A utility for downloading and verifying FreeBSD releases and snapshots
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

509 lines
12 KiB

  1. #!/bin/sh -
  2. #
  3. # Copyright 2018 John-Mark Gurney.
  4. # All rights reserved.
  5. #
  6. # Redistribution and use in source and binary forms, with or without
  7. # modification, are permitted provided that the following conditions
  8. # are met:
  9. # 1. Redistributions of source code must retain the above copyright
  10. # notice, this list of conditions and the following disclaimer.
  11. # 2. Redistributions in binary form must reproduce the above copyright
  12. # notice, this list of conditions and the following disclaimer in the
  13. # documentation and/or other materials provided with the distribution.
  14. #
  15. # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  16. # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  17. # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  18. # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  19. # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  20. # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  21. # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  22. # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  23. # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  24. # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  25. # SUCH DAMAGE.
  26. #
  27. # $Id$
  28. #
  29. STOREDIR="$HOME/.snapaid"
  30. KEYS="78B342BA26C7B2AC681EA7BE524F0C37A0B946A3"
  31. KEY_URLS='https://cgit.freebsd.org/doc/plain/documentation/static/pgpkeys/gjb.key'
  32. setdefaults() {
  33. GPG=$(which gpg2)
  34. WGET=$(which wget)
  35. SHASUM=$(which shasum)
  36. }
  37. setdefaults
  38. if [ ! -x "$GPG" ]; then
  39. echo 'Failed to find gpg2 executable'
  40. exit 1
  41. fi
  42. if [ ! -x "$WGET" ]; then
  43. echo 'Failed to find wget executable'
  44. exit 1
  45. fi
  46. if [ ! -x "$SHASUM" ]; then
  47. echo 'Failed to find shasum executable'
  48. exit 1
  49. fi
  50. #wget:
  51. # -N for timestamps
  52. # --backups=x for backing up
  53. hostname=people.FreeBSD.org
  54. hostname=www.funkthat.com
  55. completeurl="https://${hostname}/~jmg/FreeBSD-snap/snapshot.complete.idx.xz"
  56. currenturl="https://${hostname}/~jmg/FreeBSD-snap/snapshot.idx.xz"
  57. # type release arch platform date svnrev xxx fname url mid
  58. # 1 2 3 4 5 6 7 8 9 10
  59. # iso 11.1-STABLE arm-armv6 BEAGLEBONE 20180315 r330998 xxx FreeBSD-11.1-STABLE-arm-armv6-BEAGLEBONE-20180315-r330998.img.xz https://download.freebsd.org/ftp/snapshots/ISO-IMAGES/11.1/FreeBSD-11.1-STABLE-arm-armv6-BEAGLEBONE-20180315-r330998.img.xz 20180316000842.GA7399@FreeBSD.org
  60. set -e
  61. # This is used for some testing functions
  62. copy_function() {
  63. declare -F "$1" > /dev/null || return 1
  64. local func="$(declare -f "$1")"
  65. eval "${2}(${func#*\(}"
  66. }
  67. # Test function to cause a bad input
  68. cmd_failure() {
  69. exit 1
  70. }
  71. # First time fails, second time run real command
  72. gpg_first_fails() {
  73. copy_function verifygpg_orig verifygpg
  74. return 1
  75. }
  76. # When first arg is --, just touch the file to fake a bad d/l
  77. bad_file_dl() {
  78. if [ x"$1" = x"--" ]; then
  79. touch $(basename "$2")
  80. else
  81. $WGET_orig "$@"
  82. fi
  83. }
  84. # Make sure that the storage directory is present
  85. mkstore() {
  86. mkdir "$STOREDIR" 2>/dev/null || :
  87. if ! [ -x "$STOREDIR" -a -w "$STOREDIR" -a -d "$STOREDIR" ]; then
  88. echo "$STOREDIR is not a writable directory."
  89. fi
  90. }
  91. check_keys() {
  92. for i in $KEYS; do
  93. if ! $GPG --list-keys "$i" >/dev/null 2>&1; then
  94. return 1
  95. fi
  96. done
  97. return 0
  98. }
  99. # Given a message id, get the raw body and store it.
