1
2 set -uo pipefail
3 trap 's=$?; echo ": Error on line "$LINENO": $BASH_COMMAND"; exit $s' ERR
4 IFS=$'\n\t'
5
6 error() {
7
8 if [ -t 2 ]; then
9 ERRORFMT='\e[1;31;91m%s\e[0m\n'
10 else
11 ERRORFMT='%s\n'
12 fi
13 printf "$ERRORFMT" "$1" >&2
14 exit "${2:-1}"
15 }
16
17 unset WORKDIR
18 workdir() {
19 if [ -z "${WORKDIR:+x}" ]; then
20
21 TMPDIR="${TMPDIR:-$(dirname $(mktemp -u))}"
22 WORKDIR=$(mktemp -d "$TMPDIR/.$(basename "$0").XXXXXXXXXX")
23
24 trap "rm -rf \"$WORKDIR\"" INT EXIT
25 fi
26 }
27
28 workdir
29
30 BASE=https://ryanc-musl-bins.s3.amazonaws.com
31
32
33 ARGS=("$@")
34 ARCH="${ARGS[0]}"
35 BINS=("${ARGS[@]:1}")
36
37
38 if command -v unxz > /dev/null; then
39 FORMAT=xz
40 UNPACK=unxz
41 elif command -v xzdec > /dev/null; then
42 FORMAT=xz
43 UNPACK=xzdec
44 else
45 FORMAT=gz
46 UNPACK=gunzip
47 fi
48
49
50 for NAME in SHA256SUMS SHA256SUMS.minisig; do
51 curl -so "$WORKDIR/$NAME" "$BASE/$NAME"
52 done
53
54
55 PUB="RWQwnv+4l4uv60kab+K2sjXkATMVxetuVUvaCuBX2XXTIOqziTvbXk3N"
56 if command -v rsign > /dev/null; then
57 rsign verify -qP "$PUB" "$WORKDIR/SHA256SUMS"
58 elif command -v minisign > /dev/null; then
59 minisign -V -qP "$PUB" -m "$WORKDIR/SHA256SUMS"
60 elif command -v miniverify > /dev/null; then
61 miniverify -V -qP "$PUB" -m "$WORKDIR/SHA256SUMS"
62 else
63 echo "No compatible signature verification tool!"
64 exit 1
65 fi
66
67
68 for BIN in "${BINS[@]}"; do
69 mkdir -p "$WORKDIR/$ARCH"
70 curl -so "$WORKDIR/$ARCH/$BIN.$FORMAT" "$BASE/$ARCH/$BIN.$FORMAT"
71 done
72
73 pushd "$WORKDIR" > /dev/null
74
75
76 sha256sum --ignore-missing -c --quiet SHA256SUMS || \
77 error "compressed hash validation failed"
78
79 for BIN in "${BINS[@]}"; do
80 $UNPACK -dc "$WORKDIR/$ARCH/$BIN.$FORMAT" > "$WORKDIR/$ARCH/$BIN"
81 rm "$WORKDIR/$ARCH/$BIN.$FORMAT"
82 chmod +x "$WORKDIR/$ARCH/$BIN"
83 done
84
85
86 sha256sum --ignore-missing -c SHA256SUMS || \
87 error "hash validation failed"
88
89 popd > /dev/null
90
91
92 for BIN in "${BINS[@]}"; do
93 mv "$WORKDIR/$ARCH/$BIN" .
94 done