From d1ef435b0fadc732312f82bde3628ee8d6f38981 Mon Sep 17 00:00:00 2001 From: Michiel Borkent Date: Mon, 14 Aug 2023 18:39:38 +0200 Subject: [PATCH 1/5] wip --- src/borkdude/deps.clj | 42 ++++++++++++++++++++++++++++++------------ 1 file changed, 30 insertions(+), 12 deletions(-) diff --git a/src/borkdude/deps.clj b/src/borkdude/deps.clj index dd55cdc..8ab7c58 100755 --- a/src/borkdude/deps.clj +++ b/src/borkdude/deps.clj @@ -16,7 +16,7 @@ ;; see https://github.com/clojure/brew-install/blob/1.11.1/CHANGELOG.md (def ^:private version (delay (or (System/getenv "DEPS_CLJ_TOOLS_VERSION") - "1.11.1.1386"))) + "1.11.1.1403"))) (def ^:private cache-version "4") @@ -378,15 +378,19 @@ For more info, see: commit (-> (str/split version #"\.") last (Long/parseLong)) - github-release? (>= commit 1386)] + github-release? (>= commit 1386) + verify-sha256 (>= commit 1403) + url (if github-release? + (format "https://github.com/clojure/brew-install/releases/download/%s/clojure-tools.zip" version) + (format "https://download.clojure.org/install/clojure-tools-%s.zip" version))] {:ct-base-dir "ClojureTools" :ct-error-exit-code 99 :ct-aux-files-names ["exec.jar" "example-deps.edn" "tools.edn"] :ct-jar-name (format "clojure-tools-%s.jar" version) - :ct-url-str (if github-release? - (format "https://github.com/clojure/brew-install/releases/download/%s/clojure-tools.zip" version) - (format "https://download.clojure.org/install/clojure-tools-%s.zip" version)) - :ct-zip-name "clojure-tools.zip"}))) + :ct-url-str url + :ct-zip-name "clojure-tools.zip" + :sha256-url-str (when verify-sha256 + (str url ".sha256"))}))) (def zip-invalid-msg (str/join \n @@ -492,7 +496,7 @@ public class ClojureToolsDownloader { "Downloads `:url` zip file to `:dest` by invoking `java` with `:proxy` options on a `.java` program file, and returns true on success. Requires Java 11+ (JEP 330)." - [{:keys [url dest proxy-opts clj-jvm-opts]}] + [{:keys [url dest proxy-opts clj-jvm-opts sha256-url]}] (let [dest-dir (.getCanonicalPath (io/file dest "..")) dlr-path (clojure-tools-java-downloader-spit dest-dir) java-cmd [(get-java-cmd) "-XX:-OmitStackTraceInFastThrow"] @@ -505,6 +509,13 @@ public class ClojureToolsDownloader { clj-jvm-opts (proxy-jvm-opts proxy-opts) [dlr-path url (str dest)]))}) + (when sha256-url + (prn :downloading) + (*aux-process-fn* {:cmd (vec (concat java-cmd + clj-jvm-opts + (proxy-jvm-opts proxy-opts) + [dlr-path sha256-url (str dest ".sha256")]))})) + (prn :downloaded) (io/delete-file dlr-path true) @success?*))) @@ -536,9 +547,10 @@ public class ClojureToolsDownloader { It calls `*exit-fn*` if it cannot download the archive, with instructions how to manually download it." [{:keys [out-dir debug proxy-opts clj-jvm-opts config-dir]}] - (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name]} @clojure-tools-info* + (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name sha256-url]} @clojure-tools-info* dir (io/file out-dir) zip-file (io/file out-dir ct-zip-name) + sha256-file (io/file (str zip-file ".sha256")) transaction-start (io/file out-dir "TRANSACTION_START")] (io/make-parents transaction-start) (spit transaction-start "") @@ -546,18 +558,24 @@ public class ClojureToolsDownloader { (warn "Downloading" ct-url-str "to" (str zip-file)) (or (when *clojure-tools-download-fn* (when debug (warn "Attempting download using custom download function...")) - (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts})) + (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url})) (when (seq clj-jvm-opts) (when debug (warn "Attempting download using java subprocess... (requires Java11+)")) - (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts})) + (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url})) (do (when debug (warn "Attempting direct download...")) - (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})) + (let [res (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})] + (when sha256-url + (clojure-tools-download-direct! {:url sha256-url :dest (str zip-file ".sha256")})) + res)) (*exit-fn* {:exit ct-error-exit-code :message (str "Error: Cannot download Clojure tools." " Please download manually from " ct-url-str " to " (str (io/file dir ct-zip-name)))}) - {:url ct-url-str :out-dir (str dir)})) + {:url ct-url-str :out-dir (str dir) :sha256-url sha256-url})) (warn "Unzipping" (str zip-file) "...") + (when (.exists sha256-file) + (let [sha (str/trim (slurp sha256-file))] + (prn :sha sha))) (unzip zip-file (.getPath dir)) (.delete zip-file) (when config-dir From b8eec0f565d98dabc3d723947dceef767cf903af Mon Sep 17 00:00:00 2001 From: Michiel Borkent Date: Mon, 14 Aug 2023 21:11:14 +0200 Subject: [PATCH 2/5] fini --- CHANGELOG.md | 3 ++- src/borkdude/deps.clj | 51 ++++++++++++++++++++++++------------- test/borkdude/deps_test.clj | 4 +-- 3 files changed, 37 insertions(+), 21 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a15dfe8..7897d50 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,12 +10,13 @@ DEPS_CLJ_TOOLS_VERSION=1.11.1.1165 bb clojure [deps.clj](https://github.com/borkdude/deps.clj): a faithful port of the clojure CLI bash script to Clojure -## 1.11.1.1386 +## Unreleased - [#104](https://github.com/borkdude/deps.clj/issues/104): print repl-aliases in -Sdescribe - Make installation of tools jar more robust using transaction file - [#106](https://github.com/borkdude/deps.clj/issues/106): System deps.edn should be extracted on tools install - Download tools jar from new Github releases link +- Verify downloaded zip file with .sha256 file ## 1.11.1.1347 diff --git a/src/borkdude/deps.clj b/src/borkdude/deps.clj index 8ab7c58..1247f4e 100755 --- a/src/borkdude/deps.clj +++ b/src/borkdude/deps.clj @@ -547,7 +547,7 @@ public class ClojureToolsDownloader { It calls `*exit-fn*` if it cannot download the archive, with instructions how to manually download it." [{:keys [out-dir debug proxy-opts clj-jvm-opts config-dir]}] - (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name sha256-url]} @clojure-tools-info* + (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name sha256-url-str]} @clojure-tools-info* dir (io/file out-dir) zip-file (io/file out-dir ct-zip-name) sha256-file (io/file (str zip-file ".sha256")) @@ -556,26 +556,41 @@ public class ClojureToolsDownloader { (spit transaction-start "") (when-not (.exists zip-file) (warn "Downloading" ct-url-str "to" (str zip-file)) - (or (when *clojure-tools-download-fn* - (when debug (warn "Attempting download using custom download function...")) - (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url})) - (when (seq clj-jvm-opts) - (when debug (warn "Attempting download using java subprocess... (requires Java11+)")) - (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url})) - (do (when debug (warn "Attempting direct download...")) - (let [res (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})] - (when sha256-url - (clojure-tools-download-direct! {:url sha256-url :dest (str zip-file ".sha256")})) - res)) + (let [res (or (when *clojure-tools-download-fn* + (when debug (warn "Attempting download using custom download function...")) + (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url-str})) + (when (seq clj-jvm-opts) + (prn :via-java) + (when debug (warn "Attempting download using java subprocess... (requires Java11+)")) + (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url-str})) + (do (when debug (warn "Attempting direct download...")) + (prn :via-tools-download-direct) + (let [res (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})] + (when sha256-url-str + (clojure-tools-download-direct! {:url sha256-url-str :dest (str zip-file ".sha256")})) + res)) + (*exit-fn* {:exit ct-error-exit-code + :message (str "Error: Cannot download Clojure tools." + " Please