summaryrefslogtreecommitdiffhomepage
path: root/auto/modules/java_chk_sha512
diff options
context:
space:
mode:
authorMax Romanov <max.romanov@nginx.com>2020-01-28 17:02:51 +0300
committerMax Romanov <max.romanov@nginx.com>2020-01-28 17:02:51 +0300
commit1949be644cff80c7d9d45215a8042e657b8e1087 (patch)
treec9b731ec38337b6b5008efe8b44fd951aa2f3b7d /auto/modules/java_chk_sha512
parent04bf6457c60ddba195f6ddfdb9b119ab34feb1d2 (diff)
downloadunit-1949be644cff80c7d9d45215a8042e657b8e1087.tar.gz
unit-1949be644cff80c7d9d45215a8042e657b8e1087.tar.bz2
Java: introducing SHA512 sum validation for external JARs.
Diffstat (limited to '')
-rw-r--r--auto/modules/java_chk_sha51249
1 files changed, 49 insertions, 0 deletions
diff --git a/auto/modules/java_chk_sha512 b/auto/modules/java_chk_sha512
new file mode 100644
index 00000000..10891cee
--- /dev/null
+++ b/auto/modules/java_chk_sha512
@@ -0,0 +1,49 @@
+
+# Copyright (C) NGINX, Inc.
+
+# NXT_JAR_FILE=
+# NXT_JAR_CHK_FILE=
+
+NXT_SHA512_TOOL=${NXT_SHA512_TOOL=}
+
+if [ -z "$NXT_SHA512_TOOL" ]; then
+ $echo -n "looking for sha512 check tool ..."
+ $echo "looking for sha512 check tool ..." >> $NXT_AUTOCONF_ERR
+
+ if sha512sum --version >/dev/null 2>&1; then
+ NXT_SHA512_TOOL="sha512sum --check"
+ else
+ if shasum --version >/dev/null 2>&1; then
+ NXT_SHA512_TOOL="shasum -a 512 --check"
+ else
+ if openssl version >/dev/null 2>&1; then
+ NXT_SHA512_TOOL="openssl dgst -sha512"
+ fi
+ fi
+ fi
+
+ if [ -z "$NXT_SHA512_TOOL" ]; then
+ $echo " not found"
+ $echo
+ $echo $0: error: no sha512 tool found.
+ $echo
+ $echo "error: no sha512 tool found" >> $NXT_AUTOCONF_ERR
+ exit 1
+ fi
+
+ $echo " $NXT_SHA512_TOOL"
+ $echo "found $NXT_SHA512_TOOL" >> $NXT_AUTOCONF_ERR
+fi
+
+if [ -f "$NXT_JAR_CHK_FILE" ]; then
+ NXT_JAR_SHA512=`grep -F $NXT_JAR_FILE auto/modules/java_jar.sha512 | head -c 128`
+ NXT_JAR_CHK=${NXT_JAR_CHK_FILE}.sha512.$$
+ $echo "$NXT_JAR_SHA512 $NXT_JAR_CHK_FILE" > $NXT_JAR_CHK
+
+ if ! $NXT_SHA512_TOOL $NXT_JAR_CHK >/dev/null 2>&1; then
+ $echo "SHA512 not matched for $NXT_JAR_FILE, removing $NXT_JAR_CHK_FILE"
+ rm -f $NXT_JAR_CHK_FILE
+ fi
+
+ rm -f $NXT_JAR_CHK
+fi