LUCENE-3945: use sha1 checksums to verify jars pulled from ivy match expectations

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1309503 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Chris M. Hostetter 2012-04-04 17:53:32 +00:00
parent 083829171a
commit bb7bc2ff44
103 changed files with 202 additions and 21 deletions
lucene
modules
solr
build.xmlcommon-build.xml
contrib
example
lib

View File

@ -53,6 +53,8 @@
<property name="year" value="2000-${current.year}"/>
<property name="final.name" value="lucene-${name}-${version}"/>
<property name="common.classpath.excludes" value="**/*.txt,**/*.template,**/*.sha1" />
<property name="ivy.bootstrap.version" value="2.2.0" />
<property name="ivy.resource" value="org/apache/ivy/ant/antlib.xml" />
<available resource="${ivy.resource}" property="ivy.available" />

View File

@ -0,0 +1 @@
3fc542fe8bb8164e8d3e840fe7403bc0518053c0

View File

@ -0,0 +1 @@
0ea514a179ac1dd7e81c7e6594468b9b9910d298

View File

@ -0,0 +1 @@
1d33711018e7649a8427fff62a87f94f4e7d310f

View File

@ -0,0 +1 @@
942d04e42bc6a9fc61a7744625d89726af8ec006

View File

@ -0,0 +1 @@
e4f1766ce7404a08f45d859fb9c226fc9e41a861

View File

@ -18,6 +18,11 @@ package org.apache.lucene.validation;
*/
import java.io.File;
import java.io.FileInputStream;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashMap;
@ -25,6 +30,10 @@ import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.security.DigestInputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.tools.ant.BuildException;
import org.apache.tools.ant.Project;
import org.apache.tools.ant.Task;
@ -36,10 +45,15 @@ import org.apache.tools.ant.types.resources.Resources;
import org.apache.tools.ant.util.FileNameMapper;
/**
* An ANT task that verifies if JAR file have associated <tt>LICENSE</tt>
* and <tt>NOTICE</tt> files.
* An ANT task that verifies if JAR file have associated <tt>LICENSE</tt>,
* <tt>NOTICE</tt>, and <tt>sha1</tt> files.
*/
public class LicenseCheckTask extends Task {
public final static String CHECKSUM_TYPE = "sha1";
private static final int CHECKSUM_BUFFER_SIZE = 8 * 1024;
private static final int CHECKSUM_BYTE_MASK = 0xFF;
/**
* All JAR files to check.
*/
@ -120,7 +134,7 @@ public class LicenseCheckTask extends Task {
}
File jarFile = ((FileResource) r).getFile();
if (!checkJarFile(jarFile)) {
if (! checkJarFile(jarFile) ) {
errors++;
}
checked++;
@ -138,6 +152,50 @@ public class LicenseCheckTask extends Task {
private boolean checkJarFile(File jarFile) {
log("Scanning: " + jarFile.getPath(), verboseLevel);
// validate the jar matches against our expected hash
final File checksumFile = new File(jarFile.getParent(),
jarFile.getName() + "." + CHECKSUM_TYPE);
if (! (checksumFile.exists() && checksumFile.canRead()) ) {
log("MISSING " +CHECKSUM_TYPE+ " checksum file for: " + jarFile.getPath(), Project.MSG_ERR);
this.failures = true;
return false;
} else {
final String expectedChecksum = readChecksumFile(checksumFile);
try {
final MessageDigest md = MessageDigest.getInstance(CHECKSUM_TYPE);
byte[] buf = new byte[CHECKSUM_BUFFER_SIZE];
try {
FileInputStream fis = new FileInputStream(jarFile);
try {
DigestInputStream dis = new DigestInputStream(fis, md);
try {
while (dis.read(buf, 0, CHECKSUM_BUFFER_SIZE) != -1) {
// NOOP
}
} finally {
dis.close();
}
} finally {
fis.close();
}
} catch (IOException ioe) {
throw new BuildException("IO error computing checksum of file: " + jarFile, ioe);
}
final byte[] checksumBytes = md.digest();
final String checksum = createChecksumString(checksumBytes);
if ( ! checksum.equals(expectedChecksum) ) {
log("CHECKSUM FAILED for " + jarFile.getPath() +
" (expected: \"" + expectedChecksum + "\" was: \"" + checksum + "\")",
Project.MSG_ERR);
this.failures = true;
return false;
}
} catch (NoSuchAlgorithmException ae) {
throw new BuildException("Digest type " + CHECKSUM_TYPE + " not supported by your JVM", ae);
}
}
// Get the expected license path base from the mapper and search for license files.
Map<File, LicenseType> foundLicenses = new LinkedHashMap<File, LicenseType>();
List<File> expectedLocations = new ArrayList<File>();
@ -193,4 +251,32 @@ outer:
return true;
}
private static final String createChecksumString(byte[] digest) {
StringBuilder checksum = new StringBuilder();
for (int i = 0; i < digest.length; i++) {
checksum.append(String.format(Locale.ENGLISH, "%02x",
CHECKSUM_BYTE_MASK & digest[i]));
}
return checksum.toString();
}
private static final String readChecksumFile(File f) {
BufferedReader reader = null;
try {
reader = new BufferedReader(new InputStreamReader
(new FileInputStream(f), "UTF-8"));
try {
String checksum = reader.readLine();
if (null == checksum || 0 == checksum.length()) {
throw new BuildException("Failed to find checksum in file: " + f);
}
return checksum;
} finally {
reader.close();
}
} catch (IOException e) {
throw new BuildException("IO error reading checksum file: " + f, e);
}
}
}

