summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorZac Medico <zmedico@gentoo.org>2006-12-02 04:42:33 +0000
committerZac Medico <zmedico@gentoo.org>2006-12-02 04:42:33 +0000
commiteabd4140a9a273a0ac99dec2f19b808b8379736c (patch)
treedf7e07bc31fee3dc73162735768d8db93728ed5b
parent81f6fdf9e08d3b2e1ce681732647b4459e09377d (diff)
downloadportage-eabd4140a9a273a0ac99dec2f19b808b8379736c.tar.gz
portage-eabd4140a9a273a0ac99dec2f19b808b8379736c.tar.bz2
portage-eabd4140a9a273a0ac99dec2f19b808b8379736c.zip
Always verify the ebuild checksums before executing it. Thanks to solar for the suggestion and antarus for the initial patch.
svn path=/main/trunk/; revision=5150
-rw-r--r--pym/portage.py23
1 files changed, 23 insertions, 0 deletions
diff --git a/pym/portage.py b/pym/portage.py
index 7513beb2b..e04fafebf 100644
--- a/pym/portage.py
+++ b/pym/portage.py
@@ -3007,6 +3007,29 @@ def doebuild(myebuild, mydo, myroot, mysettings, debug=0, listonly=0,
noiselevel=-1)
return 1
+ if "strict" in features and mydo not in ("digest", "manifest", "help"):
+ # Always verify the ebuild checksums before executing it.
+ pkgdir = os.path.dirname(myebuild)
+ manifest_path = os.path.join(pkgdir, "Manifest")
+ if not os.path.exists(manifest_path):
+ writemsg("!!! Manifest file not found: '%s'\n" % manifest_path,
+ noiselevel=-1)
+ return 1
+ mf = Manifest(pkgdir, mysettings["DISTDIR"])
+ try:
+ mf.checkTypeHashes("EBUILD")
+ except portage_exception.FileNotFound, e:
+ writemsg("!!! A file listed in the Manifest " + \
+ "could not be found: %s\n" % str(e), noiselevel=-1)
+ return 1
+ except portage_exception.DigestException, e:
+ writemsg("!!! Digest verification failed:\n", noiselevel=-1)
+ writemsg("!!! %s\n" % e.value[0], noiselevel=-1)
+ writemsg("!!! Reason: %s\n" % e.value[1], noiselevel=-1)
+ writemsg("!!! Got: %s\n" % e.value[2], noiselevel=-1)
+ writemsg("!!! Expected: %s\n" % e.value[3], noiselevel=-1)
+ return 1
+
doebuild_environment(myebuild, mydo, myroot, mysettings, debug,
use_cache, mydbapi)