  100. get_raw() {
  101. mkstore
  102. mid="$1"
  103. midfile="$STOREDIR/$mid".raw
  104. if [ ! -e "$midfile" ]; then
  105. # get the location, it's a database lookup
  106. loc=$($WGET --max-redirect=0 --method=HEAD -S -o - -O - 'https://docs.freebsd.org/cgi/mid.cgi?'"$mid" 2>/dev/null | awk 'tolower($1) == "location:" { print $2; exit }')
  107. # Some emails are sent to both -current and -snapshot,
  108. # we can't handle them for now
  109. # such as 20160529215940.GA11785@FreeBSD.org
  110. if [ x"$loc" = x"" ]; then
  111. return 1
  112. fi
  113. # if it's relative, add https
  114. if [ x"$loc" != x"${loc#//}" ]; then
  115. # add https
  116. loc="https:$loc"
  117. fi
  118. # get the raw part
  119. tmpfile="$STOREDIR/.tmp.$$.$mid".raw
  120. # strip out everything but message id and first signed part
  121. $WGET -O - "$loc"+raw 2>/dev/null | awk '
  122. tolower($1) == "message-id:" && check == 0 {
  123. print
  124. }
  125. $0 == "-----BEGIN PGP SIGNED MESSAGE-----" {
  126. sigbody = 1
  127. }
  128. sigbody {
  129. print
  130. }
  131. $0 == "-----END PGP SIGNATURE-----" {
  132. sigbody = 0
  133. }' > "$tmpfile"
  134. if verifygpg "$tmpfile"; then
  135. mv "$tmpfile" "$STOREDIR/$mid.raw"
  136. else
  137. rm "$tmpfile"
  138. echo Bad signature from mail archive.
  139. return 1
  140. fi
  141. else
  142. if ! verifygpg "$midfile"; then
  143. rm "$midfile"
  144. get_raw "$mid"
  145. return $?
  146. fi
  147. fi
  148. }
  149. fetch() {
  150. mkstore
  151. if ! (cd "$STOREDIR" && $WGET -N "$1" >/dev/null 2>&1); then
  152. return 1
  153. fi
  154. }
  155. getvermid() {
  156. xzcat "$STOREDIR"/snapshot.complete.idx.xz | awk '$8 == fname {
  157. print $10
  158. }' fname="$i"
  159. }
  160. # takes basename of arg, which much exist in STOREDIR, and verifies
  161. # that the signature is valid.
  162. verifygpg() {
  163. local fname
  164. fname=$(basename "$1")
  165. if ! (cd "$STOREDIR" && $GPG --verify "$fname" 2> /dev/null); then
  166. echo 'ERROR: PGP signature verification failed!'
  167. return 1
  168. fi
  169. }
  170. # Verifies the file
  171. verifyfile() {
  172. local fname
  173. local hashinfo
  174. local algo hash
  175. fname="$STOREDIR/${1}.raw"
  176. hashinfo=$(awk '
  177. check && $2 == "('"$2"')" {
  178. hashes[$1] = $4
  179. }
  180. $0 == "-----BEGIN PGP SIGNED MESSAGE-----" {
  181. check = 1
  182. }
  183. $0 == "-----BEGIN PGP SIGNATURE-----" {
  184. check = 0
  185. }
  186. END {
  187. if ("SHA512" in hashes)
  188. algo = "SHA512"
  189. else if ("SHA256" in hashes)
  190. algo = "SHA256"
  191. else {
  192. print "unkn BADHASH"
  193. exit 1
  194. }
  195. print algo " " hashes[algo]
  196. }
  197. ' "$fname")
  198. read algo hash <<-EOF
  199. ${hashinfo}
  200. EOF
  201. if [ x"$algo" == x"unkn" -o x"$algo" = x"" ]; then
  202. echo 'Unable to find hash for file.'
  203. exit 1
  204. fi
  205. echo "$hash $2" | $SHASUM -a "${algo#SHA}" -c -
  206. }
  207. dlverify() {
  208. fname="$8"
  209. dlurl="$9"
  210. vermid="${10}"
  211. # verify snap email
  212. if ! get_raw "$vermid"; then
  213. echo "Unable to fetch/verify snapshot email for: $fname"
  214. return 1
  215. fi
  216. if ! [ -f $(basename "$dlurl") ]; then
  217. # fetch link
  218. $WGET -- "$dlurl"
  219. else
  220. echo 'Image already exists, verifying...'