download manually from " ct-url-str + " to " (str (io/file dir ct-zip-name)))}) + ::passthrough)] + (when (and sha256-url-str (not *clojure-tools-download-fn*) (not (.exists sha256-file)) (not= ::passthrough res)) (*exit-fn* {:exit ct-error-exit-code - :message (str "Error: Cannot download Clojure tools." + :message (str "Expected sha256 file to be downloaded to: " sha256-file)})))) + (when (.exists sha256-file) + (let [sha (str/trim (slurp sha256-file)) + bytes (Files/readAllBytes (.toPath zip-file)) + hash (-> (java.security.MessageDigest/getInstance "SHA256") + (.digest bytes)) + hash (-> (new BigInteger 1 hash) + (.toString 16))] + (when-not (= sha hash) + (*exit-fn* {:exit ct-error-exit-code + :message (str "Error: sha256 of zip and expected sha256 do not match: " + hash " vs. " sha "\n" " Please download manually from " ct-url-str - " to " (str (io/file dir ct-zip-name)))}) - {:url ct-url-str :out-dir (str dir) :sha256-url sha256-url})) + " to " (str (io/file dir ct-zip-name)))})))) (warn "Unzipping" (str zip-file) "...") - (when (.exists sha256-file) - (let [sha (str/trim (slurp sha256-file))] - (prn :sha sha))) (unzip zip-file (.getPath dir)) (.delete zip-file) (when config-dir diff --git a/test/borkdude/deps_test.clj b/test/borkdude/deps_test.clj index 21b9d0f..53edc73 100644 --- a/test/borkdude/deps_test.clj +++ b/test/borkdude/deps_test.clj @@ -464,7 +464,7 @@ set) (set '(:paths :deps :aliases :mvn/repos :libs :classpath-roots :classpath :basis-config)))) #_#_(require 'clojure.pprint) - ((requiring-resolve 'clojure.pprint/pprint) basis) + ((requiring-resolve 'clojure.pprint/pprint) basis) (is (contains? (:libs basis) 'medley/medley)))) (deftest long-classpath-test @@ -515,5 +515,5 @@ (swap! classpath-created-count inc)) (#'deps/internal-shell-command cmd {:out out}))] (deps/-main "-Spath") - (deps/-main "-Spath") ; Should not recalculate classpath the second time + (deps/-main "-Spath") ; Should not recalculate classpath the second time (is (= @classpath-created-count 1)))))) From 3b8f647e7115f87cd48da727ffbc1a869a68cd94 Mon Sep 17 00:00:00 2001 From: Michiel Borkent Date: Mon, 14 Aug 2023 21:13:20 +0200 Subject: [PATCH 3/5] fixez Windows --- src/borkdude/deps.clj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/borkdude/deps.clj b/src/borkdude/deps.clj index 1247f4e..42f883b 100755 --- a/src/borkdude/deps.clj +++ b/src/borkdude/deps.clj @@ -580,7 +580,7 @@ public class ClojureToolsDownloader { (when (.exists sha256-file) (let [sha (str/trim (slurp sha256-file)) bytes (Files/readAllBytes (.toPath zip-file)) - hash (-> (java.security.MessageDigest/getInstance "SHA256") + hash (-> (java.security.MessageDigest/getInstance "SHA-256") (.digest bytes)) hash (-> (new BigInteger 1 hash) (.toString 16))] From 9fa0900ad0aeb1168affe8589368da8926a2ca80 Mon Sep 17 00:00:00 2001 From: Michiel Borkent Date: Mon, 14 Aug 2023 21:15:30 +0200 Subject: [PATCH 4/5] v1.11.1.1403 --- CHANGELOG.md | 2 +- resources/DEPS_CLJ_VERSION | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7897d50..b689878 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,7 @@ DEPS_CLJ_TOOLS_VERSION=1.11.1.1165 bb clojure [deps.clj](https://github.com/borkdude/deps.clj): a faithful port of the clojure CLI bash script to Clojure -## Unreleased +## 1.11.1.1403 - [#104](https://github.com/borkdude/deps.clj/issues/104): print repl-aliases in -Sdescribe - Make installation of tools jar more robust using transaction file diff --git a/resources/DEPS_CLJ_VERSION b/resources/DEPS_CLJ_VERSION index c3b0909..3895994 100644 --- a/resources/DEPS_CLJ_VERSION +++ b/resources/DEPS_CLJ_VERSION @@ -1 +1 @@ -1.11.1.1386 +1.11.1.1403 From 49de81d4ad326334898c6b62b8b8a869bc7bd50b Mon Sep 17 00:00:00 2001 From: Michiel Borkent Date: Mon, 14 Aug 2023 21:26:51 +0200 Subject: [PATCH 5/5] clean sha file --- deps.bat | 68 +++++++++++++++++++++++++++++++------------ deps.clj | 68 +++++++++++++++++++++++++++++++------------ src/borkdude/deps.clj | 7 ++--- 3 files changed, 103 insertions(+), 40 deletions(-) diff --git a/deps.bat b/deps.bat index 15b0608..b261f35 100644 --- a/deps.bat +++ b/deps.bat @@ -24,7 +24,7 @@ ;; see https://github.com/clojure/brew-install/blob/1.11.1/CHANGELOG.md (def ^:private version (delay (or (System/getenv "DEPS_CLJ_TOOLS_VERSION") - "1.11.1.1386"))) + "1.11.1.1403"))) (def ^:private cache-version "4") @@ -386,15 +386,19 @@ For more info, see: commit (-> (str/split version #"\.") last (Long/parseLong)) - github-release? (>= commit 1386)] + github-release? (>= commit 1386) + verify-sha256 (>= commit 1403) + url (if github-release? + (format "https://github.com/clojure/brew-install/releases/download/%s/clojure-tools.zip" version) + (format "https://download.clojure.org/install/clojure-tools-%s.zip" version))] {:ct-base-dir "ClojureTools" :ct-error-exit-code 99 :ct-aux-files-names ["exec.jar" "example-deps.edn" "tools.edn"] :ct-jar-name (format "clojure-tools-%s.jar" version) - :ct-url-str (if github-release? - (format "https://github.com/clojure/brew-install/releases/download/%s/clojure-tools.zip" version) - (format "https://download.clojure.org/install/clojure-tools-%s.zip" version)) - :ct-zip-name "clojure-tools.zip"}))) + :ct-url-str url + :ct-zip-name "clojure-tools.zip" + :sha256-url-str (when verify-sha256 + (str url ".sha256"))}))) (def zip-invalid-msg (str/join \n @@ -500,7 +504,7 @@ public class ClojureToolsDownloader { "Downloads `:url` zip file to `:dest` by invoking `java` with `:proxy` options on a `.java` program file, and returns true on success. Requires Java 11+ (JEP 330)." - [{:keys [url dest proxy-opts clj-jvm-opts]}] + [{:keys [url dest proxy-opts clj-jvm-opts sha256-url]}] (let [dest-dir (.getCanonicalPath (io/file dest "..")) dlr-path (clojure-tools-java-downloader-spit dest-dir) java-cmd [(get-java-cmd) "-XX:-OmitStackTraceInFastThrow"] @@ -513,6 +517,11 @@ public class ClojureToolsDownloader { clj-jvm-opts (proxy-jvm-opts proxy-opts) [dlr-path url (str dest)]))}) + (when sha256-url + (*aux-process-fn* {:cmd (vec (concat java-cmd + clj-jvm-opts + (proxy-jvm-opts proxy-opts) + [dlr-path sha256-url (str dest ".sha256")]))})) (io/delete-file dlr-path true) @success?*))) @@ -544,27 +553,50 @@ public class ClojureToolsDownloader { It calls `*exit-fn*` if it cannot download the archive, with instructions how to manually download it." [{:keys [out-dir debug proxy-opts clj-jvm-opts config-dir]}] - (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name]} @clojure-tools-info* + (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name sha256-url-str]} @clojure-tools-info* dir (io/file out-dir) zip-file (io/file out-dir ct-zip-name) + sha256-file (io/file (str zip-file ".sha256")) transaction-start (io/file out-dir "TRANSACTION_START")] (io/make-parents transaction-start) (spit transaction-start "") (when-not (.exists zip-file) (warn "Downloading" ct-url-str "to" (str zip-file)) - (or (when *clojure-tools-download-fn* - (when debug (warn "Attempting download using custom download function...")) - (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts})) - (when (seq clj-jvm-opts) - (when debug (warn "Attempting download using java subprocess... (requires Java11+)")) - (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts})) - (do (when debug (warn "Attempting direct download...")) - (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})) + (let [res (or (when *clojure-tools-download-fn* + (when debug (warn "Attempting download using custom download function...")) + (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url-str})) + (when (seq clj-jvm-opts) + (prn :via-java) + (when debug (warn "Attempting download using java subprocess... (requires Java11+)")) + (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url-str})) + (do (when debug (warn "Attempting direct download...")) + (prn :via-tools-download-direct) + (let [res (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})] + (when sha256-url-str + (clojure-tools-download-direct! {:url sha256-url-str :dest (str zip-file ".sha256")})) + res)) + (*exit-fn* {:exit ct-error-exit-code + :message (str "Error: Cannot download Clojure tools." + " Please download manually from " ct-url-str + " to " (str (io/file dir ct-zip-name)))}) + ::passthrough)] + (when (and sha256-url-str (not *clojure-tools-download-fn*) (not (.exists sha256-file)) (not= ::passthrough res)) (*exit-fn* {:exit ct-error-exit-code - :message (str "Error: Cannot download Clojure tools." + :message (str "Expected sha256 file to be downloaded to: " sha256-file)})))) + (when (.exists sha256-file) + (let [sha (str/trim (slurp sha256-file)) + bytes (Files/readAllBytes (.toPath zip-file)) + hash (-> (java.security.MessageDigest/getInstance "SHA-256") + (.digest bytes)) + hash (-> (new BigInteger 1 hash) + (.toString 16))] + (if-not (= sha hash) + (*exit-fn* {:exit ct-error-exit-code + :message (str "Error: sha256 of zip and expected sha256 do not match: " + hash " vs. " sha "\n" " Please download manually from " ct-url-str " to " (str (io/file dir ct-zip-name)))}) - {:url ct-url-str :out-dir (str dir)})) + (.delete sha256-file)))) (warn "Unzipping" (str zip-file) "...") (unzip zip-file (.getPath dir)) (.delete zip-file) diff --git a/deps.clj b/deps.clj index d9207ba..61f4d89 100755 --- a/deps.clj +++ b/deps.clj @@ -19,7 +19,7 @@ ;; see https://github.com/clojure/brew-install/blob/1.11.1/CHANGELOG.md (def ^:private version (delay (or (System/getenv "DEPS_CLJ_TOOLS_VERSION") - "1.11.1.1386"))) + "1.11.1.1403"))) (def ^:private cache-version "4") @@ -381,15 +381,19 @@ For more info, see: commit (-> (str/split version #"\.") last (Long/parseLong)) - github-release? (>= commit 1386)] + github-release? (>= commit 1386) + verify-sha256 (>= commit 1403) + url (if github-release? + (format "https://github.com/clojure/brew-install/releases/download/%s/clojure-tools.zip" version) + (format "https://download.clojure.org/install/clojure-tools-%s.zip" version))] {:ct-base-dir "ClojureTools" :ct-error-exit-code 99 :ct-aux-files-names ["exec.jar" "example-deps.edn" "tools.edn"] :ct-jar-name (format "clojure-tools-%s.jar" version) - :ct-url-str (if github-release? - (format "https://github.com/clojure/brew-install/releases/download/%s/clojure-tools.zip" version) - (format "https://download.clojure.org/install/clojure-tools-%s.zip" version)) - :ct-zip-name "clojure-tools.zip"}))) + :ct-url-str url + :ct-zip-name "clojure-tools.zip" + :sha256-url-str (when verify-sha256 + (str url ".sha256"))}))) (def zip-invalid-msg (str/join \n @@ -495,7 +499,7 @@ public class ClojureToolsDownloader { "Downloads `:url` zip file to `:dest` by invoking `java` with `:proxy` options on a `.java` program file, and returns true on success. Requires Java 11+ (JEP 330)." - [{:keys [url dest proxy-opts clj-jvm-opts]}] + [{:keys [url dest proxy-opts clj-jvm-opts sha256-url]}] (let [dest-dir (.getCanonicalPath (io/file dest "..")) dlr-path (clojure-tools-java-downloader-spit dest-dir) java-cmd [(get-java-cmd) "-XX:-OmitStackTraceInFastThrow"] @@ -508,6 +512,11 @@ public class ClojureToolsDownloader { clj-jvm-opts (proxy-jvm-opts proxy-opts) [dlr-path url (str dest)]))}) + (when sha256-url + (*aux-process-fn* {:cmd (vec (concat java-cmd + clj-jvm-opts + (proxy-jvm-opts proxy-opts) + [dlr-path sha256-url (str dest ".sha256")]))})) (io/delete-file dlr-path true) @success?