version 1.58, 2013/12/31 18:46:59 |
version 1.59, 2014/01/22 06:44:53 |
|
|
#!/bin/sh |
#!/bin/sh |
# $AFresh1: update_openbsd,v 1.57 2013/12/31 18:42:31 andrew Exp $ |
# $AFresh1: update_openbsd,v 1.58 2013/12/31 18:46:59 andrew Exp $ |
# |
# |
# Copyright (c) 2012 Andrew Fresh <andrew@afresh1.com> |
# Copyright (c) 2012 Andrew Fresh <andrew@afresh1.com> |
# |
# |
|
|
fi |
fi |
|
|
local _nv=`echo $NEW_VER | sed -e 's/\.//'` |
local _nv=`echo $NEW_VER | sed -e 's/\.//'` |
|
local _signify=`which signify` |
|
local _keyfile=/etc/signify/${_nv}base.pub |
|
local _b _s |
|
|
( |
( |
for _b in $INSTALL_KERNELS; do echo "($_b)" ; done |
for _b in $INSTALL_KERNELS; do echo "($_b)" ; done |
for _s in $INSTALLED_SETS; do echo "($_s$_nv.tgz)"; done |
for _s in $INSTALLED_SETS; do echo "($_s$_nv.tgz)"; done |
) > index |
) > index |
grep -f index $_type | sum -c |
|
|
|
|
if [ -n "$_signify" -a "$_type" != "${_type%.sig}" ]; then |
|
echo "===> Checking signature"; |
|
if [ ! -e $_keyfile ]; then |
|
echo "key [$_keyfile] does not exist, cannot check $_type" >&2 |
|
return 2 |
|
fi |
|
signify -V -e -p $_keyfile -x $_type -m - | grep -f index | sum -c - |
|
else |
|
grep -f index $_type | sum -c |
|
fi |
|
|
if [ $? -ne 0 ]; then |
if [ $? -ne 0 ]; then |
echo ERROR: $_type does not match! >&2 |
echo ERROR: $_type does not match! >&2 |
return 1 |
return 1 |
|
|
local _type |
local _type |
for _type in $CHECKSUM_TYPES; do |
for _type in $CHECKSUM_TYPES; do |
if [ -e $_type ]; then |
if [ -e $_type ]; then |
check_sum $_type |
check_sum $_type && break |
[ $? -ne 0 -a -z "$IGNORE_CHECKSUM_ERROR" ] && exit 1 |
[ -z "$IGNORE_CHECKSUM_ERROR" ] || exit 1 |
fi |
fi |
done |
done |
|
|
|
return 0 |
} |
} |
|
|
|
|
|
|
|
|
INSTALLED_SETS=${INSTALLED_SETS:=`installed_sets`} |
INSTALLED_SETS=${INSTALLED_SETS:=`installed_sets`} |
|
|
CHECKSUM_TYPES=${CHECKSUM_TYPES:=SHA256 MD5} |
CHECKSUM_TYPES=${CHECKSUM_TYPES:=SHA256.sig SHA256} |
|
|
set_version |
set_version |
local _error=$? |
local _error=$? |