  221. fi
  222. if ! verifyfile "$vermid" "$fname"; then
  223. echo 'Removing bad file.'
  224. rm "$fname"
  225. return 1
  226. fi
  227. }
  228. if ! check_keys; then
  229. echo 'Necessary keys have not been imported into key ring.'
  230. echo "Please obtain they following keyid(s):"
  231. echo $KEYS
  232. echo ""
  233. echo "The keys may be obtained from the following URLs:"
  234. for i in $KEY_URLS; do
  235. echo "$i"
  236. done
  237. echo ""
  238. echo "and imported into GPG w/ the --import option. This can be"
  239. echo "done via the command:"
  240. echo "fetch -o - $KEY_URLS | gpg --import -"
  241. echo ""
  242. echo "For extra security, additional verification should be done, such"
  243. echo "as manually verifying finger prints."
  244. exit 3
  245. fi
  246. if [ x"$1" = x"verify" ]; then
  247. shift
  248. if ! fetch "$completeurl"; then
  249. echo Failed to fetch the complete index.
  250. exit 1
  251. fi
  252. for i in "$@"; do
  253. vermid=$(getvermid "$i")
  254. if [ x"$vermid" = x"" ]; then
  255. echo "Unable to find entry for: $i"
  256. continue
  257. fi
  258. if ! get_raw "$vermid"; then
  259. echo "Unable to fetch snapshot email for: $i"
  260. continue
  261. fi
  262. verifyfile "$vermid" "$i"
  263. done
  264. elif [ x"$1" = x"find" ]; then
  265. shift
  266. fetch "$currenturl"
  267. tmpdir=$(mktemp -d -t snapaid)
  268. trap "rm -r $tmpdir" 0
  269. ( cd "$tmpdir";
  270. xzcat "$STOREDIR"/snapshot.idx.xz | sort -r -k 5 -k 2 > selection;
  271. while :; do
  272. cnt=$(wc -l < selection)
  273. if [ x"$1" = x"" ]; then
  274. # display current list
  275. awk '
  276. BEGIN {
  277. # xzcat snapshot.complete.idx.xz | ./maxcol.awk
  278. # xzcat snapshot.complete.idx.xz | awk "{ print $3}" | sort -u
  279. # note that for powerpc-* that first part is dropped
  280. fmtstr = "%2s %-3s %-15s %-14s %-18s %-8s %-11s\n"
  281. printf(fmtstr, "#", "TYP", "RELEASE", "ARCH", "PLATFORM/TYPE", "DATE", "REV")
  282. cnt = 1
  283. }
  284. {
  285. if ($3 ~ /^powerpc-/)
  286. $3 = substr($3, 9)
  287. if ($4 == "xxx")
  288. plt=$7
  289. else
  290. plt=$4
  291. printf(fmtstr, cnt, $1, $2, $3, plt, $5, $6)
  292. if (cnt >= 20)
  293. exit 0
  294. cnt += 1
  295. }
  296. ' selection
  297. fi
  298. if [ x"$1" != x"" ]; then
  299. sel="$1"
  300. shift
  301. else
  302. read -p 'Select image #, enter search term, reset, or quit: ' sel
  303. fi
  304. if [ x"$sel" = x"reset" ]; then
  305. xzcat "$STOREDIR"/snapshot.idx.xz | sort -r -k 5 > selection;
  306. continue
  307. elif [ x"$sel" = x"quit" ]; then
  308. echo "$sel" > sel
  309. break
  310. fi
  311. if [ "$cnt" -gt 20 ]; then
  312. cnt=20
  313. fi
  314. if [ "$sel" -ge 1 -a "$sel" -le "$cnt" ] 2>/dev/null; then
  315. echo $(tail -n +"$sel" selection | head -n 1) > sel
  316. break
  317. else
  318. # restrict
  319. if ! grep -- "$sel" selection > selection.new; then
  320. echo WARNING: Ignoring selection, no results.
  321. else
  322. mv selection.new selection
  323. fi
  324. fi
  325. done
  326. )
  327. sel=$(cat "$tmpdir"/sel)
  328. if [ x"$sel" = x"quit" ]; then
  329. exit 0
  330. fi
  331. set -- ${sel}
  332. echo selected image "$8"
  333. dlverify ${sel}
  334. elif [ x"$1" = x"test" ]; then
  335. # Setup test environment
  336. tmpdir=$(mktemp -d -t snapaid)
  337. trap "rm -r $tmpdir" 0
  338. cd "$tmpdir"
  339. STOREDIR="$tmpdir"/snapaid
  340. # Make sure that the check keys function works.
