[pacman-dev] [PATCH 1/5] makepkg: break out check_checksums to reasonably sized functions

Allan McRae allan at archlinux.org
Mon Sep 29 03:50:08 UTC 2014 

On 16/08/14 01:41, Dave Reisner wrote:
> ---
>  scripts/makepkg.sh.in | 94 +++++++++++++++++++++++++++++----------------------
>  1 file changed, 53 insertions(+), 41 deletions(-)
> 
> diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
> index 8e8a64c..116b46e 100644
> --- a/scripts/makepkg.sh.in
> +++ b/scripts/makepkg.sh.in
> @@ -1177,53 +1177,65 @@ generate_checksums() {
>  	done
>  }
>  
> -check_checksums() {
> -	(( SKIPCHECKSUMS )) && return 0
> -	(( ! ${#source[@]} )) && return 0

Because you deleted this, a PKGBUILD with no sources gives:

==> Validating source files with md5sums...
==> Validating source files with sha1sums...
==> Validating source files with sha224sums...
==> Validating source files with sha256sums...
==> Validating source files with sha384sums...
==> Validating source files with sha512sums...

> +verify_integrity_one() {
> +	local source_name=$1 integ=$2 expectedsum=$3
>  
> -	local correlation=0
> -	local integ required
> -	for integ in "${known_hash_algos[@]}"; do
> -		local sumname="${integ}sums[@]"
> -		local integrity_sums=("${!sumname}")
> -		if (( ${#integrity_sums[@]} == ${#source[@]} )); then
> -			msg "$(gettext "Validating source files with %s...")" "${integ}sums"
> -			correlation=1
> -			local idx errors=0
> -			for (( idx = 0; idx < ${#source[*]}; idx++ )); do
> -				local file="$(get_filename "${source[idx]}")"
> -				printf '    %s ... ' "$file" >&2
> -
> -				if [[ ${integrity_sums[idx]} = 'SKIP' ]]; then
> -					printf '%s\n' "$(gettext "Skipped")" >&2
> -					continue
> -				fi
> +	local file="$(get_filename "$source_name")"
> +	printf '    %s ... ' "$file" >&2
>  
> -				if ! file="$(get_filepath "$file")"; then
> -					printf '%s\n' "$(gettext "NOT FOUND")" >&2
> -					errors=1
> -					continue
> -				fi
> +	if [[ $expectedsum = 'SKIP' ]]; then
> +		printf '%s\n' "$(gettext "Skipped")" >&2
> +		return
> +	fi
>  
> -				local expectedsum="${integrity_sums[idx],,}"
> -				local realsum="$(openssl dgst -${integ} "$file")"
> -				realsum="${realsum##* }"
> -				if [[ $expectedsum = "$realsum" ]]; then
> -					printf '%s\n' "$(gettext "Passed")" >&2
> -				else
> -					printf '%s\n' "$(gettext "FAILED")" >&2
> -					errors=1
> -				fi
> -			done
> +	if ! file="$(get_filepath "$file")"; then
> +		printf '%s\n' "$(gettext "NOT FOUND")" >&2
> +		return 1
> +	fi
>  
> -			if (( errors )); then
> -				error "$(gettext "One or more files did not pass the validity check!")"
> -				exit 1 # TODO: error code
> -			fi
> -		elif (( ${#integrity_sums[@]} )); then
> -			error "$(gettext "Integrity checks (%s) differ in size from the source array.")" "$integ"
> +	local realsum="$(openssl dgst -${integ} "$file")"
> +	realsum="${realsum##* }"
> +	if [[ ${expectedsum,,} = "$realsum" ]]; then
> +		printf '%s\n' "$(gettext "Passed")" >&2
> +	else
> +		printf '%s\n' "$(gettext "FAILED")" >&2
> +		return 1
> +	fi
> +
> +	return 0
> +}
> +
> +verify_integrity_sums() {
> +	local integ=$1 integrity_sums
> +
> +	array_build integrity_sums "${integ}sums"
> +

So we used to do this:

local sumname="${integ}sums[@]"
local integrity_sums=("${!sumname}")

My question is why change to array_build?  Is there an advantage that I
am missing?

> +	if (( ${#integrity_sums[@]} == ${#source[@]} )); then
> +		msg "$(gettext "Validating source files with %s...")" "${integ}sums"
> +		local idx errors=0
> +		for (( idx = 0; idx < ${#source[*]}; idx++ )); do
> +			verify_integrity_one "${source[idx]}" "$integ" "${integrity_sums[idx]}" || errors=1
> +		done
> +
> +		if (( errors )); then
> +			error "$(gettext "One or more files did not pass the validity check!")"
>  			exit 1 # TODO: error code
>  		fi
> +	elif (( ${#integrity_sums[@]} )); then
> +		error "$(gettext "Integrity checks (%s) differ in size from the source array.")" "$integ"
> +		exit 1 # TODO: error code
> +	else
> +		return 1
> +	fi
> +}
> +
> +check_checksums() {
> +	(( SKIPCHECKSUMS )) && return 0
> +
> +	local correlation=0
> +	local integ
> +	for integ in "${known_hash_algos[@]}"; do
> +		verify_integrity_sums "$integ" && correlation=1
>  	done
>  
>  	if (( ! correlation )); then
>

More information about the pacman-dev mailing list