mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-22 16:44:32 +01:00
db522d3ae4
Approved by: re
32 lines
898 B
Bash
Executable File
32 lines
898 B
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# Check the library fingerprint and generate an executable fingerprint, or
|
|
# return an error
|
|
|
|
lib=$1
|
|
exe=$2
|
|
ext=${HMAC_EXT:-sha1}
|
|
|
|
# deal with the case where we're run from within the build and OpenSSL is
|
|
# not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in
|
|
# case shared libraries are built.
|
|
if [ "X$TOP" != "X" ]
|
|
then
|
|
if test "$OSTYPE" = msdosdjgpp; then
|
|
PATH="$TOP/apps;$TOP;$PATH"
|
|
else
|
|
PATH="$TOP/apps:$TOP:$PATH"
|
|
fi
|
|
LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH
|
|
else
|
|
LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH
|
|
fi
|
|
|
|
echo "Checking library fingerprint for $lib"
|
|
openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; }
|
|
|
|
[ -x $exe.exe ] && exe=$exe.exe
|
|
|
|
echo "Making fingerprint for $exe"
|
|
openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.$ext || rm $exe.$ext
|