diff options
Diffstat (limited to 'contrib/hooks/encrypt_with_checksums/post_status')
-rwxr-xr-x | contrib/hooks/encrypt_with_checksums/post_status | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/contrib/hooks/encrypt_with_checksums/post_status b/contrib/hooks/encrypt_with_checksums/post_status new file mode 100755 index 0000000..3dd0465 --- /dev/null +++ b/contrib/hooks/encrypt_with_checksums/post_status @@ -0,0 +1,100 @@ +#!/usr/bin/env bash + +# yadm - Yet Another Dotfiles Manager +# Copyright (C) 2015-2019 Tim Byrne and Martin Zuther + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + + +YADM_CHECKSUMS="$YADM_HOOK_DIR/files.checksums" +WARNING_MESSAGE="Checksums were not verified" + +# unpack exported array; filenames including a newline character (\n) +# are NOT supported +OLD_IFS="$IFS" +IFS=$'\n' +YADM_ENCRYPT_INCLUDE_FILES=( $YADM_ENCRYPT_INCLUDE_FILES ) +IFS="$OLD_IFS" + + +function get_checksum_command { + # check if "shasum" exists and supports the algorithm (which is + # tested by sending an empty string to "shasum") + if command -v "shasum" > /dev/null && printf "" | shasum --algorithm "256" &> /dev/null; then + printf "shasum --algorithm 256" + # check if "sha256sum" exists + elif command -v "sha256sum" > /dev/null; then + printf "sha256sum" + # check if "gsha256sum" exists + elif command -v "gsha256sum" > /dev/null; then + printf "gsha256sum" + else + # display warning in bright yellow + printf "\033[1;33m" >&2 + printf "\nWARNING: \"shasum\", \"sha256sum\" and \"gsha256sum\" not found. %s\n" "$WARNING_MESSAGE." >&2 + + # reset output color + printf "\033[0m" >&2 + + # signal error + return 1 + fi +} + + +# if there is no checksum file, exit with original status of yadm +# command +if [ ! -f "$YADM_CHECKSUMS" ]; then + exit "$YADM_HOOK_EXIT" +fi + +# get checksum command +CHECKSUM_COMMAND=$(get_checksum_command) + +# no command found +if (($?)); then + # return original exit status of yadm command + exit "$YADM_HOOK_EXIT" +fi + +# check encrypted files for differences and capture output and error +# messages +YADM_CHECKSUM_OUTPUT=$($CHECKSUM_COMMAND --check "$YADM_CHECKSUMS" 2>&1) +ERROR_CODE=$? + +# handle mismatched checksums and errors +if (($ERROR_CODE)); then + printf "\nSome SHA-256 sums do not match (or an error occurred):\n\n" + + # display differing files and errors (highlighted in red) + printf "\033[0;31m" + + while IFS= read -r line; do + # beautify output and get rid of unnecessary lines + line="${line%%*: [Oo][Kk]}" + line="${line%%: [Ff][Aa][Ii][Ll][Ee][Dd]}" + line="${line##*WARNING:*did NOT match}" + + if [ -n "$line" ]; then + printf "%s\n" "$line" + fi + done <<< "$YADM_CHECKSUM_OUTPUT" + + # reset output color + printf "\033[0m" + + # display advice for differing files and signal error + printf "\nConsider running either \"yadm encrypt\" or \"yadm decrypt\".\n" + exit $ERROR_CODE +fi |