commit 3d388ab15d8590905427e0d16ae6ef68086d4626
author Travis Geiselbrecht <geist@foobox.com> Sat May 21 10:58:13 2016 -0700
committer Travis Geiselbrecht <geist@foobox.com> Sat May 21 10:58:13 2016 -0700
tree a02094bdc23cbad3a5b1959fc687ebcbac3bf3af
parent 19c74695c203b623a688a863db646070300261ee
parent c3239fdbe9067685f37ce255ae84b40b896e3dd9

Merge branch 'pin_hashes' of https://github.com/teisenbe/toolchains

doit

diff --git a/doit b/doit
index 7c0aa20..8575a47 100755
--- a/doit
+++ b/doit
@@ -54,6 +54,8 @@
 
     TARFILE=${1}-${2}.tar$3
     TARGETDIR=${1}-${2}
+    HASH="$4"
+    PATCH="$5"
     if [ -f ${TARGETDIR}/.extracted ]; then
         log echo "$TARFILE already extracted into $TARGETDIR, skipping"
         return 0
@@ -63,13 +65,19 @@
         exit 1
     fi
 
+    echo "checking $TARFILE integrity"
+    if [ "$(shasum -a 256 -b "$ARCHIVES/$TARFILE" | cut -f1 -d' ')" != "$HASH" ]; then
+      log echo "$TARFILE failed integrity check"
+      exit 1
+    fi
+
     echo extracting $TARFILE
     rm -rf $TARGETDIR
     tar xf $ARCHIVES/$TARFILE || exit 1
 
-    if [ ! -z "$4" ]; then
+    if [ -n "$PATCH" ]; then
         log echo patching $1
-        log patch -d $TARGETDIR -p1 < $4 || exit 1
+        log patch -d $TARGETDIR -p1 < "$PATCH" || exit 1
     fi
 
     touch $TARGETDIR/.extracted || exit 1
@@ -167,12 +175,12 @@
 fi
 
 if [ ! -f .extracted-stamp ]; then
-    extract-tool binutils $BINVER .bz2 $PATCHES/binutils-patch.txt
-    extract-tool gcc $GCCVER .bz2 $PATCHES/gcc-patch.txt
-    extract-tool gdb $GDBVER .xz $PATCHES/gdb-patch.txt
-    extract-tool gmp $GMPVER .bz2
-    extract-tool mpc $MPCVER .gz
-    extract-tool mpfr $MPFRVER .bz2
+    extract-tool binutils $BINVER .bz2 $BINHASH $PATCHES/binutils-patch.txt
+    extract-tool gcc $GCCVER .bz2 $GCCHASH $PATCHES/gcc-patch.txt
+    extract-tool gdb $GDBVER .xz $GDBHASH $PATCHES/gdb-patch.txt
+    extract-tool gmp $GMPVER .bz2 $GMPHASH
+    extract-tool mpc $MPCVER .gz $MPCHASH
+    extract-tool mpfr $MPFRVER .bz2 $MPFRHASH
     touch .extracted-stamp
 fi
 

toolvers

diff --git a/toolvers b/toolvers
index 9ef40e1..dd54846 100644
--- a/toolvers
+++ b/toolvers
@@ -1,7 +1,14 @@
+# Rerun updatetoolvers after modifying this file
 GCCVER=5.3.0
 BINVER=2.26
 GDBVER=7.10.1
 GMPVER=5.1.3
 MPCVER=1.0.3
 MPFRVER=3.1.3
-
+# Below is autogenerated by updatetoolvers
+GCCHASH=b84f5592e9218b73dbae612b5253035a7b34a9a1f7688d2e1bfaaf7267d5c4db
+BINHASH=c2ace41809542f5237afc7e3b8f32bb92bc7bc53c6232a84463c423b0714ecd9
+GDBHASH=25c72f3d41c7c8554d61cacbeacd5f40993276d2ccdec43279ac546e3993d6d5
+GMPHASH=752079520b4690531171d0f4532e40f08600215feefede70b24fabdc6f1ab160
+MPCHASH=617decc6ea09889fb08ede330917a00b16809b8db88c29c31bfbb49cbf88ecc3
+MPFRHASH=f63bb459157cacd223caac545cb816bcdb5a0de28b809e7748b82e9eb89b0afd

