salt/bootstrap
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Turns out openssl dgst doesn't actually check digest files

Browse Source
This commit is contained in:
Salt 2020-12-02 19:25:18 -06:00
parent 56a34c9306
commit e964612ae7
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gentoostrap.sh
View File

@ -110,12 +110,12 @@ build-gentoo() {
if ! [ -f "$stage3file" ]; then if ! [ -f "$stage3file" ]; then
log "Downloading stage3" log "Downloading stage3"
curl -s "$stage3" -o "$stage3file" curl -s "$stage3" -o "$stage3file"
elif ! openssl dgst -r -sha512 "$stage3file"; then elif ! grep -e "$(sha512sum "$stage3file" | awk '{print $1}')"; then
log "Checksum verification failed; downloading new stage3" log "Checksum verification failed; downloading new stage3"
curl -s "$stage3" -o "$stage3file" curl -s "$stage3" -o "$stage3file"
fi fi
# At this point, we should have a new stage3 that matches our signature; die of not # At this point, we should have a new stage3 that matches our signature; die of not
if ! openssl dgst -r -sha512 "$stage3file"; then if ! grep -e "$(sha512sum "$stage3file" | awk '{print $1}')"; then
error "stage3 checksum verification failed" 50 error "stage3 checksum verification failed" 50
fi fi
log "Decompressing tarball; this will prompt for root privileges" log "Decompressing tarball; this will prompt for root privileges"