From 95bd478d62c9ebf3e313df4915c392dfd094d615 Mon Sep 17 00:00:00 2001
From: cyberta <cyberta@riseup.net>
Date: Fri, 17 Jan 2020 22:16:24 +0100
Subject: add golang download fingerprint verification

---
 go/install_go.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/go/install_go.sh b/go/install_go.sh
index ee7c5ac3..8631b456 100755
--- a/go/install_go.sh
+++ b/go/install_go.sh
@@ -1,6 +1,7 @@
 #!/bin/bash
 
 GO_VERSION=go1.12.7.linux-amd64
+EXPECTED_FP=66d83bfb5a9ede000e33c6579a91a29e6b101829ad41fffb5c5bb6c900e109d9
 
 if [[ $(ls -A ${GO_VERSION}.tar.gz) ]]
 then
@@ -8,6 +9,12 @@ then
 else
     echo "installing go lang bundle ${GO_VERSION}.tar.gz"
     curl -o $GO_VERSION.tar.gz https://dl.google.com/go/$GO_VERSION.tar.gz
+    ACTUAL_FP=`sha256sum $GO_VERSION.tar.gz | cut -d " " -f1`
+    if [[ ! $ACTUAL_FP == $EXPECTED_FP ]]
+    then
+    echo "Download seems to be corrupted. Cancelling build."
+        return 1
+    fi
 fi
 
 if [[ -d ./golang ]]
-- 
cgit v1.2.3