View File

@ -0,0 +1 @@
654b7021e7bb6c5b7b35c88d23cac1022c7b3d6b

View File

@ -0,0 +1 @@
1513ee81494d7856f607ff8fffc74b4c6cbe0d48

View File

@ -0,0 +1 @@
ee23a00580efe973aafa6f2c225e52951832901b

View File

@ -0,0 +1 @@
eba98b7cd049e07d55a64b180345954b62e42ec5

View File

@ -0,0 +1 @@
b7f0fc8f61ecadeb3695f0b9464755eee44374d4

View File

@ -0,0 +1 @@
cd02db9e8d54decb14cbe303d001d13735237290

View File

@ -0,0 +1 @@
d7b0fd616c4289376c1f59e2a68edfb4cfd6730d

View File

@ -0,0 +1 @@
99bf8d75b71410e4d5f2051ae79942721b3a2f60

View File

@ -0,0 +1 @@
45b5ec6a16d73d98fe370cfc2e8253bddc6a297e

View File

@ -0,0 +1 @@
7bc7e49ddfe4fb5f193ed37ecc96c12292c8ceb6

View File

@ -0,0 +1 @@
8c0fa2cdb51f30a4f846cd60507b190e983f175a

View File

@ -415,7 +415,7 @@
excludes="lib/README.committers.txt **/data/ **/logs/*
**/classes/ **/*.sh **/ivy.xml **/build.xml
**/bin/ **/*.iml **/*.ipr **/*.iws **/pom.xml
**/*pom.xml.template" />
**/*pom.xml.template **/*.sha1" />
<tarfileset dir="${dest}/contrib-lucene-libs-to-package"
prefix="${fullnamever}"
includes="**" />
@ -426,7 +426,7 @@
<tarfileset dir="."
prefix="${fullnamever}"
includes="dist/*.jar dist/*.war dist/solrj-lib/*"
excludes="**/*.tgz **/*.zip **/*.md5 **/*src*.jar **/*docs*.jar" />
excludes="**/*.tgz **/*.zip **/*.md5 **/*src*.jar **/*docs*.jar **/*.sha1" />
<tarfileset dir="${dest}/docs"
prefix="${fullnamever}/docs" />
</tar>

View File

@ -59,14 +59,14 @@
</and>
</condition>
<path id="additional.dependencies">
<fileset dir="${common-solr.dir}/lib" excludes="*.txt,*.template"/>
<fileset dir="${common-solr.dir}/example/lib" excludes="*.txt,*.template"/>
<fileset dir="lib" excludes="*.txt,*.template" erroronmissingdir="false"/>
</path>
<import file="${common-solr.dir}/../lucene/contrib/contrib-build.xml"/>
<path id="additional.dependencies">
<fileset dir="${common-solr.dir}/lib" excludes="${common.classpath.excludes}"/>
<fileset dir="${common-solr.dir}/example/lib" excludes="${common.classpath.excludes}"/>
<fileset dir="lib" excludes="${common.classpath.excludes}" erroronmissingdir="false"/>
</path>
<!-- Solr Specification Version
This will be used in the Manifest file, and therefore must

View File

@ -26,7 +26,7 @@
<import file="../contrib-build.xml"/>
<path id="classpath">
<fileset dir="lib" excludes="*.txt"/>
<fileset dir="lib" excludes="${common.classpath.excludes}"/>
<pathelement path="${analyzers-icu.jar}"/>
<pathelement path="${analyzers-smartcn.jar}"/>
<pathelement path="${analyzers-stempel.jar}"/>

