From 3d8d7411ab45131f521d62992550269c34e28dfa Mon Sep 17 00:00:00 2001 From: Henrik Grimler Date: Sun, 20 Jan 2019 17:51:21 +0100 Subject: [PATCH] build-package.sh: return 1 if hashsum doesn't exist for package When downloading depencencies --- build-package.sh | 16 +++++++--------- scripts/get_hash_from_file.py | 14 +++++++++----- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/build-package.sh b/build-package.sh index baa6c81164..55e4cad2c2 100755 --- a/build-package.sh +++ b/build-package.sh @@ -475,17 +475,15 @@ termux_download_deb() { local package_arch=$2 local version=$3 local deb_file=${package}_${version}_${package_arch}.deb - local pkg_hash=$(./scripts/get_hash_from_file.py ${TERMUX_COMMON_CACHEDIR}-${package_arch}/Packages $package) - + local pkg_hash=$(./scripts/get_hash_from_file.py ${TERMUX_COMMON_CACHEDIR}-${package_arch}/Packages $package $version) if [ "$pkg_hash" = "" ]; then - # No hash found for $package return 1 + else + termux_download $TERMUX_REPO_URL/$TERMUX_REPO_DISTRIBUTION/$TERMUX_REPO_COMPONENT/binary-${package_arch}/${deb_file} \ + $TERMUX_COMMON_CACHEDIR-$package_arch/${deb_file} \ + $pkg_hash + return 0 fi - - termux_download $TERMUX_REPO_URL/$TERMUX_REPO_DISTRIBUTION/$TERMUX_REPO_COMPONENT/binary-${package_arch}/${deb_file} \ - $TERMUX_COMMON_CACHEDIR-$package_arch/${deb_file} \ - $pkg_hash - return 0 } # Script to download InRelease, verify it's signature and then download Packages.xz by hash @@ -522,7 +520,7 @@ termux_step_get_repo_files() { curl --fail -LO "$TERMUX_REPO_URL/$TERMUX_REPO_DISTRIBUTION/InRelease" \ || termux_error_exit "Download of $TERMUX_REPO_URL/$TERMUX_REPO_DISTRIBUTION/InRelease failed" # Import Fornwalls key: - gpg --recv $TERMUX_REPO_SIGNING_KEY + gpg -k $TERMUX_REPO_SIGNING_KEY 2>/dev/null || gpg --recv $TERMUX_REPO_SIGNING_KEY gpg --verify InRelease ) for arch in all $TERMUX_ARCH; do diff --git a/scripts/get_hash_from_file.py b/scripts/get_hash_from_file.py index 4d355832cf..b34276c7a4 100755 --- a/scripts/get_hash_from_file.py +++ b/scripts/get_hash_from_file.py @@ -2,16 +2,20 @@ import os, sys -def get_pkg_hash_from_Packages(Packages_file, package, hash="SHA256"): +def get_pkg_hash_from_Packages(Packages_file, package, version, hash="SHA256"): with open(Packages_file, 'r') as Packages: package_list = Packages.read().split('\n\n') for pkg in package_list: if pkg.split('\n')[0] == "Package: "+package: for line in pkg.split('\n'): - if line.startswith(hash): + if line.startswith('Version:'): + if line != 'Version: '+version: + # Seems the repo contains the wrong version, or several versions + # We can't use this one so continue looking + break + elif line.startswith(hash): print(line.split(" ")[1]) break - break def get_Packages_hash_from_InRelease(InRelease_file, arch, hash="SHA256"): string_to_found = 'binary-'+arch+'/Packages.xz' @@ -27,10 +31,10 @@ def get_Packages_hash_from_InRelease(InRelease_file, arch, hash="SHA256"): if __name__ == '__main__': if len(sys.argv) < 2: - sys.exit('Too few arguments, I need the path to a Packages file and a package name. Exiting') + sys.exit('Too few arguments, I need the path to a Packages file, a package name and a version, or an InRelease file and an architecture. Exiting') if sys.argv[1].endswith('Packages'): - get_pkg_hash_from_Packages(sys.argv[1], sys.argv[2]) + get_pkg_hash_from_Packages(sys.argv[1], sys.argv[2], sys.argv[3]) elif sys.argv[1].endswith('InRelease'): get_Packages_hash_from_InRelease(sys.argv[1], sys.argv[2]) else: