On 07/05/2014 07:23, James wrote: > So, > > Since (forever) I have manually checked the .Digest and such using > openssl or gpg, not unlike what is in the gentoo handbook. > > This is retarded, and I'm too old to do that now, so I went shopping > for some script/tool/code to do it for me. I sure that a sinlple > script with diff would be sufficient to compare the download hash > against the one openssl generates... In fact, I do not know > why the integrity check is not fully integrated into ftp. rsync. > or whatever the download tool is? > > If futher suspicion warrants, I can always perform a manual spot check, > but some integrated integrity should be part of the download process? > > > > But why not just use a simple script: > > <scriptname> package.just.downloaded package.just.downloaded.DIGESTS > > and have it return: > > <ok or match or corrupted> > > After all this is intuitively obviously, when I burn a cd/dvd > and is an integrated option. > > ??? > > So I found this python script "verify.py" > > https://bbs.archlinux.org/viewtopic.php?id=83839 > > > Sure there is a slicker, newer, better scheme? > Pardon my (lazy) ignorance here..... > > > James > > > >
Perhaps I'm just old and retarded myself, but portage already does what you want. I edited the hashes in the Manifest file for something in my local overlay and tried to emerge it. Here's what I got: # emerge -1 mysql-refman Calculating dependencies... done! >>> Verifying ebuild manifests >>> Emerging (1 of 1) app-doc/mysql-refman-5.5::alan !!! Previously fetched file: '/var/distfiles/refman-5.5-en.html-chapter.tar.gz' !!! Reason: Failed on SHA256 verification !!! Got: 2eb9f21b4bc88b89a05e28b8a25ec221d36677ee13f2733c1dd1d0d28e81ad0d !!! Expected: 2eb9f21b4bc88b89a05e28b8a25ec221d36677ee13f2733c1dd1d0d28e81ad0e Refetching... File renamed to '/var/distfiles/refman-5.5-en.html-chapter.tar.gz._checksum_failure_.1s4y_D' In this case I had the download files already in distfiles, portage however applies the same check if it has to download things first. -- Alan McKinnon [email protected]
