source: branches/samhain_3_1/dsys/comDOWNLOAD@ 485

Last change on this file since 485 was 27, checked in by rainer, 19 years ago

Support for server-to-server relay and more user policies

File size: 7.5 KB
Line 
1#########################################################################
2#
3# Subroutine for the 'download' command
4#
5#########################################################################
6#
7# Copyright Rainer Wichmann (2005)
8#
9# License Information:
10# This program is free software; you can redistribute it and/or modify
11# it under the terms of the GNU General Public License as published by
12# the Free Software Foundation; either version 2 of the License, or
13# (at your option) any later version.
14#
15# This program is distributed in the hope that it will be useful,
16# but WITHOUT ANY WARRANTY; without even the implied warranty of
17# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18# GNU General Public License for more details.
19#
20# You should have received a copy of the GNU General Public License
21# along with this program; if not, write to the Free Software
22# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23#
24
25commandDOWNLOAD() {
26 printINFO "About to run \"$action\" for samhain version \"$src_version\""
27
28 needEXE du gunzip tar gpg
29
30
31 if test x"$simulate" = x0
32 then
33 cd "${basedir}/tmp" || printFATAL "could not cd to ${basedir}/tmp"
34 rm -f "samhain-${src_version}.tar.gz"
35 else
36 #
37 # -- Simulate only: print what would be done
38 #
39 printINFO "cd ${basedir}/tmp"
40 printINFO "rm -f samhain-${src_version}.tar.gz"
41 fi
42
43 command=""
44
45 if test -z "$command"
46 then
47 findEXE wget
48 if test -n "$EXECUTABLE"
49 then
50 command="$EXECUTABLE"
51 opt1="--quiet"
52 opt2="-O"
53 opt3="-"
54 fi
55 fi
56
57 if test -z "$command"
58 then
59 findEXE curl
60 if test -n "$EXECUTABLE"
61 then
62 command="$EXECUTABLE"
63 opt1="--silent"
64 opt2="--show-error"
65 opt3="--fail"
66 fi
67 fi
68
69 if test -z "$command"
70 then
71 findEXE lynx
72 if test -n "$EXECUTABLE"
73 then
74 command="$EXECUTABLE"
75 opt1="-source"
76 opt2=""
77 opt3=""
78 fi
79 fi
80
81 if test -z "$command"
82 then
83 findEXE links
84 if test -n "$EXECUTABLE"
85 then
86 command="$EXECUTABLE"
87 opt1="-source"
88 opt2=""
89 opt3=""
90 fi
91 fi
92
93 if test -z "$command"
94 then
95 findEXE lwp-request
96 if test -n "$EXECUTABLE"
97 then
98 command="$EXECUTABLE"
99 opt1=""
100 opt2=""
101 opt3=""
102 fi
103 fi
104
105 if test -z "$command"
106 then
107 findEXE fetch
108 if test -n "$EXECUTABLE"
109 then
110 command="$EXECUTABLE"
111 opt1="-q"
112 opt2="-o"
113 opt3="-"
114 fi
115 fi
116
117 if test -z "$command"
118 then
119 findEXE fget
120 if test -n "$EXECUTABLE"
121 then
122 command="$EXECUTABLE"
123 opt1=""
124 opt2=""
125 opt3=""
126 fi
127 fi
128
129 if test -z "$command"
130 then
131 printFATAL "No wget, curl, lynx, links, lwp-request, fetch, fget in your \$PATH, cannot download"
132 fi
133
134 if test x"${src_version}" = xcurrent
135 then
136 location="http://la-samhna.de/samhain/samhain-current.tar.gz"
137 if test -f /usr/bin/md5sum && test -f /bin/hostname
138 then
139 #
140 # for testing
141 #
142 dl_tmp_hna=`/bin/hostname -f 2>/dev/null`
143 dl_tmp_md5=`echo "x${dl_tmp_hna}" | md5sum`
144 if test x"$dl_tmp_md5" = "xc5f41bf28a7baf12c763f1be27a9b863"
145 then
146 location="http://localhost/samhain-current.tar.gz"
147 fi
148 fi
149 else
150 location="http://la-samhna.de/archive/samhain_signed-${src_version}.tar.gz"
151 if test -f /usr/bin/md5sum && test -f /bin/hostname
152 then
153 #
154 # for testing
155 #
156 dl_tmp_hna=`/bin/hostname -f 2>/dev/null`
157 dl_tmp_md5=`echo "x${dl_tmp_hna}" | /usr/bin/md5sum 2>/dev/null`
158 if test x"$dl_tmp_md5" = "xc5f41bf28a7baf12c763f1be27a9b863"
159 then
160 location="http://localhost/samhain_signed-${src_version}.tar.gz"
161 fi
162 fi
163 fi
164
165
166 printINFO "Executing $command $opt1 $opt2 $opt3 $location"
167
168 if test x"$simulate" = x0
169 then
170 eval "$command" "$opt1" "$opt2" "$opt3" "$location" 1>"samhain-${src_version}.tar.gz" 2>/dev/null
