From da52594639ac9c096c58d385310db81b2d28dd13 Mon Sep 17 00:00:00 2001
From: nwhitehorn <nwhitehorn@FreeBSD.org>
Date: Sun, 13 Mar 2011 17:15:31 +0000
Subject: Add generation of an installation manifest containing SHA256
 checksums as well as package descriptions and add code in the installer to
 check the checksums.

---
 usr.sbin/bsdinstall/scripts/Makefile |  4 +--
 usr.sbin/bsdinstall/scripts/auto     | 34 +++++++++----------
 usr.sbin/bsdinstall/scripts/checksum | 65 ++++++++++++++++++++++++++++++++++++
 3 files changed, 82 insertions(+), 21 deletions(-)
 create mode 100755 usr.sbin/bsdinstall/scripts/checksum

(limited to 'usr.sbin')

diff --git a/usr.sbin/bsdinstall/scripts/Makefile b/usr.sbin/bsdinstall/scripts/Makefile
index d68ea5a..b1a49ad 100644
--- a/usr.sbin/bsdinstall/scripts/Makefile
+++ b/usr.sbin/bsdinstall/scripts/Makefile
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
-SCRIPTS= auto adduser config hostname jail keymap mount netconfig rootpass \
-	 services time umount wlanconfig
+SCRIPTS= auto adduser checksum config hostname jail keymap mount netconfig \
+	 rootpass services time umount wlanconfig
 BINDIR= /usr/libexec/bsdinstall
 
 NO_MAN=	true
diff --git a/usr.sbin/bsdinstall/scripts/auto b/usr.sbin/bsdinstall/scripts/auto
index a4c5c82..a857edc 100755
--- a/usr.sbin/bsdinstall/scripts/auto
+++ b/usr.sbin/bsdinstall/scripts/auto
@@ -50,26 +50,21 @@ bsdinstall keymap
 trap error SIGINT	# Catch cntrl-C here
 bsdinstall hostname || error
 
-LIB32=""
-[ `uname -p` = amd64 -o `uname -p` = powerpc64 ] && \
-    LIB32="lib32 \"32-bit compatibility\" on"
-
-DISTMENU="doc	\"Additional documentation\" on \
-	games	\"Games (fortune, etc.)\" on \
-	$LIB32 \
-	ports	\"Ports tree\" on \
-	src	\"System source code\" off"
-
-exec 3>&1
-EXTRA_DISTS=$(echo $DISTMENU | xargs dialog --backtitle "FreeBSD Installer" \
-    --title "Distribution Select" --nocancel --separate-output \
-    --checklist "Choose optional system components to install:" \
-    0 0 0 \
-2>&1 1>&3)
 export DISTRIBUTIONS="base.txz kernel.txz"
-for dist in $EXTRA_DISTS; do
-	export DISTRIBUTIONS="$DISTRIBUTIONS $dist.txz"
-done
+if [ -f $BSDINSTALL_DISTDIR/MANIFEST ]; then
+	DISTMENU=`cut -f 4,5,6 $BSDINSTALL_DISTDIR/MANIFEST | grep -v -e ^kernel -e ^base`
+
+	exec 3>&1
+	EXTRA_DISTS=$(echo $DISTMENU | xargs dialog \
+	    --backtitle "FreeBSD Installer" \
+	    --title "Distribution Select" --nocancel --separate-output \
+	    --checklist "Choose optional system components to install:" \
+	    0 0 0 \
+	2>&1 1>&3)
+	for dist in $EXTRA_DISTS; do
+		export DISTRIBUTIONS="$DISTRIBUTIONS $dist.txz"
+	done
+fi
 
 FETCH_DISTRIBUTIONS=""
 for dist in $DISTRIBUTIONS; do
@@ -131,6 +126,7 @@ if [ ! -z "$FETCH_DISTRIBUTIONS" ]; then
 	export DISTRIBUTIONS="$ALL_DISTRIBUTIONS"
 fi
 
+bsdinstall checksum || error
 bsdinstall distextract || error
 bsdinstall rootpass || error
 
diff --git a/usr.sbin/bsdinstall/scripts/checksum b/usr.sbin/bsdinstall/scripts/checksum
new file mode 100755
index 0000000..7538da1
--- /dev/null
+++ b/usr.sbin/bsdinstall/scripts/checksum
@@ -0,0 +1,65 @@
+#!/bin/sh
+#-
+# Copyright (c) 2011 Nathan Whitehorn
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# $FreeBSD$
+
+test -f $BSDINSTALL_DISTDIR/MANIFEST || exit 0
+
+percentage=0
+for dist in $DISTRIBUTIONS; do
+	distname=$(basename $dist .txz)
+	eval "status_$distname=7"
+	
+	items=""
+	for i in $DISTRIBUTIONS; do
+		items="$items $i `eval echo \\\${status_$(basename $i .txz):-Pending}`"
+	done
+	dialog --backtitle "FreeBSD Installer" --title "Checksum Verification" \
+	    --mixedgauge "Verifying checksums of selected distributions." \
+	    0 0 $percentage $items
+
+	CK=`sha256 -q $BSDINSTALL_DISTDIR/$dist`
+	awk -v checksum=$CK -v dist=$dist '{
+		if (dist == $1) {
+			if (checksum == $2)
+				exit(0)
+			else
+				exit(1)
+		}
+	}' $BSDINSTALL_DISTDIR/MANIFEST
+
+	if [ $? -eq 0 ]; then
+		eval "status_$distname=2"
+		percentage=$(echo $percentage + 100/`echo $DISTRIBUTIONS | wc -w` | bc)
+	else
+		eval "status_$distname=1"
+		dialog --backtitle "FreeBSD Installer" --title "Error" \
+		    --msgbox "The checksum for $dist does not match. It may have become corrupted, and should be redownloaded." 0 0
+		exit 1
+	fi
+done
+
+exit 0
-- 
cgit v1.1