abuild: use sha256 and sha512 sums instead of md5

ref #1484

abuild.in

@@ -217,31 +217,30 @@ sanitycheck() {
 	default_sanitycheck
 }
 
-md5check() {
+sumcheck() {
+	local algo="$1" sums="$2"
 	local dummy f endreturnval originalparams origin file
-	if [ -z "$source" ] && [ -z "$md5sums" ]; then
-		return 0
-	fi
-	if [ -z "$md5sums" ]; then
-		die "Use 'abuild checksum' to generate/update the checksum(s)"
-	fi
-	if [ "$(echo $source | wc -l)" -ne "$(echo $md5sums | wc -l)" ]; then
-		die "Number of md5sums does not correspond to number of sources"
+
+	# get number of checksums
+	set -- $sums
+	local numsums=$(( $# / 2 ))
+
+	set -- $source
+	if [ $# -ne $numsums ]; then
+		die "Number of ${algo}sums($numsums) does not correspond to number of sources($#)"
 	fi
 	fetch || return 1
-	msg "Checking md5sums..."
+	msg "Checking ${algo}sums..."
 	cd "$srcdir" || return 1
 	IFS=$'\n'
 	endreturnval=0
-	originalparams=$@
-	set -- $source
-	for src in $md5sums; do
+	for src in $sums; do
 		origin=$1; shift
-		echo "$src" | md5sum -c
+		echo "$src" | ${algo}sum -c
 		if [ $? -ne 0 ]; then
 			endreturnval=1
 			is_remote $origin || continue
-			echo "Because the remote file above failed the md5sum check it will be deleted."
+			echo "Because the remote file above failed the ${algo}sum check it will be deleted."
 			echo "Rebuilding will cause it to re-download which in some cases may fix the problem."
 			file=`echo "$src" | sed 's/.*[ \t\n]\(.*\)/\1/'`
 			echo "Deleting: $file"
@@ -249,10 +248,33 @@ md5check() {
 		fi
 	done
 	unset IFS
-	set -- $originalparams
 	return $endreturnval
 }
 
+# for compatibility
+md5check() {
+	warning "'md5check' is deprecated. Use 'verify' instead"
+	sumcheck md5 "$md5sums"
+}
+
+# verify checksums
+verify() {
+	local verified=false algo=
+	for algo in md5 sha1 sha256 sha512; do
+		local sums=
+		eval sums=\"\$${algo}sums\"
+		if [ -z "$sums" ] || [ -z "$source" ]; then
+			continue
+		fi
+		sumcheck "$algo" "$sums" || return 1
+		verified=true
+	done
+	if [ -n "$source" ] && ! $verified; then
+		die "Use 'abuild checksum' to generate/update the checksum(s)"
+	fi
+	return 0
+}
+
 # verify upstream sources
 sourcecheck() {
 	local uri
@@ -1475,15 +1497,31 @@ builddeps() {
 # replace the md5sums in the APKBUILD
 checksum() {
 	local s files
+	[ -z "$source" ] && [ -n "${md5sums}${sha256sums}${sha512sums}" ] \
+		&& msg "Removing checksums from APKBUILD"
+	sed -i -e '/^md5sums="/,/"\$/d; /^md5sums=''/,/''\$/d' "$APKBUILD"
+	sed -i -e '/^sha512sums="/,/"\$/d; /^sha512sums=''/,/''\$/d' "$APKBUILD"
+	sed -i -e '/^sha256sums="/,/"\$/d; /^sha256sums=''/,/''\$/d' "$APKBUILD"
 	[ -z "$source" ] && return 0
 	fetch
-	msg "Updating the md5sums in APKBUILD..."
 	for s in $source; do
 		files="$files ${s##*/}"
 	done
+
+	# for compatibility/backporting reasons we still add md5sum
+	msg "Updating the md5sums in APKBUILD..."
 	md5sums="$(cd "$srcdir" && md5sum $files)" || die "md5sum failed"
-	sed -i -e '/^md5sums="/,/"\$/d; /^md5sums=''/,/''\$/d' "$APKBUILD"
 	echo "md5sums=\"$md5sums\"" >>"$APKBUILD"
+
+	msg "Updating the sha256sums in APKBUILD..."
+	sha256sums="$(cd "$srcdir" && sha256sum $files)" \
+		|| die "sha256sum failed"
+	echo "sha256sums=\"$sha256sums\"" >>"$APKBUILD"
+
+	msg "Updating the sha512sums in APKBUILD..."
+	sha512sums="$(cd "$srcdir" && sha512sum $files)" \
+		|| die "sha512sum failed"
+	echo "sha512sums=\"$sha512sums\"" >>"$APKBUILD"
 }
 
 stripbin() {
@@ -1633,7 +1671,7 @@ usage() {
 	echo "  checksum    Generate checksum to be included in APKBUILD"
 	echo "  fetch       Fetch sources to \$SRCDEST and verify checksums"
 	echo "  sanitycheck Basic sanity check of APKBUILD"
-	echo "  md5check    Check md5sums"
+	echo "  verify      Verify checksums"
 	echo "  unpack      Unpack sources to \$srcdir"
 	echo "  build       Compile and install package into \$pkgdir"
 	echo "  listpkg     List target packages"