From 3535ad4653c33bbd65a6aeab863a9e329755f1da Mon Sep 17 00:00:00 2001 From: midipix Date: Mon, 12 Oct 2020 23:37:40 +0000 Subject: once/get_updates.sh: also compare update signatures against current tarballs. --- once/get_updates.sh | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/once/get_updates.sh b/once/get_updates.sh index a51fc9a..08ce281 100755 --- a/once/get_updates.sh +++ b/once/get_updates.sh @@ -100,12 +100,37 @@ for tarball in ${mb_tarballs:-}; do printf 'checking local status of %s...\n' $tarball >&3 if ! [ -f /updates/$tarball ]; then - printf '\t/updates/%s does not exist, download needed.\n' $tarball >&3 + if [ -f /tarballs/$tarball ]; then + if ! [ -f /tarballs/$tarball.sha256 ]; then + sha256sum /tarballs/$tarball > /tarballs/$tarball.sha256 + fi + + mb_remotesig=$(grep $tarball /updates/updates.sha256 | cut -d' ' -f1) + mb_localsig=$(cat /tarballs/$tarball.sha256 | cut -d' ' -f1) + + printf '\tremote signature: %s\n' $mb_remotesig >&3 + printf '\tcached signature: %s\n' $mb_localsig >&3 - if [ $mb_obtain = no ]; then - update_needed + if [ $mb_localsig != $mb_remotesig ]; then + printf '\tsignatures do not match, download needed.\n' >&3 + + if [ $mb_obtain = no ]; then + update_needed + else + mb_needed=yes + fi + else + printf '\tsignatures match, installed tarball is already up-to-date.\n' >&3 + mb_needed=no + fi else - mb_needed=yes + printf '\t/updates/%s does not exist, download needed.\n' $tarball >&3 + + if [ $mb_obtain = no ]; then + update_needed + else + mb_needed=yes + fi fi else printf '\t/updates/%s found, checking signatures...\n' $tarball >&3 -- cgit v1.2.3