  341. echo 'Testing check_keys works...'
  342. # Prime the custom keyring
  343. GPG="gpg2 --no-default-keyring --keyring pubring.gpg"
  344. for i in $KEY_URLS; do
  345. $WGET -O - -- "$i" 2>/dev/null | $GPG --import 2>/dev/null
  346. done
  347. if ! check_keys; then
  348. echo failed
  349. exit 1
  350. fi
  351. KEYS_orig="$KEYS"
  352. KEYS="0x1384923867573928" # bogus key
  353. if check_keys; then
  354. echo failed
  355. exit 1
  356. fi
  357. echo passed
  358. # Test a bad download fails
  359. echo 'Testing dlverify...'
  360. WGET_orig="$WGET"
  361. WGET=bad_file_dl
  362. # if dlverify is successsful, then it's a failure
  363. if dlverify iso 13.0-CURRENT sparc64 xxx 20181026 r339752 bootonly FreeBSD-13.0-CURRENT-sparc64-20181026-r339752-bootonly.iso.xz https://download.freebsd.org/ftp/snapshots/ISO-IMAGES/13.0/FreeBSD-13.0-CURRENT-sparc64-20181026-r339752-bootonly.iso.xz 20181026184443.GD75350@FreeBSD.org; then
  364. echo 'failed'
  365. exit 1
  366. fi
  367. # Make sure that a bad d/l was not left behind
  368. if [ -e FreeBSD-13.0-CURRENT-sparc64-20181026-r339752-bootonly.iso.xz ]; then
  369. echo failed
  370. exit 1
  371. fi
  372. echo passed
  373. # Test getting the raw file
  374. echo 'Testing get_raw success...'
  375. mid='20160122055622.GA87581@FreeBSD.org'
  376. get_raw "$mid"
  377. # Verify resulsts
  378. (cd "$STOREDIR" && echo '6e53df5995b6cc423c7f2d63b6df52d5d7f70e8586c25f91433fd8a1a2466e77be6a38884bde8bedd9ff6e7deb0215a66e1c2a16e4955503c20445e649a5fb47 20160122055622.GA87581@FreeBSD.org.raw' | $SHASUM -a 512 -c)
  379. echo passed
  380. # If the file already exists, but fails verification, that
  381. # it will refetch and be correct
  382. echo 'Testing get_raw with file already present that fails verification...'
  383. copy_function verifygpg verifygpg_orig
  384. copy_function gpg_first_fails verifygpg
  385. get_raw "$mid"
  386. (cd "$STOREDIR" && echo '6e53df5995b6cc423c7f2d63b6df52d5d7f70e8586c25f91433fd8a1a2466e77be6a38884bde8bedd9ff6e7deb0215a66e1c2a16e4955503c20445e649a5fb47 20160122055622.GA87581@FreeBSD.org.raw' | $SHASUM -a 512 -c)
  387. echo passed
  388. # If the file already exists, a "broken" wget won't cause
  389. # a problem
  390. echo 'Testing get_raw with file already present...'
  391. WGET=cmd_failure
  392. get_raw "$mid"
  393. echo passed
  394. # Test failure
  395. echo 'Testing get_raw fails w/ bad data...'
  396. WGET=cmd_failure
  397. rm "$STOREDIR/$mid.raw"
  398. # it should fail
  399. ! get_raw "$mid"
  400. # and the desired file should not exist
  401. if [ -e "$STOREDIR/$mid.raw" ]; then
  402. echo 'Test failed!'
  403. exit 1;
  404. fi
  405. echo passed
  406. setdefaults
  407. echo tests completed!!!
  408. else
  409. if [ $# -gt 0 ]; then
  410. echo "Unknown verb: $1"
  411. fi
  412. echo "Usage:"
  413. echo " $0 verify file ..."
  414. echo " $0 find [ termselection ... ]"
  415. echo ""
  416. echo "The verify option will attempt to verify each file specified."
  417. echo ""
  418. echo "The find option will start up an interactive session to find"
  419. echo "and select the snapshot to download and verify."
  420. fi