More tests, secure mode, and line endings

Signed-off-by: Adam Farley <[email protected]>

sbin/common/lib/functionLibrary.sh

@@ -52,7 +52,7 @@ function checkFileSha() {
   info "Checking if a file matches the sha256 checksum. Fails if there is no checksum."
   if [ $# != 2 ]; then
     echo "Error: checkFileSha() function was not supplied with exactly 2 arguments."
-    exit 1
+    return 1
   fi
 
   if [[ -z $1 ]]; then
@@ -76,7 +76,7 @@ function checkFileSha() {
     shaReturnCode=$?
   else
     echo "Error: Neither sha256sum nor shasum is available on this machine."
-    exit 1
+    return 1
   fi
 
   if [ $shaReturnCode != 0 ]; then
@@ -93,7 +93,7 @@ function doesThisURLExist() {
   info "Checking if a given URL exists."
   if [ $# == 0 ]; then
     echo "Error: doesThisURLExist() function was not supplied with a URL."
-    exit 1
+    return 1
   fi
 
   spiderOutput=1
@@ -107,7 +107,7 @@ function doesThisURLExist() {
     spiderOutput=$?
   else
     echo "Error: Neither wget nor curl could be found when downloading this file: ${source}"
-    exit 1
+    return 1
   fi
 
   return $spiderOutput
@@ -119,11 +119,13 @@ function doesThisURLExist() {
 # -destination (mandatory: an existent folder where the file will be put)
 # -filename (optional: the new name of the file post-download)
 # -sha (optional: the anticipated sha of the downloaded file)
+# -secure (optional: true/false - should this download be automatically failed?)
 function downloadFile() {
   source=""
   destination=""
   filename=""
   sha=""
+  secure="false"
 
   arrayOfArgs=( "$@" )
   x=0
@@ -147,8 +149,12 @@ function downloadFile() {
       --sha | -sha )
       sha="${value}"
       ;;
-
-      *) echo >&2 "Invalid downloadFile argument: ${arg} ${value}"; exit 1;;
+
+      --secure | -secure )
+      [[ "${value}" == "true" ]] && secure="true"
+      ;;
+
+      *) echo >&2 "Invalid downloadFile argument: ${arg} ${value}"; return 1;;
     esac
     x="$((x+1))"
   done
@@ -159,26 +165,29 @@ function downloadFile() {
     echo "Error: function downloadFile requires both a source and a destination."
     echo "Source detected: ${source}"
     echo "Destination detected: ${destination}"
-    exit 1
+    return 1
   fi
 
   info "File details: "
   info "- source: ${source}"
   info "- destination: ${destination}"
   info "- file name: ${filename}"
   info "- sha256 checksum: ${sha}"
+  info "- secure: ${secure}"
 
   if [ -z ${filename} ]; then
     filename="${source##*/}"
   fi
 
+  [[ ${secure} == "true" ]] && echo "The attempted download of file ${filename} was blocked because secure mode is active." && return 1
+
   info "Checking if source exists."
   doesThisURLExist "${source}"
-  [[ $? != 0 ]] && echo "Error: File could not be found at source." && exit 1
+  [[ $? != 0 ]] && echo "Error: File could not be found at source." && return 1
   info "Source exists."
 
   info "Checking if destination folder exists."
-  [ ! -x ${destination} ] && echo "Error: Destination folder could not be found." && exit 1
+  [ ! -x ${destination} ] && echo "Error: Destination folder could not be found." && return 1
 
   info "Destination folder exists. Checking if file is already present."
   if [ -x "${destination}/${filename}" ]; then
@@ -189,11 +198,11 @@ function downloadFile() {
       rm "${destination}/${filename}"
       if [ $? != 0 ]; then
         echo "Error: Could not remove file."
-        exit 1
+        return 1
       fi
     else
       info "A file was found with the same name, and it matches the supplied checksum. Skipping download."
-      exit 0
+      return 0
     fi
   fi
   if [ -x "${destination}/${source##*/}" ]; then
@@ -204,12 +213,12 @@ function downloadFile() {
       rm "${destination}/${source##*/}"
       if [ $? != 0 ]; then
         echo "Error: Could not remove file."
-        exit 1
+        return 0
       fi
     else
       info "A file was found with the same name, and it matches the supplied checksum. Skipping download."
       mv "${destination}/${source##*/}" "${destination}/${filename}"
-      exit 0
+      return 0
 	fi
   fi
 
@@ -232,16 +241,19 @@ function downloadFile() {
     if [[ $? != 0 ]]; then
       echo "Error: Checksum does not match the downloaded file. Removing file."
       rm "${destination}/${filename}"
-      exit 1
+      return 1
     fi
   fi
 
   info "File has been downloaded successfully."
 
