Skip to content

Commit

Permalink
Merge pull request #3482 from kolyshkin/seccomp-sha
Browse files Browse the repository at this point in the history 
script/seccomp.sh: check tarball sha256
  • Loading branch information
@kolyshkin
kolyshkin authored May 27, 2022
2 parents e1889c4 + e1d04cd commit 1505379
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion script/seccomp.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@ set -e -u -o pipefail
# shellcheck source=./script/lib.sh
source "$(dirname "${BASH_SOURCE[0]}")/lib.sh"

# sha256 checksums for seccomp release tarballs.
declare -A SECCOMP_SHA256=(
["2.5.4"]=d82902400405cf0068574ef3dc1fe5f5926207543ba1ae6f8e7a1576351dcbdb
)

# Due to libseccomp being LGPL we must include its sources,
# so download, install and build against it.
# Parameters:
Expand All @@ -19,8 +24,10 @@ function build_libseccomp() {
local arches=("$@")
local tar="libseccomp-${ver}.tar.gz"

# Download and extract.
# Download, check, and extract.
wget "https://github.com/seccomp/libseccomp/releases/download/v${ver}/${tar}"{,.asc}
sha256sum --strict --check - <<<"${SECCOMP_SHA256[${ver}]} *${tar}"

local srcdir
srcdir="$(mktemp -d)"
tar xf "$tar" -C "$srcdir"
Expand Down

0 comments on commit 1505379

Please sign in to comment.