summaryrefslogtreecommitdiff
path: root/src/commitpkg.in
diff options
context:
space:
mode:
authorJelle van der Waa <jelle@archlinux.org>2023-01-02 15:16:29 +0100
committerLevente Polyak <anthraxx@archlinux.org>2023-03-19 21:57:30 +0100
commit9297eb344e997b716ee3de9f17c7ebb33cd1791d (patch)
treeab5eaa6fce2b750aa8e5df09211f4350a4202c8b /src/commitpkg.in
parentb34814419dff4c266201c7ee2402bdf9648c6078 (diff)
downloaddevtools-9297eb344e997b716ee3de9f17c7ebb33cd1791d.tar.xz
commitpkg: disallow weak hashing algorithms
Do not allow uploads of source=() with only weak cryptographic hashing algorithms but require at least one strong algorithm. This doesn't 100% enforce it ofcourse, but it allows for an early failure instead of failing in `db-update`. Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Diffstat (limited to 'src/commitpkg.in')
-rw-r--r--src/commitpkg.in30
1 files changed, 30 insertions, 0 deletions
diff --git a/src/commitpkg.in b/src/commitpkg.in
index ef30544..6b9d727 100644
--- a/src/commitpkg.in
+++ b/src/commitpkg.in
@@ -4,6 +4,33 @@
m4_include(lib/common.sh)
+check_pkgbuild_validity() {
+ # shellcheck source=contrib/makepkg/PKGBUILD.proto
+ . ./PKGBUILD
+
+ # skip when there are no sources available
+ if (( ! ${#source[@]} )); then
+ return
+ fi
+
+ # validate sources hash algo is at least > sha1
+ local bad_algos=("cksums" "md5sums" "sha1sums")
+ local good_hash_algo=false
+
+ # from makepkg libmakepkg/util/schema.sh
+ for integ in "${known_hash_algos[@]}"; do
+ local sumname="${integ}sums"
+ if [[ -n ${!sumname} ]] && ! in_array "${sumname}" "${bad_algos[@]}"; then
+ good_hash_algo=true
+ break
+ fi
+ done
+
+ if ! $good_hash_algo; then
+ die "PKGBUILD lacks a secure cryptographic checksum, insecure algorithms: ${bad_algos[*]}"
+ fi
+}
+
# Source makepkg.conf; fail if it is not found
if [[ -r '/etc/makepkg.conf' ]]; then
# shellcheck source=config/makepkg/x86_64.conf
@@ -121,6 +148,9 @@ for _arch in "${arch[@]}"; do
fi
done
+# check for PKGBUILD standards
+check_pkgbuild_validity
+
if [[ -z $server ]]; then
server='repos.archlinux.org'
fi