diff options
| author | KatolaZ <katolaz@freaknet.org> | 2017-07-21 11:00:16 +0100 |
|---|---|---|
| committer | KatolaZ <katolaz@freaknet.org> | 2017-07-21 11:00:16 +0100 |
| commit | bc495e28f8e622cab87a26cc25c7b5e8aa2c8daa (patch) | |
| tree | 7973eec46a95c8101411d6e2bb0f2294af5611cb | |
| parent | e404b1dd6923c255e22933127d3e6f4e4119f61b (diff) | |
check_hash implemented (sha256)
| -rw-r--r-- | exec.go | 37 | ||||
| -rwxr-xr-x | hooks/post-receive | 10 |
2 files changed, 38 insertions, 9 deletions
@@ -2,7 +2,9 @@ package main import ( "bufio" + "crypto/sha256" "fmt" + "io/ioutil" "log" "net/url" "os" @@ -32,6 +34,22 @@ func exec_local_file(cmd_url *url.URL, args, env []string) error { return err } +func check_hash(file, hash string) error { + + data, err := ioutil.ReadFile(file) + if err != nil { + return err + } + hash_bytes := sha256.Sum256(data) + computed_hash := string(hash_bytes[:sha256.Size]) + if string(computed_hash) == hash { + return nil + } else { + return fmt.Errorf("WARNING!!! HASH MISMATCH FOR %s", file) + } + +} + func exec_url(cmd_url *url.URL, args, env []string) error { return nil @@ -48,11 +66,20 @@ func exec_tag(tag *SCORSHtag_cfg, args []string, env []string) []error { log.Printf("[tag: %s] error parsing URL: %s", tag.Name, err) } else { if cmd_url.Scheme == "file" { - //if err = check_hash(cmd_url, c.Hash); err == nil { - err = exec_local_file(cmd_url, args, env) - //} else { - //log.Printf("[tag: %s] WARNING!!! HASH MISMATCH FOR %s\n", cmd_url) - //} + err = nil + // if a hash is specified, check that it matches + if c.Hash != "" { + err = check_hash(cmd_url.Path, c.Hash) + } + // if the hash does not match, abort the command + if err != nil { + log.Printf("[tag: %s] %s -- aborting command\n", tag.Name, err) + continue + } else { + // finally, the command can be executed + err = exec_local_file(cmd_url, args, env) + } + } else if cmd_url.Scheme == "http" || cmd_url.Scheme == "https" { err = exec_url(cmd_url, args, env) } diff --git a/hooks/post-receive b/hooks/post-receive index 2bffd83..66c1b2a 100755 --- a/hooks/post-receive +++ b/hooks/post-receive @@ -24,9 +24,7 @@ while read old_value new_value ref; do echo "old_rev: ${old_value}" echo "new_rev: ${new_value}" echo "spool_dir: ${spool_dir}" -done - -cat <<EOF + cat <<EOF >${spool_dir}/${id} --- m_id: $id m_repo: $repo @@ -34,6 +32,10 @@ m_branch: $branch m_oldrev: ${old_value} m_newrev: ${new_value} ... -EOF>${spool_dir}/${id} +EOF + +done + + |