diff options
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/gitian-descriptors/README | 2 | ||||
-rw-r--r-- | contrib/gitian-descriptors/gitian-win32.yml | 4 | ||||
-rw-r--r-- | contrib/gitian-descriptors/qt-win32.yml | 8 | ||||
-rwxr-xr-x | contrib/verifysfbinaries/verify.sh | 119 |
4 files changed, 126 insertions, 7 deletions
diff --git a/contrib/gitian-descriptors/README b/contrib/gitian-descriptors/README index 1d3910b994..46c7668ab9 100644 --- a/contrib/gitian-descriptors/README +++ b/contrib/gitian-descriptors/README @@ -31,7 +31,7 @@ Once you've got the right hardware and software: wget 'http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz' wget 'https://downloads.sourceforge.net/project/libpng/zlib/1.2.6/zlib-1.2.6.tar.gz' wget 'https://downloads.sourceforge.net/project/libpng/libpng15/older-releases/1.5.9/libpng-1.5.9.tar.gz' - wget 'http://releases.qt-project.org/qt4/source/qt-everywhere-opensource-src-4.8.2.tar.gz' + wget 'http://releases.qt-project.org/qt4/source/qt-everywhere-opensource-src-4.8.3.tar.gz' cd ../.. cd gitian-builder diff --git a/contrib/gitian-descriptors/gitian-win32.yml b/contrib/gitian-descriptors/gitian-win32.yml index c5979614d3..9df42a0bec 100644 --- a/contrib/gitian-descriptors/gitian-win32.yml +++ b/contrib/gitian-descriptors/gitian-win32.yml @@ -15,14 +15,14 @@ remotes: - "url": "https://github.com/bitcoin/bitcoin.git" "dir": "bitcoin" files: -- "qt-win32-4.8.2-gitian-r1.zip" +- "qt-win32-4.8.3-gitian-r1.zip" - "boost-win32-1.50.0-gitian2.zip" - "bitcoin-deps-0.0.5.zip" script: | # mkdir $HOME/qt cd $HOME/qt - unzip ../build/qt-win32-4.8.2-gitian-r1.zip + unzip ../build/qt-win32-4.8.3-gitian-r1.zip cd $HOME/build/ export PATH=$PATH:$HOME/qt/bin/ # diff --git a/contrib/gitian-descriptors/qt-win32.yml b/contrib/gitian-descriptors/qt-win32.yml index 87887dec87..0b711790e6 100644 --- a/contrib/gitian-descriptors/qt-win32.yml +++ b/contrib/gitian-descriptors/qt-win32.yml @@ -11,15 +11,15 @@ packages: reference_datetime: "2011-01-30 00:00:00" remotes: [] files: -- "qt-everywhere-opensource-src-4.8.2.tar.gz" +- "qt-everywhere-opensource-src-4.8.3.tar.gz" script: | INSTDIR="$HOME/qt/" mkdir $INSTDIR SRCDIR="$INSTDIR/src/" mkdir $SRCDIR # - tar xzf qt-everywhere-opensource-src-4.8.2.tar.gz - cd qt-everywhere-opensource-src-4.8.2 + tar xzf qt-everywhere-opensource-src-4.8.3.tar.gz + cd qt-everywhere-opensource-src-4.8.3 sed 's/$TODAY/2011-01-30/' -i configure sed 's/i686-pc-mingw32-/i586-mingw32msvc-/' -i mkspecs/unsupported/win32-g++-cross/qmake.conf sed --posix 's|QMAKE_CFLAGS\t\t= -pipe|QMAKE_CFLAGS\t\t= -pipe -isystem /usr/i586-mingw32msvc/include/ -frandom-seed=qtbuild|' -i mkspecs/unsupported/win32-g++-cross/qmake.conf @@ -51,4 +51,4 @@ script: | # as zip stores file timestamps, use faketime to intercept stat calls to set dates for all files to reference date export LD_PRELOAD=/usr/lib/faketime/libfaketime.so.1 - zip -r $OUTDIR/qt-win32-4.8.2-gitian-r1.zip * + zip -r $OUTDIR/qt-win32-4.8.3-gitian-r1.zip * diff --git a/contrib/verifysfbinaries/verify.sh b/contrib/verifysfbinaries/verify.sh new file mode 100755 index 0000000000..336de3ec1f --- /dev/null +++ b/contrib/verifysfbinaries/verify.sh @@ -0,0 +1,119 @@ +#!