@@ -244,6 +244,7 @@ create_tmp_dir() {
244
244
probe_need CFG_CURL curl
245
245
probe_need CFG_TAR tar
246
246
probe_need CFG_FILE file
247
+ probe_need CFG_SHASUM shasum
247
248
248
249
CFG_SRC_DIR=" $( cd $( dirname $0 ) && pwd) /"
249
250
CFG_SELF=" $0 "
@@ -431,10 +432,39 @@ CARGO_TARBALL_NAME="${CARGO_PACKAGE_NAME_AND_TRIPLE}.tar.gz"
431
432
CARGO_LOCAL_INSTALL_DIR=" ${CFG_TMP_DIR} /${CARGO_PACKAGE_NAME_AND_TRIPLE} "
432
433
CARGO_LOCAL_INSTALL_SCRIPT=" ${CARGO_LOCAL_INSTALL_DIR} /install.sh"
433
434
435
+ verify_hash () {
436
+ remote_sha256=" $1 "
437
+ local_file=" $2 "
438
+
439
+ msg " Downloading ${remote_sha256} "
440
+ remote_sha256=` " ${CFG_CURL} " -f " ${remote_sha256} " `
441
+ if [ " $? " -ne 0 ]; then
442
+ rm -Rf " ${CFG_TMP_DIR} "
443
+ err " Failed to download ${remote_url} "
444
+ fi
445
+
446
+ msg " Verifying hash"
447
+ local_sha256=` " ${CFG_SHASUM} " -a 256 " ${local_file} " `
448
+ if [ " $? " -ne 0 ]; then
449
+ rm -Rf " ${CFG_TMP_DIR} "
450
+ err " Failed to compute hash for ${local_tarball} "
451
+ fi
452
+
453
+ # We only need the sha, not the filenames
454
+ remote_sha256=` echo ${remote_sha256} | cut -f 1 -d ' ' `
455
+ local_sha256=` echo ${local_sha256} | cut -f 1 -d ' ' `
456
+
457
+ if [ " ${remote_sha256} " != " ${local_sha256} " ]; then
458
+ rm -Rf " ${CFG_TMP_DIR} "
459
+ err " invalid sha256.\n ${remote_sha256} \t${remote_tarball} \n ${local_sha256} \t${local_tarball} "
460
+ fi
461
+ }
462
+
434
463
# Fetch the package.
435
464
download_package () {
436
465
remote_tarball=" $1 "
437
466
local_tarball=" $2 "
467
+ remote_sha256=" ${remote_tarball} .sha256"
438
468
439
469
msg " Downloading ${remote_tarball} to ${local_tarball} "
440
470
@@ -444,6 +474,8 @@ download_package() {
444
474
rm -Rf " ${CFG_TMP_DIR} "
445
475
err " failed to download installer"
446
476
fi
477
+
478
+ verify_hash " ${remote_sha256} " " ${local_tarball} "
447
479
}
448
480
449
481
# Wrap all the commands needed to install a package.
0 commit comments