View File

@ -0,0 +1 @@
654b7021e7bb6c5b7b35c88d23cac1022c7b3d6b

View File

@ -0,0 +1 @@
33a9a1191909f70ad3d1b81433015c594b8ccac8

View File

@ -0,0 +1 @@
ff4f2b0a5b6659fce67644ce620b9ac3f183ddd9

View File

@ -0,0 +1 @@
11bc06af8fb695664f042bede95143a1859160c5

View File

@ -0,0 +1 @@
4e0a4619f999f28cd599d8524a1bb0095ddaa2fb

View File

@ -0,0 +1 @@
b03c002a2e4e7116fd897fc3ad354d791ecf91f0

View File

@ -0,0 +1 @@
208be551a80d8dd9ce971f44f9dedd18bf2b9256

View File

@ -0,0 +1 @@
314910df77771b33c481a175fbde56fd9295d58a

View File

@ -55,8 +55,8 @@
<path id="classpath">
<pathelement location="${common-solr.dir}/build/contrib/solr-dataimporthandler/classes/java"/>
<pathelement location="${common-solr.dir}/build/contrib/solr-dataimporthandler/classes/test"/>
<fileset dir="${common-solr.dir}/contrib/dataimporthandler/lib" excludes="*.txt"/>
<fileset dir="${common-solr.dir}/contrib/extraction/lib" excludes="*.txt"/>
<fileset dir="${common-solr.dir}/contrib/dataimporthandler/lib" excludes="${common.classpath.excludes}"/>
<fileset dir="${common-solr.dir}/contrib/extraction/lib" excludes="${common.classpath.excludes}"/>
<path refid="solr.base.classpath"/>
</path>

View File

@ -0,0 +1 @@
e6cb541461c2834bdea3eb920f1884d1eb508b50

View File

@ -0,0 +1 @@
8b7bc69010655425dabf091b51d1e90b4de36715

View File

@ -0,0 +1 @@
a06e8c6d9fa4063df541427686e9f070377b7b8e

View File

@ -0,0 +1 @@
f0cbe6fd6f8d21843e6646c2d6490a58f60078a9

View File

@ -0,0 +1 @@
c157def142714c544bdea2e6144645702adf7097

View File

@ -0,0 +1 @@
3aed7e642dd8d39dc14ed1dec3ff79e084637148

View File

@ -0,0 +1 @@
7741883cb07b4634e8b5fd3337113b6ea770a9bb

View File

@ -0,0 +1 @@
f62cb75ed52455a9e68d1d05b84c500673340eb2

View File

@ -0,0 +1 @@
613a08bc72e2e9a43c9f87b9ff8352b47e18e3ae

View File

@ -0,0 +1 @@
5d3ccc056b6f056dbf0dddfdf43894b9065a8f94

View File

@ -0,0 +1 @@
c59ede61204faa09c407a6b1c64a6e21d6f57548

View File

@ -0,0 +1 @@
654b7021e7bb6c5b7b35c88d23cac1022c7b3d6b

View File

@ -0,0 +1 @@
a2ac1cd690ab4c80defe7f9bce14d35934c35cec

View File

@ -0,0 +1 @@
b4c612d88a2a86e540edbf1125b1f095513cd65e

View File

@ -0,0 +1 @@
f1c0f6c2ebfbe2b11dd04559ad438728e4636d53

View File

@ -0,0 +1 @@
0f3c3f3db4c54483aa1fbc4497e300879ce24da1

View File

@ -0,0 +1 @@
4fdc454f4925cca53a7140bfc7a61c74f80b2dd8

View File

@ -0,0 +1 @@
cf57ad427c460f98f07817c07251c0d30098cbb8

View File

@ -0,0 +1 @@
7510bbf8caab4d0ef21019d55d61d085caa28c86

View File

@ -0,0 +1 @@
66d5f90e1d75cf124db27c95ff686d6c8ef7ef04

View File

@ -0,0 +1 @@
82ba64e839f28aa231f9f3a5f44ec5cb094f510c

View File

@ -0,0 +1 @@
dee2705dd01e79a5a96a17225f5a1ae30470bb18

View File

@ -0,0 +1 @@
5584627487e984c03456266d3f8802eb85a9ce97

View File

@ -0,0 +1 @@
d328115f8bdee0ec5ac45e76154e310b5b0f48a4

View File

@ -0,0 +1 @@
f4c14199c71d85207375f43f681d2f94cec38545

View File

@ -0,0 +1 @@
25101e37ec0c907db6f0612cbf106ee519c1aef1

View File

@ -0,0 +1 @@
3136ca936f64c9d68529f048c2618bd356bf85c9

View File

@ -0,0 +1 @@
8704dcf5c9f10265a08f5020b0fab70eb64ac3c4

View File

@ -26,8 +26,8 @@
<import file="../contrib-build.xml"/>
<path id="classpath">
<fileset dir="../extraction/lib" excludes="*.txt,*.template"/>
<fileset dir="lib" excludes="*.txt,*.template"/>
<fileset dir="../extraction/lib" excludes="${common.classpath.excludes}"/>
<fileset dir="lib" excludes="${common.classpath.excludes}"/>
<path refid="solr.base.classpath"/>
</path>

