Make tarball downloading smarter
This commit is contained in:
parent
603d7e41b0
commit
1efc45ad5f
@ -97,10 +97,27 @@ build-gentoo() {
|
||||
| uniq \
|
||||
| head -n 1
|
||||
)"
|
||||
stage3file="$(mktemp "tmp.$USER.$_name.XXXXXX-stage3.tar.xz" -p "/tmp")"
|
||||
stage3file="/tmp/tmp.$USER.$_name.stage3.tar.xz"
|
||||
stage3sig="/tmp/tmp.$USER.$_name.stage3.tar.xz.DIGESTS.asc"
|
||||
for file in "$stage3file" "$stage3sig"; do
|
||||
touch "$file"
|
||||
chmod 0600 "$file"
|
||||
done
|
||||
trap "cleanup $stage3file" EXIT
|
||||
log "Getting tarball from: $stage3"
|
||||
curl -s "$stage3" -o "$stage3file"
|
||||
# We grab the signature first to verify the integrity of any tarball leftover from a previous run
|
||||
log "Downloading stage3 signature"
|
||||
curl -s "$stage3.DIGESTS.asc" -o "$stage3sig"
|
||||
if ! [ -f "$stage3file" ]; then
|
||||
log "Downloading stage3"
|
||||
curl -s "$stage3" -o "$stage3file"
|
||||
elif ! openssl dgst -r -sha512 "$stage3file"; then
|
||||
log "Signature verification failed; downloading new stage3"
|
||||
curl -s "$stage3" -o "$stage3file"
|
||||
fi
|
||||
# At this point, we should have a new stage3 that matches our signature; die of not
|
||||
if ! openssl dgst -r -sha512 "$stage3file"; then
|
||||
error "stage3 signature verification failed" 50
|
||||
fi
|
||||
log "Decompressing tarball; this will prompt for root privileges"
|
||||
sudo tar xf "$stage3file" -C "$_optdest"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user