diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2017-07-11 15:25:05 +0200 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2017-07-11 15:25:10 +0200 |
commit | cef4b5ccaa37564ddff53bd21e905191362908fc (patch) | |
tree | 9159a4bbfb7b390242f8e1fa8478b54e8bbab29c | |
parent | badd81bd318530ebef3161a613a5f1a458f168d6 (diff) | |
parent | 6270d624cf6bc235b3e47bbbf5d49039fe1e172a (diff) |
Merge #10651: Verify binaries from bitcoincore.org and bitcoin.org
6270d62 Verify binaries from bitcoincore.org and bitcoin.org (Matt Corallo)
Tree-SHA512: 39e99ce9be3e7c99d17b296749c0af53c867039bc95fd5b03572593c812817decea75e7296bb66e89ba460518210d84114b7bdc22465df621340319b47bd4303
-rwxr-xr-x | contrib/verifybinaries/verify.sh | 31 |
1 files changed, 25 insertions, 6 deletions
diff --git a/contrib/verifybinaries/verify.sh b/contrib/verifybinaries/verify.sh index c2cc2b7013..409f517c9f 100755 --- a/contrib/verifybinaries/verify.sh +++ b/contrib/verifybinaries/verify.sh @@ -3,7 +3,8 @@ # Distributed under the MIT software license, see the accompanying # file COPYING or http://www.opensource.org/licenses/mit-license.php. -### This script attempts to download the signature file SHA256SUMS.asc from bitcoin.org +### This script attempts to download the signature file SHA256SUMS.asc from +### bitcoincore.org and bitcoin.org and compares them. ### It first checks if the signature passes, and then downloads the files specified in ### the file, and checks if the hashes of these files match those that are specified ### in the signature file. @@ -22,7 +23,9 @@ TMPFILE="hashes.tmp" SIGNATUREFILENAME="SHA256SUMS.asc" RCSUBDIR="test" -BASEDIR="https://bitcoin.org/bin/" +HOST1="https://bitcoincore.org" +HOST2="https://bitcoin.org" +BASEDIR="/bin/" VERSIONPREFIX="bitcoin-core-" RCVERSIONSTRING="rc" @@ -81,7 +84,7 @@ else fi #first we fetch the file containing the signature -WGETOUT=$(wget -N "$BASEDIR$SIGNATUREFILENAME" 2>&1) +WGETOUT=$(wget -N "$HOST1$BASEDIR$SIGNATUREFILENAME" 2>&1) #and then see if wget completed successfully if [ $? -ne 0 ]; then @@ -92,6 +95,22 @@ if [ $? -ne 0 ]; then exit 2 fi +WGETOUT=$(wget -N -O "$SIGNATUREFILENAME.2" "$HOST2$BASEDIR$SIGNATUREFILENAME" 2>&1) +if [ $? -ne 0 ]; then + echo "bitcoin.org failed to provide signature file, but bitcoincore.org did?" + echo "wget output:" + echo "$WGETOUT"|sed 's/^/\t/g' + clean_up $SIGNATUREFILENAME + exit 3 +fi + +SIGFILEDIFFS="$(diff $SIGNATUREFILENAME $SIGNATUREFILENAME.2)" +if [ "$SIGFILEDIFFS" != "" ]; then + echo "bitcoin.org and bitcoincore.org signature files were not equal?" + clean_up $SIGNATUREFILENAME $SIGNATUREFILENAME.2 + exit 4 +fi + #then we check it GPGOUT=$(gpg --yes --decrypt --output "$TMPFILE" "$SIGNATUREFILENAME" 2>&1) @@ -111,7 +130,7 @@ if [ $RET -ne 0 ]; then echo "gpg output:" echo "$GPGOUT"|sed 's/^/\t/g' - clean_up $SIGNATUREFILENAME $TMPFILE + clean_up $SIGNATUREFILENAME $SIGNATUREFILENAME.2 $TMPFILE exit "$RET" fi @@ -131,7 +150,7 @@ FILES=$(awk '{print $2}' "$TMPFILE") for file in $FILES do echo "Downloading $file" - wget --quiet -N "$BASEDIR$file" + wget --quiet -N "$HOST1$BASEDIR$file" done #check hashes @@ -149,7 +168,7 @@ fi if [ -n "$2" ]; then echo "Clean up the binaries" - clean_up $FILES $SIGNATUREFILENAME $TMPFILE + clean_up $FILES $SIGNATUREFILENAME $SIGNATUREFILENAME.2 $TMPFILE else echo "Keep the binaries in $WORKINGDIR" clean_up $TMPFILE |