check_hash implemented (sha256)

lint-refactor
KatolaZ 8 years ago
parent e404b1dd69
commit bc495e28f8
  1. 35
      exec.go
  2. 10
      hooks/post-receive

@ -2,7 +2,9 @@ package main
import (
"bufio"
"crypto/sha256"
"fmt"
"io/ioutil"
"log"
"net/url"
"os"
@ -32,6 +34,22 @@ func exec_local_file(cmd_url *url.URL, args, env []string) error {
return err
}
func check_hash(file, hash string) error {
data, err := ioutil.ReadFile(file)
if err != nil {
return err
}
hash_bytes := sha256.Sum256(data)
computed_hash := string(hash_bytes[:sha256.Size])
if string(computed_hash) == hash {
return nil
} else {
return fmt.Errorf("WARNING!!! HASH MISMATCH FOR %s", file)
}
}
func exec_url(cmd_url *url.URL, args, env []string) error {
return nil
@ -48,11 +66,20 @@ func exec_tag(tag *SCORSHtag_cfg, args []string, env []string) []error {
log.Printf("[tag: %s] error parsing URL: %s", tag.Name, err)
} else {
if cmd_url.Scheme == "file" {
//if err = check_hash(cmd_url, c.Hash); err == nil {
err = nil
// if a hash is specified, check that it matches
if c.Hash != "" {
err = check_hash(cmd_url.Path, c.Hash)
}
// if the hash does not match, abort the command
if err != nil {
log.Printf("[tag: %s] %s -- aborting command\n", tag.Name, err)
continue
} else {
// finally, the command can be executed
err = exec_local_file(cmd_url, args, env)
//} else {
//log.Printf("[tag: %s] WARNING!!! HASH MISMATCH FOR %s\n", cmd_url)
//}
}
} else if cmd_url.Scheme == "http" || cmd_url.Scheme == "https" {
err = exec_url(cmd_url, args, env)
}

@ -24,9 +24,7 @@ while read old_value new_value ref; do
echo "old_rev: ${old_value}"
echo "new_rev: ${new_value}"
echo "spool_dir: ${spool_dir}"
done
cat <<EOF
cat <<EOF >${spool_dir}/${id}
---
m_id: $id
m_repo: $repo
@ -34,6 +32,10 @@ m_branch: $branch
m_oldrev: ${old_value}
m_newrev: ${new_value}
...
EOF>${spool_dir}/${id}
EOF
done

Loading…
Cancel
Save