From 3535ad4653c33bbd65a6aeab863a9e329755f1da Mon Sep 17 00:00:00 2001
From: midipix <writeonce@midipix.org>
Date: Mon, 12 Oct 2020 23:37:40 +0000
Subject: once/get_updates.sh: also compare update signatures against current
 tarballs.

---
 once/get_updates.sh | 33 +++++++++++++++++++++++++++++----
 1 file changed, 29 insertions(+), 4 deletions(-)

diff --git a/once/get_updates.sh b/once/get_updates.sh
index a51fc9a..08ce281 100755
--- a/once/get_updates.sh
+++ b/once/get_updates.sh
@@ -100,12 +100,37 @@ for tarball in ${mb_tarballs:-}; do
 	printf 'checking local status of %s...\n' $tarball >&3
 
 	if ! [ -f /updates/$tarball ]; then
-		printf '\t/updates/%s does not exist, download needed.\n' $tarball >&3
+		if [ -f /tarballs/$tarball ]; then
+			if ! [ -f /tarballs/$tarball.sha256 ]; then
+				sha256sum /tarballs/$tarball > /tarballs/$tarball.sha256
+			fi
+
+			mb_remotesig=$(grep $tarball /updates/updates.sha256 | cut -d' ' -f1)
+			mb_localsig=$(cat /tarballs/$tarball.sha256 | cut -d' ' -f1)
+
+			printf '\tremote signature: %s\n' $mb_remotesig >&3
+			printf '\tcached signature: %s\n' $mb_localsig >&3
 
-		if [ $mb_obtain = no ]; then
-			update_needed
+			if [ $mb_localsig != $mb_remotesig ]; then
+				printf '\tsignatures do not match, download needed.\n' >&3
+
+				if [ $mb_obtain = no ]; then
+					update_needed
+				else
+					mb_needed=yes
+				fi
+			else
+				printf '\tsignatures match, installed tarball is already up-to-date.\n' >&3
+				mb_needed=no
+			fi
 		else
-			mb_needed=yes
+			printf '\t/updates/%s does not exist, download needed.\n' $tarball >&3
+
+			if [ $mb_obtain = no ]; then
+				update_needed
+			else
+				mb_needed=yes
+			fi
 		fi
 	else
 		printf '\t/updates/%s found, checking signatures...\n' $tarball >&3
-- 
cgit v1.2.3