From 7ec0b463aa6aac8b8576433806181eba74983372 Mon Sep 17 00:00:00 2001 From: onefang Date: Thu, 5 Dec 2019 23:53:15 +1000 Subject: Tweakage of how Packages are checked. --- apt-panopticon.lua | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/apt-panopticon.lua b/apt-panopticon.lua index 2a65d0b..de6f271 100755 --- a/apt-panopticon.lua +++ b/apt-panopticon.lua @@ -1036,23 +1036,27 @@ if 0 < #arg then for l in nfile:lines() do local v, p, sz, m, sha = l:match(' | (.+) | (pool/.+%.deb) | (%d.+) | (%x.+) | (%x.+) |') if nil ~= p then - local status, fsz = execute('ls -l results/' .. pu.host .. "/merged/" .. p .. ' | cut -d " " -f 5-5') - if testing("Integrity") then - if sz ~= fsz:sub(2, -2) then -- The sub bit is to slice off the EOLs at each end. - E('Package size mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) - print('|' .. sz .. '~=' .. fsz:sub(2, -2) .. '|') - else - local status, fm = execute('md5sum results/' .. pu.host .. "/merged/" .. p .. ' | cut -d " " -f 1') - if m ~= fm:sub(2, -2) then E('Package MD5 sum mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) end - local status, fsha = execute('sha256sum results/' .. pu.host .. "/merged/" .. p .. ' | cut -d " " -f 1') - if sha ~= fsha:sub(2, -2) then E('Package SHA256 sum mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) end + if checkFile('results/' .. pu.host .. "/merged/" .. p) then + local status, fsz = execute('ls -l results/' .. pu.host .. "/merged/" .. p .. ' | cut -d " " -f 5-5') + if testing("Integrity") then + if sz ~= fsz:sub(2, -2) then -- The sub bit is to slice off the EOLs at each end. + E('Package size mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) + print('|' .. sz .. '~=' .. fsz:sub(2, -2) .. '|') + else + local status, fm = execute('md5sum results/' .. pu.host .. "/merged/" .. p .. ' | cut -d " " -f 1') + if m ~= fm:sub(2, -2) then E('Package MD5 sum mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) end + local status, fsha = execute('sha256sum results/' .. pu.host .. "/merged/" .. p .. ' | cut -d " " -f 1') + if sha ~= fsha:sub(2, -2) then E('Package SHA256 sum mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Integrity', pu.host) end -- TODO - maybe check the PGP key, though packages are mostly not signed. + end end - end - if testing("Updated") then - if sz ~= fsz:sub(2, -2) then - E('Package size mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Updated', pu.host) + if testing("Updated") then + if sz ~= fsz:sub(2, -2) then + E('Package size mismatch - results/' .. pu.host .. "/merged/" .. p, 'http', 'Updated', pu.host) + end end + else + E('Failed to download - results/' .. pu.host .. "/merged/" .. p, 'http', 'Updated', pu.host) end end end -- cgit v1.1