From d364b4929d8a53f23fbd3a4dde79bcdbd162157b Mon Sep 17 00:00:00 2001 From: rhatto Date: Fri, 26 Dec 2008 17:41:28 +0000 Subject: inkscape.mkbuild inkscape: adding manifest and enabling signature checking git-svn-id: svn+slack://slack.fluxo.info/var/svn/slackbuilds@2036 370017ae-e619-0410-ac65-c121f96126d4 --- media/gfx/inkscape/Manifest | 4 ++ media/gfx/inkscape/inkscape.SlackBuild | 102 +++++++++++++++++++++++++++++++++ 2 files changed, 106 insertions(+) create mode 100644 media/gfx/inkscape/Manifest diff --git a/media/gfx/inkscape/Manifest b/media/gfx/inkscape/Manifest new file mode 100644 index 00000000..56ef3697 --- /dev/null +++ b/media/gfx/inkscape/Manifest @@ -0,0 +1,4 @@ +DIST inkscape-0.46.tar.gz 18615326 MD5 3bae9034047379012127e52f9b138d32 SHA1 b7c53c6d2bc0de4ff24d4a6bee86359ff11bef27 SHA256 91861e0d72228116d31e07192f77fe9e0968d4ed06499829b2d66e641496993a SHA512 279fc80dc0e8b46530353619457f26ea2cfd00ec4a9a45456c66a6a454784394484a059e191a565777b39110e6f8842a546c8bb518b91b25c91726b60fbd505c RMD160 449e07fa4caa71f20025774353d19cad674631ac +MKBUILD inkscape.mkbuild 4705 MD5 936885c803512581ead3812794802ecf SHA1 bef3cbda423f0fc85621117f461acf87426f2732 SHA256 5c6a83b8159d0dcee89643a394bd0aeb75e31553eefff6645c59b758509b463f SHA512 b7fab51635fd81cd6438a73107e95628b02608b945c5928997ccb25aa8424091f2b618cc0225a9a0e1e640313c71752c31f90e8f29ef710cc49cf43cd82ae8c1 RMD160 10f59e745bebbd6c76afab29caff8164424e9954 +SLACK-REQUIRED slack-required 180 MD5 f02b8f7fd33b9f21063c3d9604e63ee6 SHA1 d1a7f1350da827adcab964dec6726e6100cb6899 SHA256 e9b586422096d82ac1c90d39c60de5cbe016beee1958d021694966cdd48af9f6 SHA512 366100f77f625d004b11f39a5b13f6dca6f88d73c8f37dcefd1ca58da208da3c34de6e7c616cf4ee85d60d56a9568aa4376cb64add82dcf67505aef4c973b75c RMD160 e2e6f94b92159516f7fc8510eefab87d39990660 +SLACKBUILD inkscape.SlackBuild 8625 MD5 64bded943935c42c1d8fcf0959be3a9d SHA1 8b9956b3ac764ee1ed6c34c0d09b88bd5f24514a SHA256 4c5b9a1c28abac0e6a018ac332033e71055ec86e6a370808e0f42f21a66f17d0 SHA512 14c3fffdd48a7a31c6e2bf803c65f96100994898561b60747b8f095372299ce0af81269b4830d661a7567b188aa06f702ff71576a7e3791d35a29599ede6a11b RMD160 96d2d162060ee5713a76d2d879b3f68d02a3ecb8 diff --git a/media/gfx/inkscape/inkscape.SlackBuild b/media/gfx/inkscape/inkscape.SlackBuild index 1a3efa19..2d178ab7 100755 --- a/media/gfx/inkscape/inkscape.SlackBuild +++ b/media/gfx/inkscape/inkscape.SlackBuild @@ -65,6 +65,7 @@ ERROR_WGET=31; ERROR_MAKE=32; ERROR_INSTALL=33 ERROR_MD5=34; ERROR_CONF=35; ERROR_HELP=36 ERROR_TAR=37; ERROR_MKPKG=38; ERROR_GPG=39 ERROR_PATCH=40; ERROR_VCS=41; ERROR_MKDIR=42 +ERROR_MANIFEST=43; # Clean up any leftovers of previous builds rm -rf "$PKG_WORK" 2> /dev/null @@ -84,6 +85,107 @@ if [ ! -s "$SRC_DIR/$SRC" ] || ! gunzip -t "$SRC_DIR/$SRC" 2> /dev/null; then wget "$URL" -O "$SRC_DIR/$SRC" || exit $ERROR_WGET fi +# Import minimized signing key from +if echo [[SIGNING KEY URL]] | grep -q -v "SIGNING KEY URL"; then + lynx -dump [[SIGNING KEY URL]] | gpg --import || exit $ERROR_GPG +elif echo [[SIGNING KEY ID]] | grep -q -v "SIGNING KEY ID"; then + gpg --recv-keys [[SIGNING KEY ID]] || exit $ERROR_GPG +else + gpg --import << EOKEY || exit $ERROR_GPG +[[SIGNING KEY]] +EOKEY +fi + +# Download source's signature if necessary and check it +if echo [[SIGNING URL]] | grep -q -v "SIGNING URL"; then + SIGNATURE="`basename [[SIGNING URL]]`" + if [ ! -s "$SRC_DIR/$SIGNATURE" ]; then + wget "[[SIGNING URL]]" -O "$SRC_DIR/$SIGNATURE" || exit $ERROR_WGET + fi +else + if [ -s "$SRC_DIR/$SRC.sig" ]; then + SIGNATURE="$SRC.sig" + elif [ -s "$SRC_DIR/$SRC.asc" ]; then + SIGNATURE="$SRC.asc" + else + echo Trying to get signature file from $URL.sig... + if wget "$URL.sig" -O "$SRC_DIR/$SRC.sig"; then + SIGNATURE="$SRC.sig" + else + rm $SRC_DIR/$SRC.sig + echo Trying to get signature file from $URL.asc... + if wget "$URL.asc" -O "$SRC_DIR/$SRC.asc"; then + SIGNATURE="$SRC.asc" + else + rm $SRC_DIR/$SRC.asc + echo "Error getting source's signature file" + exit $ERROR_GPG + fi + fi + fi +fi + +echo Checking $SRC_DIR/$SRC with gpg using $SRC_DIR/$SIGNATURE... +gpg --verify "$SRC_DIR/$SIGNATURE" "$SRC_DIR/$SRC" || exit $ERROR_GPG +echo Success. + +# Check Manifest file +if [ -e "$CWD/Manifest" ]; then + + MANIFEST_LINES="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | wc -l`" + + for ((MANIFEST_COUNT=1; MANIFEST_COUNT <= $MANIFEST_LINES; MANIFEST_COUNT++)); do + + MANIFEST_LINE="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | head -n $MANIFEST_COUNT | tail -n 1`" + MANIFEST_FILE="`echo $MANIFEST_LINE | awk '{ print $2 }'`" + MANIFEST_FILE_TYPE="`echo $MANIFEST_LINE | awk '{ print $1 }'`" + + if [ -e "$SRC_DIR/$MANIFEST_FILE" ]; then + MANIFEST_FILE="$SRC_DIR/$MANIFEST_FILE" + else + MANIFEST_FILE="`find $CWD -name $MANIFEST_FILE`" + fi + + if [ ! -e "$MANIFEST_FILE" ] || [ -d "$MANIFEST_FILE" ]; then + continue + fi + + echo "Checking Manifest for $MANIFEST_FILE_TYPE $MANIFEST_FILE integrity..." + + SIZE_SRC="`wc -c $MANIFEST_FILE | awk '{ print $1 }'`" + SIZE_MANIFEST="`echo $MANIFEST_LINE | awk '{ print $3 }'`" + + # Check source code size + if [ "$SIZE_SRC" != "$SIZE_MANIFEST" ]; then + echo "SIZE Manifest: $SIZE_MANIFEST; SIZE $SRC: $SIZE_SRC" + exit $ERROR_MANIFEST + else + echo "Size match." + fi + + # Check source code integrity + for ALGO in md5 sha1 sha256 sha512 rmd160; do + if [ $ALGO = "rmd160" ]; then + ALGO_SRC="`openssl rmd160 $MANIFEST_FILE | awk '{ print $2 }'`" + else + ALGO_SRC="`"$ALGO"sum $MANIFEST_FILE | awk '{ print $1 }'`" + fi + ALGO="`echo $ALGO | tr '[:lower:]' '[:upper:]'`" + ALGO_MANIFEST=$(echo $MANIFEST_LINE | sed "s/.* $ALGO //" | awk '{ print $1 }') + if [ "$ALGO_SRC" != "$ALGO_MANIFEST" ]; then + echo "$ALGO Manifest: $ALGO_MANIFEST; $ALGO $SRC: $ALGO_SRC" + exit $ERROR_MANIFEST + else + echo "$ALGO match." + fi + done + + done + +else + exit $ERROR_MANIFEST +fi + # Untar cd "$PKG_WORK" tar --no-same-owner --no-same-permissions -xvf "$SRC_DIR/$SRC" || exit $ERROR_TAR -- cgit v1.2.3