Skip to content

Commit

Permalink
Merge pull request #9 from matyasselmeci/wip/sw3463-updatecertsfix
Browse files Browse the repository at this point in the history 
Fixes for osg-update-certs
  • Loading branch information
@matyasselmeci
matyasselmeci authored Nov 6, 2018
2 parents 320d6b7 + 205cd55 commit c6b3041
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 23 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
# ------------------------------------------------------------------------------

PACKAGE := osg-ca-scripts
VERSION := 1.2.3
VERSION := 1.2.4


# ------------------------------------------------------------------------------
Expand Down
13 changes: 10 additions & 3 deletions bin/osg-ca-certs-status
View file
Original file line number Diff line number Diff line change
Expand Up @@ -174,9 +174,16 @@ sub print_full_info {
my $name = $1;
chomp(my @fetch_crl_files = `rpm -ql $name`);
my $init_script = (grep(m{^/etc.*init.d/fetch-crl.*-cron}, @fetch_crl_files))[0];
my $cron_service = basename($init_script);
my $exit_status = system("/sbin/service $cron_service status >/dev/null 2>&1");
push @installed_cron_services, $cron_service if $exit_status == 0;
my $service_file = (grep(m{^/usr/lib/systemd/system/fetch-crl-cron.service}, @fetch_crl_files))[0];
if ($init_script) {
my $cron_service = basename($init_script);
my $exit_status = system("/sbin/service $cron_service status >/dev/null 2>&1");
push @installed_cron_services, $cron_service if $exit_status == 0;
}
elsif ($service_file) { # systemd
my $exit_status = system("systemctl status fetch-crl-cron >/dev/null 2>&1");
push @installed_cron_services, "fetch-crl-cron";
}
}
}
if (@installed_cron_services) {
Expand Down
8 changes: 2 additions & 6 deletions lib/OSGCerts.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -310,15 +310,11 @@ sub fetch_ca_description {
$missing_info++;
}

if (!defined $description->{tarball_md5sum}) {
log_msg("Bad description: tarball_md5sum was not specified\n");
if (!(defined $description->{tarball_md5sum} || defined $description->{tarball_sha256sum})) {
log_msg("Bad description: neither tarball_md5sum nor tarball_sha256sum were specified\n");
$missing_info++;
}

if (!defined $description->{tarball_sha256sum}) {
log_msg("Description missing: tarball_sha256sum was not specified\n");
}

if($missing_info != 0) {
log_msg("The description file is incomplete.\n");
$description->{valid} = 0;
Expand Down
9 changes: 6 additions & 3 deletions rpm/osg-ca-scripts.spec
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
Name: osg-ca-scripts
Version: 1.2.3
Version: 1.2.4
Release: 1%{?dist}
Summary: CA Certificate helper scripts

Expand Down Expand Up @@ -77,10 +77,13 @@ install -d $RPM_BUILD_ROOT%{_localstatedir}/lib/osg-ca-certs
%dir %attr(0755,root,root) %{_localstatedir}/lib/osg-ca-certs

%changelog
* Mon Apr 16 2018 Brian Lin <[email protected]> 1.2.3-1>
* Tue Nov 06 2018 Mátyás Selmeci <[email protected]> 1.2.4-1
- Fix error when md5 tarball checksums are missing (SOFTWARE-3463)

* Mon Apr 16 2018 Brian Lin <[email protected]> 1.2.3-1
- Update references to grid.iu.edu to opensciencegrid.org

* Mon Dec 11 2017 Edgar Fajardo <[email protected]> 1.2.2-1>
* Mon Dec 11 2017 Edgar Fajardo <[email protected]> 1.2.2-1
- Bumping version number in the Makefile

* Fri Dec 08 2017 Edgar Fajardo <[email protected]> 1.2.1-1
Expand Down
19 changes: 9 additions & 10 deletions sbin/osg-update-certs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -592,10 +592,12 @@ sub dump_description {
" Certs version: '$description->{certsversion}'",
" Version info: '$description->{versiondesc}",
" Tarball: '$description->{tarball}'",
" Tarball MD5 Sum: '$description->{tarball_md5sum}'",
" Timestamp: '$description->{timestamp}'");
if (defined $description->{tarball_md5sum}) {
log_msg(" Tarball MD5 Sum: '$description->{tarball_md5sum}'")
}
if (defined $description->{tarball_sha256sum}) {
log_msg(" Tarball SHA256 Sum: '$description->{tarball_sha256sum}'"),
log_msg(" Tarball SHA256 Sum: '$description->{tarball_sha256sum}'")
}
}

Expand Down Expand Up @@ -624,9 +626,8 @@ sub verify_certs_tarball {
my $tarball_pathname = $_[1];


my $sha256sum = sha256sum($tarball_pathname);

if (defined $description->{tarball_sha256sum}) {
my $sha256sum = sha256sum($tarball_pathname);
if ($sha256sum eq $description->{tarball_sha256sum}) {
log_msg("Tarball seems uncorrupted: sha256 checksum is $sha256sum\n");
return 1;
Expand All @@ -636,10 +637,8 @@ sub verify_certs_tarball {
return 0;
}
}

my $md5sum = md5sum($tarball_pathname);

if($md5sum) {
elsif (defined $description->{tarball_md5sum}) {
my $md5sum = md5sum($tarball_pathname);
if ($md5sum eq $description->{tarball_md5sum}) {
log_msg("Tarball seems uncorrupted: MD5 checksum is $md5sum\n");
return 1;
Expand All @@ -650,8 +649,8 @@ sub verify_certs_tarball {
}
}
else {
log_msg("md5sum is unavailable, so we assume certs tarball is good.");
return 1;
log_msg("Description is broken: no checksums defined.");
return 0;
}
}

Expand Down

0 comments on commit c6b3041

Please sign in to comment.