[PATCH] Check SHA256 sum of git-$VER.tar.gz after downloading
John Keeping
john at keeping.me.uk
Sat Mar 7 15:46:41 CET 2015
This requires that we save the downloaded file explicitly rather than
piping it straight to tar, but that is advisable anyway since it allows
us to check the exit status of curl and make sure that we have
downloaded the file successfully.
Also add a test to make sure we don't forget to update the file when
updating our Git version in the future.
Signed-off-by: John Keeping <john at keeping.me.uk>
---
Makefile | 8 ++++++--
git.sha256sum | 1 +
tests/t0001-validate-git-versions.sh | 11 +++++++++++
3 files changed, 18 insertions(+), 2 deletions(-)
create mode 100644 git.sha256sum
diff --git a/Makefile b/Makefile
index ed329e8..807879f 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,8 @@ pdfdir = $(docdir)
mandir = $(prefix)/share/man
SHA1_HEADER = <openssl/sha.h>
GIT_VER = 2.3.2
-GIT_URL = https://www.kernel.org/pub/software/scm/git/git-$(GIT_VER).tar.gz
+GIT_FILE = git-$(GIT_VER).tar.gz
+GIT_URL = https://www.kernel.org/pub/software/scm/git/$(GIT_FILE)
INSTALL = install
COPYTREE = cp -r
MAN5_TXT = $(wildcard *.5.txt)
@@ -146,7 +147,10 @@ clean-doc:
$(RM) cgitrc.5 cgitrc.5.html cgitrc.5.pdf cgitrc.5.xml cgitrc.5.fo
get-git:
- curl -L $(GIT_URL) | tar -xzf - && rm -rf git && mv git-$(GIT_VER) git
+ curl -L $(GIT_URL) --output $(GIT_FILE) && \
+ sha256sum --check git.sha256sum && \
+ tar -xzf $(GIT_FILE) && \
+ rm -rf git && mv git-$(GIT_VER) git
tags:
$(QUIET_TAGS)find . -name '*.[ch]' | xargs ctags
diff --git a/git.sha256sum b/git.sha256sum
new file mode 100644
index 0000000..1214d3d
--- /dev/null
+++ b/git.sha256sum
@@ -0,0 +1 @@
+a35aea3a0f63f4cc3dd38fa32127e97273f335a14ea2586b649eb759ecf675a3 git-2.3.2.tar.gz
diff --git a/tests/t0001-validate-git-versions.sh b/tests/t0001-validate-git-versions.sh
index a65b35e..3325c77 100755
--- a/tests/t0001-validate-git-versions.sh
+++ b/tests/t0001-validate-git-versions.sh
@@ -9,6 +9,12 @@ test_expect_success 'extract Git version from Makefile' '
s/^GIT_VER[ ]*=[ ]*//
p
}" ../../Makefile >makefile_version
+ GIT_VER=$(cat makefile_version)
+ sed -n -e "/^GIT_FILE[ ]*=/ {
+ s/^GIT_FILE[ ]*=[ ]*//
+ s/\$(GIT_VER)/$GIT_VER/
+ p
+ }" ../../Makefile >makefile_file
'
# Note that Git's GIT-VERSION-GEN script applies "s/-/./g" to the version
@@ -38,4 +44,9 @@ test_expect_success 'test submodule version matches Makefile' '
fi
'
+test_expect_success 'git.sha256sum version matches Makefile' '
+ sed -e "s/[0-9a-z]* *//" ../../git.sha256sum >sha256sum_file
+ test_cmp sha256sum_file makefile_file
+'
+
test_done
--
2.3.1.308.g754cd77
More information about the CGit
mailing list