[arch-dev-public] [PATCH] Check all checksum types
Allan McRae
allan at archlinux.org
Tue Jun 8 01:33:04 EDT 2010
Check every checksum that makepkg supports rather than only md5sums.
Fixes FS#17168.
Signed-off-by: Allan McRae <allan at archlinux.org>
---
I am sure there has to be some way to loop through all that duplication,
but the how escapes me...
Namcap/__init__.py | 2 +-
Namcap/arrays.py | 3 +-
Namcap/checksums.py | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++
Namcap/extravars.py | 3 +-
Namcap/md5sums.py | 44 --------------------------
namcap-tags | 8 ++--
namcap.1 | 6 ++--
parsepkgbuild | 21 ++++++++++++
8 files changed, 119 insertions(+), 54 deletions(-)
create mode 100644 Namcap/checksums.py
delete mode 100644 Namcap/md5sums.py
diff --git a/Namcap/__init__.py b/Namcap/__init__.py
index 77aa63b..457902a 100644
--- a/Namcap/__init__.py
+++ b/Namcap/__init__.py
@@ -47,9 +47,9 @@ __pkgbuild__ = """
badbackups
capsnames
carch
+ checksums
invalidstartdir
license
- md5sums
pkgname
rpath
sfurl
diff --git a/Namcap/arrays.py b/Namcap/arrays.py
index e3111aa..3ecb1ed 100644
--- a/Namcap/arrays.py
+++ b/Namcap/arrays.py
@@ -29,7 +29,8 @@ class package:
def analyze(self, pkginfo, tar):
arrayvars = ['arch', 'license', 'depends', 'makedepends',
'optdepends', 'provides', 'conflicts' , 'replaces',
- 'backup', 'source', 'noextract', 'md5sums']
+ 'backup', 'source', 'noextract', 'md5sums',
+ 'sha1sums', 'sha256sums', 'sha384sums', 'sha512sums']
ret = [[], [], []]
for i in pkginfo.pkgbuild:
m = re.match('\s*(.*)\s*=\s*(.*)\n', i)
diff --git a/Namcap/checksums.py b/Namcap/checksums.py
new file mode 100644
index 0000000..157f0b5
--- /dev/null
+++ b/Namcap/checksums.py
@@ -0,0 +1,86 @@
+#
+# namcap rules - checksums
+# Copyright (C) 2003-2009 Jason Chu <jason at archlinux.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+class package:
+ def short_name(self):
+ return "checksums"
+ def long_name(self):
+ return "Verifies checksums are included in a PKGBUILD"
+ def prereq(self):
+ return ""
+ def analyze(self, pkginfo, tar):
+ ret = [[],[],[]]
+ checksums=['md5', 'sha1', 'sha256', 'sha384', 'sha512']
+ if hasattr(pkginfo, 'source'):
+ haschecksums=False
+ for i in checksums:
+ if hasattr(pkginfo, i+'sums'):
+ haschecksums=True
+ if not haschecksums:
+ ret[0].append(("missing-checksums", ()))
+
+ if hasattr(pkginfo, 'md5sums'):
+ if len(pkginfo.source) > len(pkginfo.md5sums):
+ ret[0].append(("not-enough-checksums %s %i needed", ('md5sums', len(pkginfo.source))))
+ elif len(pkginfo.source) < len(pkginfo.md5sums):
+ ret[0].append(("too-many-checksums %s %i needed", ('md5sums', len(pkginfo.source))))
+ for sum in pkginfo.md5sums:
+ if len(sum) != 32:
+ ret[0].append(("improper-checksum %s %s", ('md5sums', sum)))
+
+ if hasattr(pkginfo, 'sha1sums'):
+ if len(pkginfo.source) > len(pkginfo.sha1sums):
+ ret[0].append(("not-enough-checksums %s %i needed", ('sha1sums', len(pkginfo.source))))
+ elif len(pkginfo.source) < len(pkginfo.sha1sums):
+ ret[0].append(("too-many-checksums %s %i needed", ('sha1sums', len(pkginfo.source))))
+ for sum in pkginfo.sha1sums:
+ if len(sum) != 40:
+ ret[0].append(("improper-checksum %s %s", ('sha1sums', sum)))
+
+ if hasattr(pkginfo, 'sha256sums'):