   info "Setting file permissions to 770."
   chmod 770 "${destination}/${filename}"
-  [ $? != 0 ] && echo "Error: Checksum does not match the downloaded file. Removing file." && rm "${destination}/${filename}" && exit 1
-
+  if [ $? != 0 ]; then
+    echo "Error: Chmod has failed. Attempting to remove file." 
+    rm "${destination}/${filename}"
+    return 1
+  fi
   info "File permissions set successfully."
   info "File download script complete"
 

sbin/common/lib/functionLibraryTests.sh

@@ -78,16 +78,62 @@ function doesThisURLExistTests(){
   testResults "doesThisURLExistTest 3" "$?"
 }
 
+
+sampleFileURL="https://raw.githubusercontent.com/adamfarley/temurin-build/refs/heads/build_scripts_secure_mode/sbin/common/lib"
+sampleFileName="sampleFileForTesting.txt"
+sampleFileSha="7eb664568090f0ac7f573b25e4ac7929a48f3fb39fb34e6b21421959acdf94b4"
+
+
 # downloadFile
 function downloadFileTests() {
   workdir="$(pwd)/tmp_test_work_dir"
   # Setup
-  [[ -x "${workdir}" ]] && echo "Error: Temporary test work directory exists and shouldn't." && exit 1
+  [[ -x "${workdir}" ]] && echo "Error: Temporary test work directory exists and shouldn't: ${workdir}" && exit 1
   mkdir "${workdir}"
-  [[ ! -x "${workdir}" ]] && echo "Error: Temporary test work directory could not be created." && exit 1
-
+  [[ ! -x "${workdir}" ]] && echo "Error: Temporary test work directory could not be created: ${workdir}" && exit 1
+
+  # Does it pass when it should (no sha)?
+  downloadFile -s "${sampleFileURL}/${sampleFileName}" -d "${workdir}"
+  [[ $? == 0 && -x "${workdir}/${sampleFileName}" ]]
+  testResults "downloadFileTest 1" "$?"
+  rm -rf "${workdir}/*"
+
+  # Does it pass when it should (sha)?
+  downloadFile -s "${sampleFileURL}/${sampleFileName}" -d "${workdir}" -sha "${sampleFileSha}"
+  [[ $? == 0 && -x "${workdir}/${sampleFileName}" ]]
+  testResults "downloadFileTest 2" "$?"
+  exit 1
+  rm -rf "${workdir}/*"
+
+  # Does it correctly rename the downloaded file?
+  downloadFile -s "${sampleFileURL}/${sampleFileName}" -d "${workdir}" -sha "${sampleFileSha}" -f "newfilename"
+  [[ $? == 0 && -x "${workdir}/newfilename" ]]
+  testResults "downloadFileTest 3" "$?"
+  rm -rf "${workdir}/*"
+
+  # Does it fail when it should (no sha, source does not exist)?
+  downloadFile -s "${sampleFileURL}/thisFileDoesNotExist" -d "${workdir}" &> /dev/null
+  [[ $? != 0 && ! -x "${workdir}/${sampleFileName}" ]]
+  testResults "downloadFileTest 4" "$?"
+
+  # Does it fail when it should (with sha, source does not exist)?
+  downloadFile -s "${sampleFileURL}/thisFileDoesNotExist" -d "${workdir}" -sha "${sampleFileSha}" &> /dev/null
+  [[ $? != 0 && ! -x "${workdir}/${sampleFileName}" ]]
+  testResults "downloadFileTest 5" "$?"
+
+  # Does it fail when it should (with invalid sha, source exists)?
+  downloadFile -s "${sampleFileURL}/${sampleFileName}" -d "${workdir}" -sha "thisisaninvalidsha12345" -f "newfilename" &> /dev/null
+  [[ $? != 0 && ! -x "${workdir}/newfilename" ]]
+  testResults "downloadFileTest 6" "$?"
+
+  # Does it fail when it should (secure mode)?
+  downloadFile -s "${sampleFileURL}/${sampleFileName}" -d "${workdir}" -secure "true" &> /dev/null
+  [[ $? != 0 && ! -x "${workdir}/newfilename" ]]
+  testResults "downloadFileTest 7" "$?"
+
   # Clean up
-  [[ ! (rm -rf "${workdir}") ]] && echo "Error: Temporary test work directory could not be deleted." && exit 1
+  rm -rf "${workdir}"
+  [[ $? != 0 ]] && echo "Error: Temporary test work directory could not be deleted." && exit 1
 }
 
 echo "Test script start."