From a77fb0e83930dc7671e67f302ceed04c7dd36b08 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Date: Tue, 15 Nov 2016 14:43:40 +0100
Subject: Adding sha512 verification to curl container create script.

Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
---
 share/scripts/curl | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/share/scripts/curl b/share/scripts/curl
index b84869c..b67cbd4 100755
--- a/share/scripts/curl
+++ b/share/scripts/curl
@@ -155,6 +155,30 @@ fi
 curl	--fail --location --progress-bar --user-agent container-tools/${VERSION} ${CURL_OPTIONS} \
 	"${SERVER}/${IMAGE}" -o "${CACHE}/${IMAGE}"
 
+curl	--fail --location --progress-bar --user-agent container-tools/${VERSION} ${CURL_OPTIONS} \
+	"${SERVER}/${IMAGE}.sha512" -o "${CACHE}/${IMAGE}.sha512"
+
+echo -n "Verifying ${IMAGE}.sha512"
+cd "${CACHE}"
+set +e
+
+sha512sum --check "${IMAGE}.sha512" --status
+SHA512SUM="${?}"
+
+case "${SHA512SUM}" in
+	0)
+		echo " ok."
+		;;
+
+	*)
+		echo " failed."
+		exit 1
+		;;
+esac
+
+set -e
+cd "${OLDPWD}"
+
 echo "Unpacking ${IMAGE}"
 mkdir -p "${MACHINES}/${NAME}"
 
@@ -200,5 +224,6 @@ echo "${NAME}: root password set to '${PASSWORD}'."
 case "${CLEAN}" in
 	true)
 		rm -f "${CACHE}/${IMAGE}"
+		rm -f "${CACHE}/${IMAGE}.sha512"
 		;;
 esac
-- 
cgit v1.2.3