+ if len(pkginfo.source) > len(pkginfo.sha256sums):
+ ret[0].append(("not-enough-checksums %s %i needed", ('sha256sums', len(pkginfo.source))))
+ elif len(pkginfo.source) < len(pkginfo.sha256sums):
+ ret[0].append(("too-many-checksums %s %i needed", ('sha256sums', len(pkginfo.source))))
+ for sum in pkginfo.sha256sums:
+ if len(sum) != 63:
+ ret[0].append(("improper-checksum %s %s", ('sha256sums', sum)))
+
+ if hasattr(pkginfo, 'sha384sums'):
+ if len(pkginfo.source) > len(pkginfo.sha384sums):
+ ret[0].append(("not-enough-checksums %s %i needed", ('sha384sums', len(pkginfo.source))))
+ elif len(pkginfo.source) < len(pkginfo.sha384sums):
+ ret[0].append(("too-many-checksums %s %i needed", ('sha384sums', len(pkginfo.source))))
+ for sum in pkginfo.sha384sums:
+ if len(sum) != 96:
+ ret[0].append(("improper-checksum %s %s", ('sha384sums', sum)))
+
+ if hasattr(pkginfo, 'sha512sums'):
+ if len(pkginfo.source) > len(pkginfo.sha512sums):
+ ret[0].append(("not-enough-checksums %s %i needed", ('sha512sums', len(pkginfo.source))))
+ elif len(pkginfo.source) < len(pkginfo.sha512sums):
+ ret[0].append(("too-many-checksums %s %i needed", ('sha512sums', len(pkginfo.source))))
+ for sum in pkginfo.sha512sums:
+ if len(sum) != 128:
+ ret[0].append(("improper-checksum %s %s", ('sha512sums', sum)))
+
+ return ret
+ def type(self):
+ return "pkgbuild"
+# vim: set ts=4 sw=4 noet:
diff --git a/Namcap/extravars.py b/Namcap/extravars.py
index aebeb64..ac5a2ab 100644
--- a/Namcap/extravars.py
+++ b/Namcap/extravars.py
@@ -29,7 +29,8 @@ class package:
def analyze(self, pkginfo, tar):
stdvars = ['arch', 'license', 'depends', 'makedepends',
'provides', 'conflicts' , 'replaces', 'backup',
- 'source', 'noextract', 'md5sums', 'pkgname',
+ 'source', 'noextract', 'md5sums', 'sha1sums',
+ 'sha256sums', 'sha384sums', 'sha512sums', 'pkgname',
'pkgver', 'pkgrel', 'pkgdesc', 'url', 'install']
ret = [[], [], []]
for i in pkginfo.pkgbuild:
diff --git a/Namcap/md5sums.py b/Namcap/md5sums.py
deleted file mode 100644
index 0d60cd7..0000000
--- a/Namcap/md5sums.py
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# namcap rules - md5sums
-# Copyright (C) 2003-2009 Jason Chu <jason at archlinux.org>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-class package:
- def short_name(self):
- return "md5sums"
- def long_name(self):
- return "Verifies md5sums are included in a PKGBUILD"
- def prereq(self):
- return ""
- def analyze(self, pkginfo, tar):
- ret = [[], [], []]
- if hasattr(pkginfo, 'source'):
- if not hasattr(pkginfo, 'md5sums'):
- ret[0].append(("missing-md5sums", ()))
- else:
- if len(pkginfo.source) > len(pkginfo.md5sums):
- ret[0].append(("not-enough-md5sums %i needed", len(pkginfo.source)))
- elif len(pkginfo.source) < len(pkginfo.md5sums):
- ret[0].append(("too-many-md5sums %i needed", len(pkginfo.source)))
- if hasattr(pkginfo, 'md5sums'):
- for sum in pkginfo.md5sums:
- if len(sum) != 32:
- ret[0].append(("improper-md5sum %s", sum))
- return ret
- def type(self):
- return "pkgbuild"
-# vim: set ts=4 sw=4 noet:
diff --git a/namcap-tags b/namcap-tags
index c4b1b3d..acb8e9c 100644
--- a/namcap-tags
+++ b/namcap-tags
@@ -30,7 +30,7 @@ file-world-writable %s :: File (%s) has the world writable bit set.