171 else
172 printINFO "$command" "$opt1" "$opt2" "$opt3" "$location" 1>"samhain-${src_version}.tar.gz"
173 printINFO "du -s -k samhain-${src_version}.tar.gz | awk '{ print $1 }'"
174 printLOG "Downloaded to samhain-${src_version}.tar.gz (XXX kB)"
175 printINFO "gunzip -c samhain-${src_version}.tar.gz | tar -tvf - "
176 printINFO "Source in tarball is version X.X.X"
177 printINFO "Unpacking to ${tmpD}"
178 printINFO "cd ${tmpD}"
179 printINFO "gunzip -c ${basedir}/tmp/samhain-${src_version}.tar.gz | tar -xf -"
180 printINFO "rm -f ${basedir}/tmp/samhain-${src_version}.tar.gz"
181 printINFO "Checking PGP signature"
182 printINFO "(LANG=C; gpg --status-fd 1 --verify samhain-X.X.X.tar.gz.asc samhain-X.X.X.tar.gz 2>&1 | grep 'GOODSIG')"
183 printINFO "cp samhain-X.X.X.tar.gz.asc samhain-X.X.X.tar.gz ${basedir}/source"
184 printLOG "Installed samhain (X.X.X) source"
185 return 0
186 fi
187
188 if test -f "samhain-${src_version}.tar.gz"
189 then
190 :
191 else
192 printFATAL "failed: $command $location"
193 fi
194
195 size=`du -s -k "samhain-${src_version}.tar.gz" | awk '{ print $1 }'`
196
197 if test $size -lt 100
198 then
199 rm -f "samhain-${src_version}.tar.gz"
200 printFATAL "failed: $command $location"
201 else
202 printLOG "Downloaded to samhain-${src_version}.tar.gz (${size} kB)"
203 fi
204
205 files=`gunzip -c "samhain-${src_version}.tar.gz" | tar -tvf - 2>/dev/null`
206 sig=`echo $files | egrep ' samhain.*tar\.gz\.asc$' 2>/dev/null`
207 sig_version=`echo $files | egrep ' samhain.*tar\.gz\.asc$' 2>/dev/null | sed 's/.*samhain\-//g' | sed 's/\.tar\.gz\.asc//g'`
208 if test x"$sig" = x
209 then
210 rm -f "samhain-${src_version}.tar.gz"
211 printFATAL "downloaded file does not contain a PGP signature"
212 fi
213
214 if test x"${sig_version}" = x
215 then
216 rm -f "samhain-${src_version}.tar.gz"
217 printFATAL "cannot determine samhain version from downloaded file"
218 fi
219
220 if test x"${src_version}" != xcurrent
221 then
222 if test x"${src_version}" != x"${sig_version}"
223 then
224 rm -f "samhain-${src_version}.tar.gz"
225 printFATAL "downloaded version (${sig_version}) != requested version (${src_version})"
226 fi
227 fi
228
229 printINFO "Source in tarball is version ${sig_version}"
230 printINFO "Unpacking to ${basedir}/source"
231
232 cd "${tmpD}" || {
233 rm -f "${basedir}/tmp/samhain-${src_version}.tar.gz"
234 printFATAL "could not cd to ${tmpD}"
235 }
236
237 gunzip -c "${basedir}/tmp/samhain-${src_version}.tar.gz" | tar -xf -
238
239 rm -f "${basedir}/tmp/samhain-${src_version}.tar.gz"
240
241 if test -f "samhain-${sig_version}.tar.gz"
242 then
243 if test -f "samhain-${sig_version}.tar.gz.asc"
244 then
245 :
246 else
247 printFATAL "not found in source: PGP signature samhain-${sig_version}.tar.gz.asc"
248 fi
249 else
250 printFATAL "not found in source: samhain-${sig_version}.tar.gz"
251 fi
252
253
254 printINFO "Checking PGP signature"
255 sig_lines=`(LANG="C"; gpg --status-fd 1 --verify "samhain-${sig_version}.tar.gz.asc" "samhain-${sig_version}.tar.gz" 2>/dev/null)`
256 sig_ok=`echo ${sig_lines} | grep 'GOODSIG'`
257
258 sig_nokey=`echo ${sig_lines} | grep 'NO_PUBKEY'`
259
260 if test x"${sig_nokey}" != x
261 then
262 printWARNING "Public key (ID 0F571F6C) not found, trying to import it."
263 gpg --import ${basedir}/private/0F571F6C.asc 2>&5
264 sig_ok=`(LANG="C"; gpg --status-fd 1 --verify "samhain-${sig_version}.tar.gz.asc" "samhain-${sig_version}.tar.gz" 2>/dev/null | grep 'GOODSIG')`
265 fi
266
267 if test x"${sig_ok}" = x
268 then
269 (LANG="C"; gpg --verify "samhain-${sig_version}.tar.gz.asc" "samhain-${sig_version}.tar.gz")
270 printFATAL "no good signature"
271 fi
272
273 cp "samhain-${sig_version}.tar.gz" "samhain-${sig_version}.tar.gz.asc" \
274 ${basedir}/source/ || \
275 printFATAL "failed: cp samhain-${sig_version}.tar.gz samhain-${sig_version}.tar.gz.asc ${basedir}/source/"
276
277 printLOG "Installed samhain source (version=${sig_version})"
278
279 return 0
280}
Note: See TracBrowser for help on using the repository browser.