Allow to include multiple checksum files and specify which hashes to use.

functions/defaults.sh

@@ -814,7 +814,7 @@ Set_defaults ()
 	fi
 
 	# Setting checksums
-	LH_CHECKSUMS="${LH_CHECKSUMS:-true}"
+	LH_CHECKSUMS="${LH_CHECKSUMS:-md5}"
 
 	# Setting chroot option
 	LH_CHROOT_BUILD="${LH_CHROOT_BUILD:-true}"

helpers/binary_checksums

@@ -23,13 +23,11 @@ Arguments "${@}"
 Read_conffiles config/all config/common config/bootstrap config/chroot config/binary config/source
 Set_defaults
 
-if [ "${LH_CHECKSUMS}" != "true" ] || [ "${LH_BINARY_IMAGES}" = "virtual-hdd" ]
+if [ "${LH_CHECKSUMS}" = "none" ] || [ "${LH_BINARY_IMAGES}" = "virtual-hdd" ]
 then
 	exit 0
 fi
 
-Echo_message "Begin creating binary md5sum.txt..."
-
 # Requiring stage file
 Require_stagefile .stage/config .stage/bootstrap
 
@@ -42,31 +40,44 @@ Check_lockfile .lock
 # Creating lock file
 Create_lockfile .lock
 
-# Remove old md5sums
-if [ -f binary/md5sum.txt ]
-then
-	rm -f binary/md5sum.txt
-fi
+for CHECKSUM in ${LH_CHECKSUMS}
+do
+	Echo_message "Begin creating binary ${CHECKSUM}sum.txt..."
 
-# Calculating md5sums
-cd binary
-find . -type f \! -path './isolinux/isolinux.bin' \! -path './boot/grub/stage2_eltorito' -print0 | sort -z | xargs -0 md5sum > ../md5sum.txt
+	# Remove old checksums
+	if [ -f binary/${CHECKSUM}sum.txt ]
+	then
+		rm -f binary/${CHECKSUM}sum.txt
+	fi
 
-cat > md5sum.txt << EOF
-This file contains the list of md5 checksums of all files on this medium.
+	# Calculating checksums
+	cd binary
+	find . -type f \
+		\! -path './isolinux/isolinux.bin' \
+		\! -path './boot/grub/stage2_eltorito' \
+		\! -path './md5sum.txt' \
+		\! -path './sha1sum.txt' \
+		\! -path './sha256sum.txt' \
+	-print0 | sort -z | xargs -0 ${CHECKSUM}sum > ../${CHECKSUM}sum.txt
+
+cat > ${CHECKSUM}sum.txt << EOF
+This file contains the list of ${CHECKSUM} checksums of all files on this medium.
 
 You can verify them automatically with the 'integrity-check' boot parameter,
-or, manually with: 'md5sum -c md5sum.txt'.
+or, manually with: '${CHECKSUM}sum -c ${CHECKSUM}sum.txt'.
 
 
 EOF
 
-cat ../md5sum.txt >> md5sum.txt
-rm -f ../md5sum.txt
+	cat ../${CHECKSUM}sum.txt >> ${CHECKSUM}sum.txt
+	rm -f ../${CHECKSUM}sum.txt
+
+	cd "${OLDPWD}"
+done
 
 # File list
+cd binary
 find . | sed -e 's|^.||g' | grep "^/" | sort > ../binary.list
-
 cd "${OLDPWD}"
 
 # Creating stage file

helpers/config

@@ -52,7 +52,7 @@ USAGE="${PROGRAM} [--apt apt|aptitude]\n\
 \t    [--cache-indices true|false]\n\
 \t    [--cache-packages true|false]\n\
 \t    [--cache-stages STAGE|\"STAGES\"]\n\
-\t    [--checksums true|false]\n\
+\t    [--checksums md5|sha1|sha256|none]\n\
 \t    [--chroot-build true|false]\n\
 \t    [--chroot-filesystem ext2|ext3|squashfs|plain|jffs2]\n\
 \t    [-c|--conffile FILE]\n\

helpers/source_checksums

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# lh_source_checksums(1) - create source checksumss
+# lh_source_checksums(1) - create source checksums
 # Copyright (C) 2006-2010 Daniel Baumann <daniel@debian.org>
 #
 # live-helper comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
@@ -23,18 +23,11 @@ Arguments "${@}"
 Read_conffiles config/all config/common config/bootstrap config/chroot config/binary config/source
 Set_defaults
 
-if [ "${LH_SOURCE}" != "true" ]
+if [ "${LH_CHECKSUMS}" = "none" ] || [ "${LH_SOURCE}" != "true" ]
 then
 	exit 0
 fi
 
-if [ "${LH_CHECKSUMS}" != "true" ]
-then
-	exit 0
-fi
-
-Echo_message "Begin creating source md5sum.txt..."
-
 # Requiring stage file
 Require_stagefile .stage/config .stage/source_debian
 
@@ -47,31 +40,42 @@ Check_lockfile .lock
 # Creating lock file
 Create_lockfile .lock
 
-# Remove old md5sums
-if [ -f source/md5sum.txt ]
-then
-	rm -f source/md5sum.txt
-fi
+for CHECKSUM in ${LH_CHECKSUMS}
+do
+	Echo_message "Begin creating source ${CHECKSUM}sum.txt..."
 
