summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2011-07-16 22:42:32 +1000
committerDan McGee <dan@archlinux.org>2011-07-27 12:47:13 -0500
commit2b3405e01ba756a48ff374bf632f525ad44c47c1 (patch)
tree1674b169e4b0f60e62f74af15609321598b59e12
parent94f61c5b29274df164b01105165945e445289ae7 (diff)
downloadpacman-2b3405e01ba756a48ff374bf632f525ad44c47c1.tar.xz
makepkg: more control of skipping integrity checks
Allows the skipping of all integrity checks (checksum and PGP) or either the checksum or PGP checks individually. Original-patch-by: Wieland Hoffman <theminew@googlemail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--doc/makepkg.8.txt7
-rw-r--r--scripts/makepkg.sh.in44
2 files changed, 36 insertions, 15 deletions
diff --git a/doc/makepkg.8.txt b/doc/makepkg.8.txt
index 57c1f899..34cecdc2 100644
--- a/doc/makepkg.8.txt
+++ b/doc/makepkg.8.txt
@@ -85,10 +85,13 @@ Options
using "`makepkg -g >> PKGBUILD`".
*--skipinteg*::
- Do not perform any integrity checks, just print a warning instead.
+ Do not perform any integrity checks (checksum and PGP) on source files.
+
+*\--skipchecksums*::
+ Do not verify checksums of source files.
*\--skippgpcheck*::
- Do not verify PGP signatures of the source files.
+ Do not verify PGP signatures of source files.
*-h, \--help*::
Output syntax and command line options.
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index b3cf9b80..136bf8c8 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -56,7 +56,7 @@ DEP_BIN=0
FORCE=0
INFAKEROOT=0
GENINTEG=0
-SKIPINTEG=0
+SKIPCHECKSUMS=0
SKIPPGPCHECK=0
INSTALL=0
NOBUILD=0
@@ -641,6 +641,7 @@ generate_checksums() {
}
check_checksums() {
+ (( SKIPCHECKSUMS )) && return 0
(( ! ${#source[@]} )) && return 0
local correlation=0
@@ -1603,7 +1604,7 @@ check_software() {
fi
# openssl - checksum operations
- if (( ! SKIPINTEG )); then
+ if (( ! SKIPCHECKSUMS )); then
if ! type -p openssl >/dev/null; then
error "$(gettext "Cannot find the %s binary required for validating sourcefile checksums.")" "openssl"
ret=1
@@ -1838,7 +1839,8 @@ usage() {
echo "$(gettext " --nosign Do not create a signature for the package")"
echo "$(gettext " --pkg <list> Only build listed packages from a split package")"
printf "$(gettext " --sign Sign the resulting package with %s")\n" "gpg"
- echo "$(gettext " --skipinteg Do not fail when integrity checks are missing")"
+ echo "$(gettext " --skipchecksums Do not verify checksums of the source files")"
+ echo "$(gettext " --skipinteg Do not perform any verification checks on source files")"
echo "$(gettext " --skippgpcheck Do not verify source files with pgp signatures")"
echo "$(gettext " --source Generate a source-only tarball without downloaded sources")"
echo
@@ -1876,7 +1878,9 @@ OPT_SHORT="AcdefFghiLmop:rRsV"
OPT_LONG="allsource,asroot,ignorearch,check,clean,nodeps"
OPT_LONG+=",noextract,force,forcever:,geninteg,help,holdver,skippgpcheck"
OPT_LONG+=",install,key:,log,nocolor,nobuild,nocheck,nosign,pkg:,rmdeps"
-OPT_LONG+=",repackage,skipinteg,skippgpcheck,sign,source,syncdeps,version,config:"
+OPT_LONG+=",repackage,skipchecksums,skipinteg,skippgpcheck,sign,source,syncdeps"
+OPT_LONG+=",version,config:"
+
# Pacman Options
OPT_LONG+=",noconfirm,noprogressbar"
if ! OPT_TEMP="$(parse_options $OPT_SHORT $OPT_LONG "$@")"; then
@@ -1917,7 +1921,8 @@ while true; do
--pkg) shift; PKGLIST=($1) ;;
-r|--rmdeps) RMDEPS=1 ;;
-R|--repackage) REPKG=1 ;;
- --skipinteg) SKIPINTEG=1 ;;
+ --skipchecksums) SKIPCHECKSUMS=1 ;;
+ --skipinteg) SKIPCHECKSUMS=1; SKIPPGPCHECK=1 ;;
--skippgpcheck) SKIPPGPCHECK=1;;
--sign) SIGNPKG='y' ;;
--source) SOURCEONLY=1 ;;
@@ -2239,15 +2244,22 @@ if (( SOURCEONLY )); then
mkdir -p "$srcdir"
chmod a-s "$srcdir"
cd "$srcdir"
- if (( ! SKIPINTEG || SOURCEONLY == 2 )); then
+ if ( (( ! SKIPCHECKSUMS )) || \
+ ( (( ! SKIPPGPCHECK )) && source_has_signatures ) ) || \
+ (( SOURCEONLY == 2 )); then
download_sources
fi
- if (( ! SKIPINTEG )); then
- # We can only check checksums if we have all files.
- check_checksums
+ if (( SKIPCHECKSUMS && SKIPPGPCHECK )); then
+ warning "$(gettext "Skipping all source file integrity checks.")"
+ elif (( SKIPCHECKSUMS )); then
+ warning "$(gettext "Skipping verification of source file checksums.")"
check_pgpsigs
+ elif (( SKIPPGPCHECK )); then
+ warning "$(gettext "Skipping verification of source file PGP signatures.")"
+ check_checksums
else
- warning "$(gettext "Skipping integrity checks.")"
+ check_checksums
+ check_pgpsigs
fi
cd "$startdir"
@@ -2322,11 +2334,17 @@ elif (( REPKG )); then
fi
else
download_sources
- if (( ! SKIPINTEG )); then
- check_checksums
+ if (( SKIPCHECKSUMS && SKIPPGPCHECK )); then
+ warning "$(gettext "Skipping all source file integrity checks.")"
+ elif (( SKIPCHECKSUMS )); then
+ warning "$(gettext "Skipping verification of source file checksums.")"
check_pgpsigs
+ elif (( SKIPPGPCHECK )); then
+ warning "$(gettext "Skipping verification of source file PGP signatures.")"
+ check_checksums
else
- warning "$(gettext "Skipping integrity checks.")"
+ check_checksums
+ check_pgpsigs
fi
extract_sources
fi