| 1 | #########################################################################
|
|---|
| 2 | #
|
|---|
| 3 | # Subroutine for the 'checksrc' command
|
|---|
| 4 | #
|
|---|
| 5 | #########################################################################
|
|---|
| 6 |
|
|---|
| 7 | commandCHECKSRC() {
|
|---|
| 8 | printINFO "About to run \"$action\""
|
|---|
| 9 |
|
|---|
| 10 | needEXE ls gpg
|
|---|
| 11 |
|
|---|
| 12 |
|
|---|
| 13 | cd "${basedir}/source" || printFATAL "could not cd to ${basedir}/source"
|
|---|
| 14 |
|
|---|
| 15 | LIST=`ls samhain*.tar.gz 2>/dev/null`
|
|---|
| 16 | if test x$? != x0
|
|---|
| 17 | then
|
|---|
| 18 | printINFO "No sources available."
|
|---|
| 19 | fi
|
|---|
| 20 |
|
|---|
| 21 | for ff in $LIST
|
|---|
| 22 | do
|
|---|
| 23 | sh_version=`echo "$ff" | sed 's/.*samhain\-//g' | sed 's/\.tar\.gz//g'`
|
|---|
| 24 | if test x"${sh_version}" = x
|
|---|
| 25 | then
|
|---|
| 26 | printFATAL "Cannot determine version for $ff"
|
|---|
| 27 | fi
|
|---|
| 28 |
|
|---|
| 29 | if test "$ff" != "samhain-${sh_version}.tar.gz"
|
|---|
| 30 | then
|
|---|
| 31 | printFATAL "Version number not correctly extracted from $ff"
|
|---|
| 32 | fi
|
|---|
| 33 |
|
|---|
| 34 | if test -f "samhain-${sh_version}.tar.gz.asc"
|
|---|
| 35 | then
|
|---|
| 36 | :
|
|---|
| 37 | else
|
|---|
| 38 | printWARNING "No detached signature for $ff found"
|
|---|
| 39 | if test x"$cs_delete" = x1
|
|---|
| 40 | then
|
|---|
| 41 | if test x"$simulate" = x0
|
|---|
| 42 | then
|
|---|
| 43 | printLOG "REMOVE $ff: No detached signature found."
|
|---|
| 44 | rm -f "$ff"
|
|---|
| 45 | else
|
|---|
| 46 | printLOG "REMOVE $ff: No detached signature found."
|
|---|
| 47 | printINFO "rm -f $ff"
|
|---|
| 48 | fi
|
|---|
| 49 | else
|
|---|
| 50 | printLOG "BAD: $ff (no signature)"
|
|---|
| 51 | fi
|
|---|
| 52 | continue
|
|---|
| 53 | fi
|
|---|
| 54 |
|
|---|
| 55 | sig_lines=`(LANG="C"; gpg --status-fd 1 --verify "samhain-${sh_version}.tar.gz.asc" "samhain-${sh_version}.tar.gz" 2>/dev/null)`
|
|---|
| 56 | sig_ok=`echo ${sig_lines} | grep 'GOODSIG'`
|
|---|
| 57 | sig_nokey=`echo ${sig_lines} | grep 'NO_PUBKEY'`
|
|---|
| 58 |
|
|---|
| 59 | if test x"${sig_nokey}" != x
|
|---|
| 60 | then
|
|---|
| 61 | printWARNING "Public key (ID 0F571F6C) not found, trying to import it."
|
|---|
| 62 | gpg --import ${basedir}/private/0F571F6C.asc 2>&5
|
|---|
| 63 | sig_lines=`(LANG="C"; gpg --status-fd 1 --verify "samhain-${sh_version}.tar.gz.asc" "samhain-${sh_version}.tar.gz" 2>/dev/null)`
|
|---|
| 64 | sig_ok=`echo ${sig_lines} | grep 'GOODSIG'`
|
|---|
| 65 | sig_nokey=`echo ${sig_lines} | grep 'NO_PUBKEY'`
|
|---|
| 66 | fi
|
|---|
| 67 |
|
|---|
| 68 | if test x"${sig_nokey}" != x
|
|---|
| 69 | then
|
|---|
| 70 | printFATAL "Importing public key failed."
|
|---|
| 71 | fi
|
|---|
| 72 |
|
|---|
| 73 | if test x"${sig_ok}" = x
|
|---|
| 74 | then
|
|---|
| 75 | printWARNING "File $ff has no good signature"
|
|---|
| 76 | if test x"$cs_delete" = x1
|
|---|
| 77 | then
|
|---|
| 78 | if test x"$simulate" = x0
|
|---|
| 79 | then
|
|---|
| 80 | printLOG "REMOVE $ff: No good signature found."
|
|---|
| 81 | rm -f "$ff"
|
|---|
| 82 | else
|
|---|
| 83 | printLOG "REMOVE $ff: No good signature found."
|
|---|
| 84 | printINFO "rm -f $ff"
|
|---|
| 85 | fi
|
|---|
| 86 | else
|
|---|
| 87 | printLOG "BAD: $ff (invalid signature)"
|
|---|
| 88 | fi
|
|---|
| 89 | continue
|
|---|
| 90 | fi
|
|---|
| 91 | printLOG "OK: $ff"
|
|---|
| 92 |
|
|---|
| 93 | done
|
|---|
| 94 |
|
|---|
| 95 | if test x"$cs_delete" = x1
|
|---|
| 96 | then
|
|---|
| 97 | printLOG "Checked sources in ${basedir}/source/ (delete=on)"
|
|---|
| 98 | else
|
|---|
| 99 | printLOG "Checked sources in ${basedir}/source/ (delete=off)"
|
|---|
| 100 | fi
|
|---|
| 101 | return 0
|
|---|
| 102 | }
|
|---|
