######################################################################### # # Subroutine for the 'download' command # ######################################################################### commandDOWNLOAD() { printINFO "About to run \"$action\" for samhain version \"$src_version\"" needEXE du gunzip tar gpg if test x"$simulate" = x0 then cd "${basedir}/tmp" || printFATAL "could not cd to ${basedir}/tmp" rm -f "samhain-${src_version}.tar.gz" else # # -- Simulate only: print what would be done # printINFO "cd ${basedir}/tmp" printINFO "rm -f samhain-${src_version}.tar.gz" fi command="" if test -z "$command" then findEXE wget if test -n "$EXECUTABLE" then command="$EXECUTABLE" opt1="--quiet" opt2="-O" opt3="-" fi fi if test -z "$command" then findEXE curl if test -n "$EXECUTABLE" then command="$EXECUTABLE" opt1="--silent" opt2="--show-error" opt3="--fail" fi fi if test -z "$command" then findEXE lynx if test -n "$EXECUTABLE" then command="$EXECUTABLE" opt1="-source" opt2="" opt3="" fi fi if test -z "$command" then findEXE links if test -n "$EXECUTABLE" then command="$EXECUTABLE" opt1="-source" opt2="" opt3="" fi fi if test -z "$command" then findEXE lwp-request if test -n "$EXECUTABLE" then command="$EXECUTABLE" opt1="" opt2="" opt3="" fi fi if test -z "$command" then findEXE fetch if test -n "$EXECUTABLE" then command="$EXECUTABLE" opt1="-q" opt2="-o" opt3="-" fi fi if test -z "$command" then findEXE fget if test -n "$EXECUTABLE" then command="$EXECUTABLE" opt1="" opt2="" opt3="" fi fi if test -z "$command" then printFATAL "No wget, curl, lynx, links, lwp-request, fetch, fget in your \$PATH, cannot download" fi if test x"${src_version}" = xcurrent then location="http://la-samhna.de/samhain/samhain-current.tar.gz" if test -f /usr/bin/md5sum && test -f /bin/hostname then # # for testing # dl_tmp_hna=`/bin/hostname -f 2>/dev/null` dl_tmp_md5=`echo "x${dl_tmp_hna}" | md5sum` if test x"$dl_tmp_md5" = "xc5f41bf28a7baf12c763f1be27a9b863" then location="http://localhost/samhain-current.tar.gz" fi fi else location="http://la-samhna.de/archive/samhain_signed-${src_version}.tar.gz" if test -f /usr/bin/md5sum && test -f /bin/hostname then # # for testing # dl_tmp_hna=`/bin/hostname -f 2>/dev/null` dl_tmp_md5=`echo "x${dl_tmp_hna}" | /usr/bin/md5sum 2>/dev/null` if test x"$dl_tmp_md5" = "xc5f41bf28a7baf12c763f1be27a9b863" then location="http://localhost/samhain_signed-${src_version}.tar.gz" fi fi fi printINFO "Executing $command $opt1 $opt2 $opt3 $location" if test x"$simulate" = x0 then eval "$command" "$opt1" "$opt2" "$opt3" "$location" 1>"samhain-${src_version}.tar.gz" 2>/dev/null else printINFO "$command" "$opt1" "$opt2" "$opt3" "$location" 1>"samhain-${src_version}.tar.gz" printINFO "du -s -k samhain-${src_version}.tar.gz | awk '{ print $1 }'" printLOG "Downloaded to samhain-${src_version}.tar.gz (XXX kB)" printINFO "gunzip -c samhain-${src_version}.tar.gz | tar -tvf - " printINFO "Source in tarball is version X.X.X" printINFO "Unpacking to ${tmpD}" printINFO "cd ${tmpD}" printINFO "gunzip -c ${basedir}/tmp/samhain-${src_version}.tar.gz | tar -xf -" printINFO "rm -f ${basedir}/tmp/samhain-${src_version}.tar.gz" printINFO "Checking PGP signature" printINFO "(LANG=C; gpg --status-fd 1 --verify samhain-X.X.X.tar.gz.asc samhain-X.X.X.tar.gz 2>&1 | grep 'GOODSIG')" printINFO "cp samhain-X.X.X.tar.gz.asc samhain-X.X.X.tar.gz ${basedir}/source" printLOG "Installed samhain (X.X.X) source" return 0 fi if test -f "samhain-${src_version}.tar.gz" then : else printFATAL "failed: $command $location" fi size=`du -s -k "samhain-${src_version}.tar.gz" | awk '{ print $1 }'` if test $size -lt 100 then rm -f "samhain-${src_version}.tar.gz" printFATAL "failed: $command $location" else printLOG "Downloaded to samhain-${src_version}.tar.gz (${size} kB)" fi files=`gunzip -c "samhain-${src_version}.tar.gz" | tar -tvf - 2>/dev/null` sig=`echo $files | egrep ' samhain.*tar\.gz\.asc$' 2>/dev/null` sig_version=`echo $files | egrep ' samhain.*tar\.gz\.asc$' 2>/dev/null | sed 's/.*samhain\-//g' | sed 's/\.tar\.gz\.asc//g'` if test x"$sig" = x then rm -f "samhain-${src_version}.tar.gz" printFATAL "downloaded file does not contain a PGP signature" fi if test x"${sig_version}" = x then rm -f "samhain-${src_version}.tar.gz" printFATAL "cannot determine samhain version from downloaded file" fi if test x"${src_version}" != xcurrent then if test x"${src_version}" != x"${sig_version}" then rm -f "samhain-${src_version}.tar.gz" printFATAL "downloaded version (${sig_version}) != requested version (${src_version})" fi fi printINFO "Source in tarball is version ${sig_version}" printINFO "Unpacking to ${basedir}/source" cd "${tmpD}" || { rm -f "${basedir}/tmp/samhain-${src_version}.tar.gz" printFATAL "could not cd to ${tmpD}" } gunzip -c "${basedir}/tmp/samhain-${src_version}.tar.gz" | tar -xf - rm -f "${basedir}/tmp/samhain-${src_version}.tar.gz" if test -f "samhain-${sig_version}.tar.gz" then if test -f "samhain-${sig_version}.tar.gz.asc" then : else printFATAL "not found in source: PGP signature samhain-${sig_version}.tar.gz.asc" fi else printFATAL "not found in source: samhain-${sig_version}.tar.gz" fi printINFO "Checking PGP signature" sig_lines=`(LANG="C"; gpg --status-fd 1 --verify "samhain-${sig_version}.tar.gz.asc" "samhain-${sig_version}.tar.gz" 2>/dev/null)` sig_ok=`echo ${sig_lines} | grep 'GOODSIG'` sig_nokey=`echo ${sig_lines} | grep 'NO_PUBKEY'` if test x"${sig_nokey}" != x then printWARNING "Public key (ID 0F571F6C) not found, trying to import it." gpg --import ${basedir}/private/0F571F6C.asc 2>&5 sig_ok=`(LANG="C"; gpg --status-fd 1 --verify "samhain-${sig_version}.tar.gz.asc" "samhain-${sig_version}.tar.gz" 2>/dev/null | grep 'GOODSIG')` fi if test x"${sig_ok}" = x then (LANG="C"; gpg --verify "samhain-${sig_version}.tar.gz.asc" "samhain-${sig_version}.tar.gz") printFATAL "no good signature" fi cp "samhain-${sig_version}.tar.gz" "samhain-${sig_version}.tar.gz.asc" \ ${basedir}/source/ || \ printFATAL "failed: cp samhain-${sig_version}.tar.gz samhain-${sig_version}.tar.gz.asc ${basedir}/source/" printLOG "Installed samhain source (version=${sig_version})" return 0 }