View File

@ -0,0 +1 @@
9efb491fa27424c5e4773db449e8a2c551a75de5

View File

@ -0,0 +1 @@
99091df19fff62f815d56d23b412610baf38fe97

View File

@ -0,0 +1 @@
e9ce9874276b0a7dc57f55d87d4e550d970533f6

View File

@ -0,0 +1 @@
cb0e8a49d53ea7ce7a2b71a915aa728b90ae39df

View File

@ -0,0 +1 @@
cd02db9e8d54decb14cbe303d001d13735237290

View File

@ -0,0 +1 @@
d7b0fd616c4289376c1f59e2a68edfb4cfd6730d

View File

@ -0,0 +1 @@
3dbd8a76683cd563583a2c78c356ad8b8acf38bf

View File

@ -0,0 +1 @@
99bf8d75b71410e4d5f2051ae79942721b3a2f60

View File

@ -0,0 +1 @@
5675fd96b29656504b86029551973d60fb41339b

View File

@ -0,0 +1 @@
761ea405b9b37ced573d2df0d1e3a4e0f9edc668

View File

@ -0,0 +1 @@
fcc58693dd8fc83d714fba149789be37cc19b66d

View File

@ -0,0 +1 @@
69936384de86857018b023a8c56ae0635c56b6a0

View File

@ -0,0 +1 @@
7e9978fdb754bce5fcd5161133e7734ecb683036

View File

@ -0,0 +1 @@
545d335d2f6d5e195939528f6a37f23abad4f58f

View File

@ -0,0 +1 @@
79b1ef70ba4bb4c05d35516f795ff306a96bb25a

View File

@ -0,0 +1 @@
650858c9c7344da2455b60069224ee148a80bdc5

View File

@ -0,0 +1 @@
2da8e10c38250f713764a31bc4b7dbc58983de0e

View File

@ -0,0 +1 @@
049299fdc468aec112070369513f363447c12e76

View File

@ -0,0 +1 @@
3a559bfb2788e71b4469631497c58c93ba273259

View File

@ -0,0 +1 @@
5d56afa0f80e90aa40c5af42b4f7b82992794f1f

View File

@ -0,0 +1 @@
d855e7a18f0381b6128ccf4563355e969f826433

View File

@ -0,0 +1 @@
d14aef3cae042cd9716fb109d1205bfd84248956

View File

@ -0,0 +1 @@
436ed4d774f26ac348e4a84938af19130b8f9773

View File

@ -0,0 +1 @@
ade750a7b75b6ce58c6e50347b2c1e6dafc1eb4b

View File

@ -0,0 +1 @@
0aaaa85845fb5c59da00193f06b8e5278d8bf3f8

View File

@ -0,0 +1 @@
edfcab3e9f984fbfeef4f6193ec56f98b4796c68

View File

@ -0,0 +1 @@
b7f0fc8f61ecadeb3695f0b9464755eee44374d4

View File

@ -0,0 +1 @@
384faa82e193d4e4b0546059ca09572654bc3970

View File

@ -0,0 +1 @@
fd51f906669f49a4ffd06650666c3b8147a6106e

View File

@ -0,0 +1 @@
0ce1edb914c94ebc388f086c6827e8bdeec71ac2

View File

@ -0,0 +1 @@
0b9536281a0d32253f97445999dcaf0572e57bbb

View File

@ -0,0 +1 @@
097fd3078118f05895ba5c3a95f3c335e2a2f34d

View File

@ -0,0 +1 @@
16cf5a6b78951f50713d29bfae3230a611dc01f0

View File

@ -0,0 +1 @@
31cc0a151d458c4b99476805ede9c8accafb734c

View File

@ -0,0 +1 @@
d97e400d31bbeb36c1c60d2c3a9bbf2cdccf85a8

View File

@ -0,0 +1 @@
6bf0ebb7efd993e222fc1112377b5e92a13b38dd

View File

@ -0,0 +1 @@
99c61095a14dfc9e47a086068033c286bf236475

View File

@ -0,0 +1 @@
2083595b098f183da3c0cabf2819eb083a510a9e

View File

@ -0,0 +1 @@
6f3b8a24bf970f17289b234284c94f43eb42f0e4

View File

@ -0,0 +1 @@
251899d8c17e29ed4c53d98c88e54241a14d9591

View File

@ -0,0 +1 @@
8c0fa2cdb51f30a4f846cd60507b190e983f175a

Some files were not shown because too many files have changed in this diff Show More