*))) @@ -539,27 +548,50 @@ public class ClojureToolsDownloader { It calls `*exit-fn*` if it cannot download the archive, with instructions how to manually download it." [{:keys [out-dir debug proxy-opts clj-jvm-opts config-dir]}] - (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name]} @clojure-tools-info* + (let [{:keys [ct-error-exit-code ct-url-str ct-zip-name sha256-url-str]} @clojure-tools-info* dir (io/file out-dir) zip-file (io/file out-dir ct-zip-name) + sha256-file (io/file (str zip-file ".sha256")) transaction-start (io/file out-dir "TRANSACTION_START")] (io/make-parents transaction-start) (spit transaction-start "") (when-not (.exists zip-file) (warn "Downloading" ct-url-str "to" (str zip-file)) - (or (when *clojure-tools-download-fn* - (when debug (warn "Attempting download using custom download function...")) - (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts})) - (when (seq clj-jvm-opts) - (when debug (warn "Attempting download using java subprocess... (requires Java11+)")) - (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts})) - (do (when debug (warn "Attempting direct download...")) - (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})) + (let [res (or (when *clojure-tools-download-fn* + (when debug (warn "Attempting download using custom download function...")) + (*clojure-tools-download-fn* {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url-str})) + (when (seq clj-jvm-opts) + (prn :via-java) + (when debug (warn "Attempting download using java subprocess... (requires Java11+)")) + (clojure-tools-download-java! {:url ct-url-str :dest (str zip-file) :proxy-opts proxy-opts :clj-jvm-opts clj-jvm-opts :sha256-url sha256-url-str})) + (do (when debug (warn "Attempting direct download...")) + (prn :via-tools-download-direct) + (let [res (clojure-tools-download-direct! {:url ct-url-str :dest zip-file})] + (when sha256-url-str + (clojure-tools-download-direct! {:url sha256-url-str :dest (str zip-file ".sha256")})) + res)) + (*exit-fn* {:exit ct-error-exit-code + :message (str "Error: Cannot download Clojure tools." + " Please download manually from " ct-url-str + " to " (str (io/file dir ct-zip-name)))}) + ::passthrough)] + (when (and sha256-url-str (not *clojure-tools-download-fn*) (not (.exists sha256-file)) (not= ::passthrough res)) (*exit-fn* {:exit ct-error-exit-code - :message (str "Error: Cannot download Clojure tools." + :message (str "Expected sha256 file to be downloaded to: " sha256-file)})))) + (when (.exists sha256-file) + (let [sha (str/trim (slurp sha256-file)) + bytes (Files/readAllBytes (.toPath zip-file)) + hash (-> (java.security.MessageDigest/getInstance "SHA-256") + (.digest bytes)) + hash (-> (new BigInteger 1 hash) + (.toString 16))] + (if-not (= sha hash) + (*exit-fn* {:exit ct-error-exit-code + :message (str "Error: sha256 of zip and expected sha256 do not match: " + hash " vs. " sha "\n" " Please download manually from " ct-url-str " to " (str (io/file dir ct-zip-name)))}) - {:url ct-url-str :out-dir (str dir)})) + (.delete sha256-file)))) (warn "Unzipping" (str zip-file) "...") (unzip zip-file (.getPath dir)) (.delete zip-file) diff --git a/src/borkdude/deps.clj b/src/borkdude/deps.clj index 42f883b..49269a4 100755 --- a/src/borkdude/deps.clj +++ b/src/borkdude/deps.clj @@ -510,12 +510,10 @@ public class ClojureToolsDownloader { (proxy-jvm-opts proxy-opts) [dlr-path url (str dest)]))}) (when sha256-url - (prn :downloading) (*aux-process-fn* {:cmd (vec (concat java-cmd clj-jvm-opts (proxy-jvm-opts proxy-opts) [dlr-path sha256-url (str dest ".sha256")]))})) - (prn :downloaded) (io/delete-file dlr-path true) @success?*))) @@ -584,12 +582,13 @@ public class ClojureToolsDownloader { (.digest bytes)) hash (-> (new BigInteger 1 hash) (.toString 16))] - (when-not (= sha hash) + (if-not (= sha hash) (*exit-fn* {:exit ct-error-exit-code :message (str "Error: sha256 of zip and expected sha256 do not match: " hash " vs. " sha "\n" " Please download manually from " ct-url-str - " to " (str (io/file dir ct-zip-name)))})))) + " to " (str (io/file dir ct-zip-name)))}) + (.delete sha256-file)))) (warn "Unzipping" (str zip-file) "...") (unzip zip-file (.getPath dir)) (.delete zip-file)