From 95bd478d62c9ebf3e313df4915c392dfd094d615 Mon Sep 17 00:00:00 2001 From: cyberta Date: Fri, 17 Jan 2020 22:16:24 +0100 Subject: add golang download fingerprint verification --- go/install_go.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/go/install_go.sh b/go/install_go.sh index ee7c5ac3..8631b456 100755 --- a/go/install_go.sh +++ b/go/install_go.sh @@ -1,6 +1,7 @@ #!/bin/bash GO_VERSION=go1.12.7.linux-amd64 +EXPECTED_FP=66d83bfb5a9ede000e33c6579a91a29e6b101829ad41fffb5c5bb6c900e109d9 if [[ $(ls -A ${GO_VERSION}.tar.gz) ]] then @@ -8,6 +9,12 @@ then else echo "installing go lang bundle ${GO_VERSION}.tar.gz" curl -o $GO_VERSION.tar.gz https://dl.google.com/go/$GO_VERSION.tar.gz + ACTUAL_FP=`sha256sum $GO_VERSION.tar.gz | cut -d " " -f1` + if [[ ! $ACTUAL_FP == $EXPECTED_FP ]] + then + echo "Download seems to be corrupted. Cancelling build." + return 1 + fi fi if [[ -d ./golang ]] -- cgit v1.2.3