-# Calculating md5sums
-cd source
-find . -type f -print0 | sort -z | xargs -0 md5sum > ../md5sum.txt
+	# Remove old checksums
+	if [ -f source/${CHECKSUM}sum.txt ]
+	then
+		rm -f source/${CHECKSUM}sum.txt
+	fi
 
-cat > md5sum.txt << EOF
-This file contains the list of md5 checksums of all files on this medium.
+	# Calculating checksums
+	cd source
+	find . -type f \
+		\! -path './md5sum.txt' \
+		\! -path './sha1sum.txt' \
+		\! -path './sha256sum.txt' \
+	-print0 | sort -z | xargs -0 ${CHECKSUM}sum > ../${CHECKSUM}sum.txt
+
+cat > ${CHECKSUM}sum.txt << EOF
+This file contains the list of ${CHECKSUM} checksums of all files on this medium.
 
 You can verify them automatically with the 'integrity-check' boot parameter,
-or, manually with: 'md5sum -c md5sum.txt'.
+or, manually with: '${CHECKSUM}sum -c ${CHECKSUM}sum.txt'.
 
 
 EOF
 
-cat ../md5sum.txt >> md5sum.txt
-rm -f ../md5sum.txt
+	cat ../${CHECKSUM}sum.txt >> ${CHECKSUM}sum.txt
+	rm -f ../${CHECKSUM}sum.txt
+
+	cd "${OLDPWD}"
+done
 
 # File list
+cd source
 find . | sed -e 's|^.||g' | grep "^/" | sort > ../source.list
-
 cd "${OLDPWD}"
 
 # Creating stage file

manpages/lh_config.en.1

@@ -54,7 +54,7 @@ lh_config \- create configuration for live\-helper
 .br
 	[\fB\-\-cache\-stages\fR \fISTAGE\fR|\fI"STAGES"\fR]
 .br
-	[\fB\-\-checksums\fR true|false]
+	[\fB\-\-checksums\fR md5|sha1|sha256|none]
 .br
 	[\fB\-\-chroot\-build\fR true|false]
 .br
@@ -258,8 +258,8 @@ defines if downloaded package indices and lists should be cached which is false
 defines if downloaded packages files should be cached which is true by default. Disabling it does save space consumtion in your build directory, but remember that you will cause much unnecessary traffic if you do a couple of rebuilds. In general you should always leave it true, however, in some particular rare build setups, it can be faster to refetch packages from the local network mirror rather than to utilize the local disk.
 .IP "\fB\-\-cache\-stages\fR true|false|\fISTAGE\fR|""\fISTAGES\fR""" 4
 sets which stages should be cached. By default set to bootstrap. As an exception to the normal stage names, also rootfs can be used here which does only cache the generated root filesystem in filesystem.{dir,ext*,squashfs}. This is useful during development if you want to rebuild the binary stage but not regenerate the root filesystem all the time.
-.IP "\fB\-\-checksums\fR true|false|md5|sha1|sha256" 4
-defines if the binary image should contain a file called md5sums.txt, sha1sums.txt or sha256sums.txt. These lists all files on the image together with their checksums. This in turn can be used by live-initramfs' built-in integrity-check to verify the medium if specified at boot prompt. In general, this should not be false and is an important feature of live system released to the public. However, during development of very big images it can save some time by not calculating the checksums.
+.IP "\fB\-\-checksums\fR md5|sha1|sha256|none" 4
+defines if the binary image should contain a file called md5sums.txt, sha1sums.txt and/or sha256sums.txt. These lists all files on the image together with their checksums. This in turn can be used by live-initramfs' built-in integrity-check to verify the medium if specified at boot prompt. In general, this should not be false and is an important feature of live system released to the public. However, during development of very big images it can save some time by not calculating the checksums.
 .IP "\fB\-\-chroot\-build\fR true|false" 4
 defines whetever live-helper should use the tools from within the chroot to build the binary image or not by using and including the host systems tools. This is a very dangerous option, using the tools of the host system can lead to tainted and even non-bootable images if the host systems version of the required tools (mainly these are the bootloaders such as syslinux, grub and yaboot, and the auxilliary tools such as dosfstools, genisoimage, squashfs-tools and others) do not \fBexactely\fR match what is present at build-time in the target distribution. Never do disable this option unless you are \fBexactely\fR sure what you are doing and have \fBcompletely\fI understood its consequences.
 .IP "\fB\-\-chroot\-filesystem\fR ext2|ext3|squashfs|plain|jffs2" 4