gnome-mime-file %s :: File (%s) is an auto-generated GNOME mime file
hardlink-found %s points to %s :: Hard link (%s) found that points to %s
hicolor-icon-cache-not-updated :: Files in /usr/share/icons/hicolor but no call to gtk-update-icon-cache or xdg-icon-resource to update the icon cache
-improper-md5sum %s :: Improper md5sum: '%s'
+improper-checksum %s %s :: Improper %s: '%s'
incorrect-library-permissions %s :: Library (%s) does not have permission set to 644 or 444
incorrect-permissions %s (%s/%s) :: File (%s) has %s/%s permissions
info-dir-file-present %s :: Info directory file (%s) should not be present
@@ -45,12 +45,12 @@ missing-custom-license-dir usr/share/licenses/%s :: Missing custom license direc
missing-custom-license-file usr/share/licenses/%s/* :: Missing custom license file in package (usr/share/licenses/%s/*)
missing-license :: Missing license
missing-maintainer :: Missing Maintainer tag
-missing-md5sums :: Missing md5sums
+missing-checksums :: Missing checksums
missing-url :: Missing url
non-fhs-info-page %s :: Non-FHS info page (%s) found. Use /usr/share/info instead
non-fhs-man-page %s :: Non-FHS man page (%s) found. Use /usr/share/man instead
not-a-common-license %s :: %s is not a common license (it's not in /usr/share/licenses/common/)
-not-enough-md5sums %i needed :: Not enough md5sums: %i needed
+not-enough-checksums %s %i needed :: Not enough %s: %i needed
package-name-in-uppercase :: No upper case letters in package names
perllocal-pod-present %s :: perllocal.pod found in %s.
pkgname-in-description :: Description should not contain the package name.
@@ -61,7 +61,7 @@ scrollkeeper-dir-exists %s :: Scrollkeeper directory exists (%s). Remember to no
specific-host-type-used %s :: Reference to one of %s should be changed to $CARCH
specific-sourceforge-mirror :: Attempting to use specific sourceforge mirror, use downloads.sourceforge.net instead
symlink-found %s points to %s :: Symlink (%s) found that points to %s
-too-many-md5sums %i needed :: Too Many md5sums: %i needed
+too-many-checksums %s %i needed :: Too many %s: %i needed
use-pkgdir :: Use $pkgdir instead of $startdir/pkg
use-srcdir :: Use $srcdir instead of $startdir/src
using-dl-sourceforge :: Attempting to use dl sourceforge domain, use downloads.sourceforge.net instead
diff --git a/namcap.1 b/namcap.1
index ea0a65a..3ee9075 100644
--- a/namcap.1
+++ b/namcap.1
@@ -40,6 +40,9 @@ Checks a PKGBUILD to verify that the package name has no upper case characters
.B capsnamespkg
Checks a package to verify that the package name has no upper case characters
.TP
+.B checksums
+Makes sure that a PKGBUILD includes valid checksums
+.TP
.B depends
This module runs ldd on all executables, gets the link-level dependencies, finds the smallest subset of dependencies that cover the link-level dependencies, and compares that list to the depends of the package. It returns messages in three cases: dependency detected and not included, dependency included but already satisfied, and dependency included and not needed. These suggestions are just guidelines and all package builders should take this into account (i.e. you're smarter than namcap is)
@@ -90,9 +93,6 @@ Verifies that the licenses variable has been filled in in a package. For package
checks whether the license file has been installed in
/usr/share/licenses/$pkgname/
.TP
-.B md5sums
-Makes sure that a PKGBUILD includes the md5sums
-.TP
.B mimefiles
Checks whether update-mime-database is called when the package installs files in /usr/share/mime
.TP
diff --git a/parsepkgbuild b/parsepkgbuild
index 295416b..f9b5a91 100755
--- a/parsepkgbuild
+++ b/parsepkgbuild
@@ -94,6 +94,27 @@ if [ -n "\$md5sums" ]; then
for i in \${md5sums[@]}; do echo \$i; done
echo ""
fi
+if [ -n "\$sha1sums" ]; then
+ echo "%SHA1SUMS%"
+ for i in \${sha1sums[@]}; do echo \$i; done
+ echo ""
+fi
+if [ -n "\$sha256sums" ]; then
+ echo "%SHA256SUMS%"
+ for i in \${sha256sums[@]}; do echo \$i; done
+ echo ""
+fi
+if [ -n "\$sha384sums" ]; then
+ echo "%SHA384SUMS%"
+ for i in \${sha384sums[@]}; do echo \$i; done
+ echo ""
+fi
+if [ -n "\$sha512sums" ]; then
+ echo "%SHA512SUMS%"
+ for i in \${sha512sums[@]}; do echo \$i; done
+ echo ""
+fi
+
[ -n "\$install" ] && echo -e "%INSTALL%\n\$install\n"
--
1.7.1
More information about the arch-dev-public
mailing list