/bin/bash + +### This script attempts to download the signature file SHA256SUMS.asc from SourceForge +### It first checks if the signature passes, and then downloads the files specified in +### the file, and checks if the hashes of these files match those that are specified +### in the signature file. +### The script returns 0 if everything passes the checks. It returns 1 if either the +### signature check or the hash check doesn't pass. If an error occurs the return value is 2 + +function clean_up { + for file in $* + do + rm "$file" 2> /dev/null + done +} + +WORKINGDIR="/tmp/bitcoin" +TMPFILE="hashes.tmp" + +#this URL is used if a version number is not specified as an argument to the script +SIGNATUREFILE="http://downloads.sourceforge.net/project/bitcoin/Bitcoin/bitcoin-0.7.1/test/SHA256SUMS.asc" + +SIGNATUREFILENAME="SHA256SUMS.asc" +RCSUBDIR="test/" +BASEDIR="http://downloads.sourceforge.net/project/bitcoin/Bitcoin/" +VERSIONPREFIX="bitcoin-" +RCVERSIONSTRING="rc" + +if [ ! -d "$WORKINGDIR" ]; then + mkdir "$WORKINGDIR" +fi + +cd "$WORKINGDIR" + +#test if a version number has been passed as an argument +if [ -n "$1" ]; then + #let's also check if the version number includes the prefix 'bitcoin-', + # and add this prefix if it doesn't + if [[ $1 == "$VERSIONPREFIX"* ]]; then + VERSION="$1" + else + VERSION="$VERSIONPREFIX$1" + fi + + #now let's see if the version string contains "rc", and strip it off if it does + # and simultaneously add RCSUBDIR to BASEDIR, where we will look for SIGNATUREFILENAME + if [[ $VERSION == *"$RCVERSIONSTRING"* ]]; then + BASEDIR="$BASEDIR${VERSION/%-$RCVERSIONSTRING*}/" + BASEDIR="$BASEDIR$RCSUBDIR" + else + BASEDIR="$BASEDIR$VERSION/" + fi + + SIGNATUREFILE="$BASEDIR$SIGNATUREFILENAME" +else + BASEDIR="${SIGNATUREFILE%/*}/" +fi + +#first we fetch the file containing the signature +WGETOUT=$(wget -N "$BASEDIR$SIGNATUREFILENAME" 2>&1) + +#and then see if wget completed successfully +if [ $? -ne 0 ]; then + echo "Error: couldn't fetch signature file. Have you specified the version number in the following format?" + echo "[bitcoin-]<version>-[rc[0-9]] (example: bitcoin-0.7.1-rc1)" + echo "wget output:" + echo "$WGETOUT"|sed 's/^/\t/g' + exit 2 +fi + +#then we check it +GPGOUT=$(gpg --yes --decrypt --output "$TMPFILE" "$SIGNATUREFILENAME" 2>&1) + +#return value 0: good signature +#return value 1: bad signature +#return value 2: gpg error + +RET="$?" +if [ $RET -ne 0 ]; then + if [ $RET -eq 1 ]; then + #and notify the user if it's bad + echo "Bad signature." + elif [ $RET -eq 2 ]; then + #or if a gpg error has occured + echo "gpg error. Do you have Gavin's code signing key installed?" + fi + + echo "gpg output:" + echo "$GPGOUT"|sed 's/^/\t/g' + clean_up $SIGNATUREFILENAME $TMPFILE + exit "$RET" +fi + +#here we extract the filenames from the signature file +FILES=$(awk '{print $2}' "$TMPFILE") + +#and download these one by one +for file in in $FILES +do + wget --quiet -N "$BASEDIR$file" +done + +#check hashes +DIFF=$(diff <(sha256sum $FILES) "$TMPFILE") + +if [ $? -eq 1 ]; then + echo "Hashes don't match." + echo "Offending files:" + echo "$DIFF"|grep "^<"|awk '{print "\t"$3}' + exit 1 +elif [ $? -gt 1 ]; then + echo "Error executing 'diff'" + exit 2 +fi + +#everything matches! clean up the mess +clean_up $FILES $SIGNATUREFILENAME $TMPFILE + +exit 0 |