updatetoolvers

diff --git a/updatetoolvers b/updatetoolvers
new file mode 100755
index 0000000..6cad08a
--- /dev/null
+++ b/updatetoolvers
@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# Change the version numbers in the toolvers file and then run this 
+# script to update the hashes
+
+ARCHIVES=archives
+GNU_MIRROR=https://mirrors.kernel.org/gnu
+TOOLVERS_FILE="toolvers"
+. "$TOOLVERS_FILE"
+
+function verify_sig() {
+  SIGFILE="$1"
+  ARCHIVE="$2"
+
+  if ! gpg -q --verify "$SIGFILE" "$ARCHIVE"; then
+    echo "Failed to verify $ARCHIVE, aborting"
+    exit 1
+  fi
+}
+
+function fetch_and_verify() {
+  PKG_URI_DIR="$1"
+  FILENAME="$2"
+
+  if [ ! -f "$ARCHIVES/$FILENAME" ]; then
+    wget -P "$ARCHIVES" -N "$PKG_URI_DIR/$FILENAME"
+  fi
+  if [ ! -f "$ARCHIVES/$FILENAME.sig" ]; then
+    wget -P "$ARCHIVES" -N "$PKG_URI_DIR/$FILENAME.sig"
+  fi
+
+  verify_sig "$ARCHIVES/$FILENAME.sig" "$ARCHIVES/$FILENAME"
+}
+
+
+fetch_and_verify "$GNU_MIRROR/binutils/" "binutils-$BINVER.tar.bz2"
+fetch_and_verify "$GNU_MIRROR/gcc/gcc-$GCCVER/" "gcc-$GCCVER.tar.bz2"
+fetch_and_verify "$GNU_MIRROR/gdb/" "gdb-$GDBVER.tar.xz"
+fetch_and_verify "$GNU_MIRROR/mpfr/" "mpfr-$MPFRVER.tar.bz2"
+fetch_and_verify "$GNU_MIRROR/mpc/" "mpc-$MPCVER.tar.gz"
+fetch_and_verify "$GNU_MIRROR/gmp/" "gmp-$GMPVER.tar.bz2"
+
+BINHASH=$(shasum -a 256 -b "$ARCHIVES/binutils-$BINVER.tar.bz2" | cut -f1 -d' ')
+GCCHASH=$(shasum -a 256 -b "$ARCHIVES/gcc-$GCCVER.tar.bz2" | cut -f1 -d' ')
+GDBHASH=$(shasum -a 256 -b "$ARCHIVES/gdb-$GDBVER.tar.xz" | cut -f1 -d' ')
+MPFRHASH=$(shasum -a 256 -b "$ARCHIVES/mpfr-$MPFRVER.tar.bz2" | cut -f1 -d' ')
+MPCHASH=$(shasum -a 256 -b "$ARCHIVES/mpc-$MPCVER.tar.gz" | cut -f1 -d' ')
+GMPHASH=$(shasum -a 256 -b "$ARCHIVES/gmp-$GMPVER.tar.bz2" | cut -f1 -d' ')
+
+tmp=$(mktemp)
+echo "# Rerun updatetoolvers after modifying this file" > "$tmp"
+echo "GCCVER=$GCCVER" >> "$tmp"
+echo "BINVER=$BINVER" >> "$tmp"
+echo "GDBVER=$GDBVER" >> "$tmp"
+echo "GMPVER=$GMPVER" >> "$tmp"
+echo "MPCVER=$MPCVER" >> "$tmp"
+echo "MPFRVER=$MPFRVER" >> "$tmp"
+
+echo "# Below is autogenerated by updatetoolvers" >> "$tmp"
+echo "GCCHASH=$GCCHASH" >> "$tmp"
+echo "BINHASH=$BINHASH" >> "$tmp"
+echo "GDBHASH=$GDBHASH" >> "$tmp"
+echo "GMPHASH=$GMPHASH" >> "$tmp"
+echo "MPCHASH=$MPCHASH" >> "$tmp"
+echo "MPFRHASH=$MPFRHASH" >> "$tmp"
+mv "$tmp" "$TOOLVERS_FILE"