 5289 MD5 294b17eb458e7a805823f5da086a4805 RMD160 fca937075227e11051e3b9ec4b454b4c2730dab0 SHA1 36079ad38d9a2349bf280093c3c12eb6b41ff5d5 SHA256 1a03616dd049eddeca4891d92a43629529f913d3d91fec5b2da251d8acdab39d SHA512 414fd98f06ae982678532550461db4a2c6ba858f72a6f9d90083f5106e9a4bb98dab3be7f1fab4288535760d931e2f5131f60d414a4ac3e111dd68a87268c85e +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.9 (GNU/Linux) + +iQIcBAEBAgAGBQJJd9gsAAoJEEHL93ESzgeijUcP/i6mS7wCcd0CAmzdQ9AaFxPA +XPOsrzVB60OQ760K7venRDEOf9Os1mVzRPmPDJtar2n+Xx9K2vccncZoPS3eM/nu +TSmnZvfkxain8VkkM7jCht99cz50zh86TEPfHlPzD1G15cMWTdN/7yjotnQ+pqw2 +YMoMMjWBvSlugHo2emgNZvWdzyKvAStxWdaRnO1VICofnRXfzTvL1RqAfoahd+Id +2m3SAgly8/oOxhj/btyq1aHUPbdqvZtxMqRYuH+MiQaAupT9Nmq7tOI8FeaZgQ3Q +WNL6PhnYGo37wk/FnpiHr7kG22deA8yS8CDUp5tfKryqXHZt4xDmrDwgkSX3X5gS +BZshaEIR5aGGs8vqYFrePFuz5O1F4LKAJPr5++Sid9tUSO6MkfSj5rno+EISksNb +tX8bJchPOH16hxcxmSYnBGUinommDPhIxlyUBedlvkVMymBkU9mbwXt6wHOAM9bp +jK/UMhgxNCvzroEWwIxl+zfyR68Pyl82D1KqqA+EuBHamfWs7a1oO7ehzBQ6qNXp +7eQ+lWrH1SsS+K+jv2nHIIre4OBHUMYSYCipc31Zmw61lYZ6RjNcWy0C14Ms6a4R +JVufse9o3NjX74BQzMYgljlzbW34fNvshcQtfFcf5lqozKZnHUVn6g7NogQxG2hg +faNnOCmU0hioJ1Rd6sml +=uh7R +-----END PGP SIGNATURE----- diff --git a/sys/apps/simplepkg/simplepkg.SlackBuild b/sys/apps/simplepkg/simplepkg.SlackBuild index 13c0e4f4..9b861617 100755 --- a/sys/apps/simplepkg/simplepkg.SlackBuild +++ b/sys/apps/simplepkg/simplepkg.SlackBuild @@ -47,9 +47,9 @@ NUMJOBS=${NUMJOBS:=""} LIBDIR="$PREFIX/lib" if [ "$ARCH" = "i386" ]; then - SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + SLKCFLAGS="-O2 -march=i386 -mtune=i686" elif [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mcpu=i686" + SLKCFLAGS="-O2 -march=i486 -mtune=i686" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686" elif [ "$ARCH" = "s390" ]; then @@ -65,6 +65,7 @@ ERROR_WGET=31; ERROR_MAKE=32; ERROR_INSTALL=33 ERROR_MD5=34; ERROR_CONF=35; ERROR_HELP=36 ERROR_TAR=37; ERROR_MKPKG=38; ERROR_GPG=39 ERROR_PATCH=40; ERROR_VCS=41; ERROR_MKDIR=42 +ERROR_MANIFEST=43; # Clean up any leftovers of previous builds rm -rf "$PKG_WORK" 2> /dev/null @@ -96,6 +97,72 @@ cp -a $SRC_DIR/* . PKG_SRC="$PWD/$SND_DIR" cd "$PKG_SRC" +# Check Manifest file +if [ -e "$CWD/Manifest" ]; then + + # Manifest signature checking + if grep -q -- "-----BEGIN PGP SIGNED MESSAGE-----" $CWD/Manifest; then + echo "Checking Manifest signature..." + gpg --verify $CWD/Manifest + if [ "$?" != "0" ]; then + exit $ERROR_MANIFEST + fi + fi + + MANIFEST_LINES="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | wc -l`" + + for ((MANIFEST_COUNT=1; MANIFEST_COUNT <= $MANIFEST_LINES; MANIFEST_COUNT++)); do + + MANIFEST_LINE="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | head -n $MANIFEST_COUNT | tail -n 1`" + MANIFEST_FILE="`echo $MANIFEST_LINE | awk '{ print $2 }'`" + MANIFEST_FILE_TYPE="`echo $MANIFEST_LINE | awk '{ print $1 }'`" + + if [ -e "$SRC_DIR/$MANIFEST_FILE" ]; then + MANIFEST_FILE="$SRC_DIR/$MANIFEST_FILE" + else + MANIFEST_FILE="`find $CWD -name $MANIFEST_FILE`" + fi + + if [ ! -e "$MANIFEST_FILE" ] || [ -d "$MANIFEST_FILE" ]; then + continue + fi + + echo "Checking Manifest for $MANIFEST_FILE_TYPE $MANIFEST_FILE integrity..." + + SIZE_SRC="`wc -c $MANIFEST_FILE | awk '{ print $1 }'`" + SIZE_MANIFEST="`echo $MANIFEST_LINE | awk '{ print $3 }'`" + + # Check source code size + if [ "$SIZE_SRC" != "$SIZE_MANIFEST" ]; then + echo "SIZE Manifest: $SIZE_MANIFEST; SIZE $SRC: $SIZE_SRC" + exit $ERROR_MANIFEST + else + echo "Size match." + fi + + # Check source code integrity + for ALGO in md5 rmd160 sha1 sha256 sha512; do + if [ $ALGO = "rmd160" ]; then + ALGO_SRC="`openssl rmd160 $MANIFEST_FILE | awk '{ print $2 }'`" + else + ALGO_SRC="`"$ALGO"sum $MANIFEST_FILE | awk '{ print $1 }'`" + fi + ALGO="`echo $ALGO | tr '[:lower:]' '[:upper:]'`" + ALGO_MANIFEST=$(echo $MANIFEST_LINE | sed "s/.* $ALGO //" | awk '{ print $1 }') + if [ "$ALGO_SRC" != "$ALGO_MANIFEST" ]; then + echo "$ALGO Manifest: $ALGO_MANIFEST; $ALGO $SRC: $ALGO_SRC" + exit $ERROR_MANIFEST + else + echo "$ALGO match." + fi + done + + done + +else + exit $ERROR_MANIFEST +fi + # Install make install DESTDIR="$PKG" || exit $ERROR_INSTALL @@ -104,6 +171,6 @@ cd "$PKG" makepkg -l y -c n "$REPOS/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG # Delete source and build directories if requested -if [ "$CLEANUP" == "yes" ]; then +if [ "$CLEANUP" == "yes" ] || [ "$1" = "--cleanup" ]; then rm -rf "$PKG_WORK" "$PKG" fi |