From 76eeba59999307fc8e031167e6500d8267fd98c2 Mon Sep 17 00:00:00 2001 From: Braydon Fuller Date: Mon, 25 Apr 2016 16:04:49 -0400 Subject: [PATCH] build: verify bitcoin download --- .gitignore | 1 + package.json | 3 +- scripts/download | 111 +++++++++++++++++++++++++++++++++++++++++++++++ scripts/install | 53 ---------------------- 4 files changed, 114 insertions(+), 54 deletions(-) create mode 100755 scripts/download delete mode 100755 scripts/install diff --git a/.gitignore b/.gitignore index 8132c320..0e43f951 100644 --- a/.gitignore +++ b/.gitignore @@ -23,6 +23,7 @@ coverage/* *.log .DS_Store bin/bitcoin* +bin/SHA256SUMS.asc regtest/data/node1/regtest regtest/data/node2/regtest regtest/data/node3/regtest diff --git a/package.json b/package.json index 397eef17..fb4d1b2a 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,8 @@ "bitcore-node": "./bin/bitcore-node" }, "scripts": { - "install": "./scripts/install", + "preinstall": "./scripts/download", + "verify": "./scripts/download --skip-bitcoin-download --verify-bitcoin-download", "test": "NODE_ENV=test mocha -R spec --recursive", "regtest": "./scripts/regtest", "coverage": "NODE_ENV=test istanbul cover _mocha -- --recursive" diff --git a/scripts/download b/scripts/download new file mode 100755 index 00000000..220bf560 --- /dev/null +++ b/scripts/download @@ -0,0 +1,111 @@ +#!/bin/bash + +set -e + +root_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/.." +platform=`uname -a | awk '{print tolower($1)}'` +arch=`uname -m` +version="0.12.0" +url="https://github.com/braydonf/bitcoin/releases/download" +tag="v0.12.0-bitcore-beta6" + +if [ "${platform}" == "linux" ]; then + if [ "${arch}" == "x86_64" ]; then + tarball_name="bitcoin-${version}-linux64.tar.gz" + elif [ "${arch}" == "x86_32" ]; then + tarball_name="bitcoin-${version}-linux32.tar.gz" + fi +elif [ "${platform}" == "darwin" ]; then + tarball_name="bitcoin-${version}-osx64.tar.gz" +else + echo "Bitcoin binary distribution not available for platform and architecture" + exit -1 +fi + +binary_url="${url}/${tag}/${tarball_name}" +shasums_url="${url}/${tag}/SHA256SUMS.asc" + +download_bitcoind() { + + cd "${root_dir}/bin" + + echo "Downloading bitcoin: ${binary_url}" + + is_curl=true + if hash curl 2>/dev/null; then + curl --fail -I $binary_url >/dev/null 2>&1 + else + is_curl=false + wget --server-response --spider $binary_url >/dev/null 2>&1 + fi + + if test $? -eq 0; then + if [ "${is_curl}" = true ]; then + curl -L $binary_url > $tarball_name + curl -L $shasums_url > SHA256SUMS.asc + else + wget $binary_url + wget $shasums_url + fi + if test -e "${tarball_name}"; then + echo "Unpacking bitcoin distribution" + tar -xvzf $tarball_name + if test $? -eq 0; then + ln -sf "bitcoin-${version}/bin/bitcoind" + return; + fi + fi + fi + echo "Bitcoin binary distribution could not be downloaded" + exit -1 +} + +verify_download() { + echo "Verifying signatures of bitcoin download" + gpg --verify "${root_dir}/bin/SHA256SUMS.asc" + + if hash shasum 2>/dev/null; then + shasum_cmd="shasum -a 256" + else + shasum_cmd="sha256sum" + fi + + download_sha=$(${shasum_cmd} "${root_dir}/bin/${tarball_name}" | awk '{print $1}') + expected_sha=$(cat "${root_dir}/bin/SHA256SUMS.asc" | grep "${tarball_name}" | awk '{print $1}') + echo "Checksum (download): ${download_sha}" + echo "Checksum (verified): ${expected_sha}" + if [ "${download_sha}" != "${expected_sha}" ]; then + echo -e "\033[1;31mChecksums did NOT match!\033[0m\n" + exit 1 + else + echo -e "\033[1;32mChecksums matched!\033[0m\n" + fi +} + +download=1 +verify=0 + +while [ -n "$1" ]; do + param="$1" + value="$2" + + case $param in + --skip-bitcoin-download) + download=0 + ;; + --verify-bitcoin-download) + verify=1 + ;; + esac + shift +done + +if [ "${download}" = 1 ]; then + download_bitcoind +fi + +if [ "${verify}" = 1 ]; then + verify_download +fi + +exit 0 diff --git a/scripts/install b/scripts/install deleted file mode 100755 index aa76aed6..00000000 --- a/scripts/install +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash - -root_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/.." -platform=`uname -a | awk '{print tolower($1)}'` -arch=`uname -m` -version="0.12.0" -url="https://github.com/braydonf/bitcoin/releases/download" -tag="v0.12.0-bitcore-beta4" - -cd "${root_dir}/bin" - -if [ "${platform}" == "linux" ]; then - if [ "${arch}" == "x86_64" ]; then - tarball_name="bitcoin-${version}-linux64.tar.gz" - elif [ "${arch}" == "x86_32" ]; then - tarball_name="bitcoin-${version}-linux32.tar.gz" - fi -elif [ "${platform}" == "darwin" ]; then - tarball_name="bitcoin-${version}-osx64.tar.gz" -else - echo "Bitcoin binary distribution not available for platform and architecture" - exit -1 -fi - -binary_url="${url}/${tag}/${tarball_name}" - -echo "Downloading bitcoin: ${binary_url}" - -is_curl=true -if hash curl 2>/dev/null; then - curl --fail -I $binary_url >/dev/null 2>&1 -else - is_curl=false - wget --server-response --spider $binary_url >/dev/null 2>&1 -fi - -if test $? -eq 0; then - if [ "${is_curl}" = true ]; then - curl -L $binary_url > $tarball_name - else - wget $binary_url - fi - if test -e "${tarball_name}"; then - echo "Unpacking bitcoin distribution" - tar -xvzf $tarball_name - if test $? -eq 0; then - ln -sf "bitcoin-${version}/bin/bitcoind" - exit 0 - fi - fi -fi -echo "Bitcoin binary distribution could not be downloaded" -exit -1