#!/bin/sh
### This function takes in input a md5 file sum
### It verifies the validity of the md5
### and perform the check on the pkg.
### It output the log file name on stdout if md5 won't match otherwise null.

# load env vars
. /lib/system-integrity-check/envinfo

# this function take in input a .md5 file as downloaded from pkgsum
# and validate the file with the self contained md5sum.

validate_md5file() {
  lines=$(cat "$1" | wc -l)
  lines=$(expr $lines - 1)
  if [ "$(tail -n 1 "$1")" != "$(head -n $lines "$1" | md5sum  | cut -d " " -f 1)" ]; then
    return 1
  fi
}

# this one does the real check of md5sums on the target disk
# NOTE: the logic is still very simple and it relies on the contents of
# of the md5 file. There is much more that can/should be done.
# For ex: check symlinks, check orphaned files on the filesystem and so on.

dorealcheck_md5() {
  pkg="$(basename "$1" | cut -d "_" -f 1)"
  while read type <&8; do
    case "$type" in
      sym:)
        read filename <&8
        read symlink <&8
        if [ ! -L "${TOPDIR}/$filename" ]; then
          db_subst system-integrity-check/report/missing-symlink SUBST0 "$pkg"
          db_subst system-integrity-check/report/missing-symlink SUBST1 "$filename"
          db_metaget system-integrity-check/report/missing-symlink description || RET=''
          if [ -z "$RET" ]; then
            echo "Unable to fetch debconf translation: using plain english."  >> "$report"
            echo "$pkg: $filename symlink is missing." >> "$report"
          else
            echo "$RET" >> "$report"
          fi
        elif [ "$symlink" != "$(readlink "${TOPDIR}/$filename")" ]; then
          db_subst system-integrity-check/report/symlink-change SUBST0 "$pkg"
          db_subst system-integrity-check/report/symlink-change SUBST1 "$filename"
          db_metaget system-integrity-check/report/symlink-change description || RET=''
          if [ -z "$RET" ]; then
            echo "Unable to fetch debconf translation: using plain english."  >> "$report"
            echo "$pkg: $filename symlink has been changed." >> "$report"
          else
            echo "$RET" >> "$report"
          fi
        fi
      ;;
      md5:)
        read md5 <&8
        read filename <&8
        if [ ! -e "${TOPDIR}/$filename" ]; then
          db_subst system-integrity-check/report/missing-file SUBST0 "$pkg"
          db_subst system-integrity-check/report/missing-file SUBST1 "$filename"
          db_metaget system-integrity-check/report/missing-file description || RET=''
          if [ -z "$RET" ]; then
            echo "Unable to fetch debconf translation: using plain english."  >> "$report"
            echo "$pkg: $filename file is missing." >> "$report"
          else
            echo "$RET" >> "$report"
          fi
        elif [ "$md5" != "$(md5sum "${TOPDIR}/$filename" | cut -d " " -f 1)" ]; then
          db_subst system-integrity-check/report/md5-mismatch SUBST0 "$pkg"
          db_subst system-integrity-check/report/md5-mismatch SUBST1 "$filename"
          db_metaget system-integrity-check/report/md5-mismatch description || RET=''
          if [ -z "$RET" ]; then
            echo "Unable to fetch debconf translation: using plain english."  >> "$report"
            echo "$pkg $filename md5sum mismatch." >> "$report"
          else
            echo "$RET" >> "$report"
          fi
        fi
      ;;
      *)
        # unknown case, we just do nothing and keep reading the file.
      ;;
    esac
  done 8<"$1"
}
