Skip to content

Commit 6270d62

Browse files
TheBlueMattTheBlueMatt
committed
Verify binaries from bitcoincore.org and bitcoin.org
1 parent b750b33 commit 6270d62

File tree

1 file changed

+25
-6
lines changed

1 file changed

+25
-6
lines changed

contrib/verifybinaries/verify.sh

Lines changed: 25 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,8 @@
33
# Distributed under the MIT software license, see the accompanying
44
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
55

6-
### This script attempts to download the signature file SHA256SUMS.asc from bitcoin.org
6+
### This script attempts to download the signature file SHA256SUMS.asc from
7+
### bitcoincore.org and bitcoin.org and compares them.
78
### It first checks if the signature passes, and then downloads the files specified in
89
### the file, and checks if the hashes of these files match those that are specified
910
### in the signature file.
@@ -22,7 +23,9 @@ TMPFILE="hashes.tmp"
2223

2324
SIGNATUREFILENAME="SHA256SUMS.asc"
2425
RCSUBDIR="test"
25-
BASEDIR="https://bitcoin.org/bin/"
26+
HOST1="https://bitcoincore.org"
27+
HOST2="https://bitcoin.org"
28+
BASEDIR="/bin/"
2629
VERSIONPREFIX="bitcoin-core-"
2730
RCVERSIONSTRING="rc"
2831

@@ -81,7 +84,7 @@ else
8184
fi
8285

8386
#first we fetch the file containing the signature
84-
WGETOUT=$(wget -N "$BASEDIR$SIGNATUREFILENAME" 2>&1)
87+
WGETOUT=$(wget -N "$HOST1$BASEDIR$SIGNATUREFILENAME" 2>&1)
8588

8689
#and then see if wget completed successfully
8790
if [ $? -ne 0 ]; then
@@ -92,6 +95,22 @@ if [ $? -ne 0 ]; then
9295
exit 2
9396
fi
9497

98+
WGETOUT=$(wget -N -O "$SIGNATUREFILENAME.2" "$HOST2$BASEDIR$SIGNATUREFILENAME" 2>&1)
99+
if [ $? -ne 0 ]; then
100+
echo "bitcoin.org failed to provide signature file, but bitcoincore.org did?"
101+
echo "wget output:"
102+
echo "$WGETOUT"|sed 's/^/\t/g'
103+
clean_up $SIGNATUREFILENAME
104+
exit 3
105+
fi
106+
107+
SIGFILEDIFFS="$(diff $SIGNATUREFILENAME $SIGNATUREFILENAME.2)"
108+
if [ "$SIGFILEDIFFS" != "" ]; then
109+
echo "bitcoin.org and bitcoincore.org signature files were not equal?"
110+
clean_up $SIGNATUREFILENAME $SIGNATUREFILENAME.2
111+
exit 4
112+
fi
113+
95114
#then we check it
96115
GPGOUT=$(gpg --yes --decrypt --output "$TMPFILE" "$SIGNATUREFILENAME" 2>&1)
97116

@@ -111,7 +130,7 @@ if [ $RET -ne 0 ]; then
111130

112131
echo "gpg output:"
113132
echo "$GPGOUT"|sed 's/^/\t/g'
114-
clean_up $SIGNATUREFILENAME $TMPFILE
133+
clean_up $SIGNATUREFILENAME $SIGNATUREFILENAME.2 $TMPFILE
115134
exit "$RET"
116135
fi
117136

@@ -131,7 +150,7 @@ FILES=$(awk '{print $2}' "$TMPFILE")
131150
for file in $FILES
132151
do
133152
echo "Downloading $file"
134-
wget --quiet -N "$BASEDIR$file"
153+
wget --quiet -N "$HOST1$BASEDIR$file"
135154
done
136155

137156
#check hashes
@@ -149,7 +168,7 @@ fi
149168

150169
if [ -n "$2" ]; then
151170
echo "Clean up the binaries"
152-
clean_up $FILES $SIGNATUREFILENAME $TMPFILE
171+
clean_up $FILES $SIGNATUREFILENAME $SIGNATUREFILENAME.2 $TMPFILE
153172
else
154173
echo "Keep the binaries in $WORKINGDIR"
155174
clean_up $TMPFILE

0 commit comments

Comments
 (0)