summaryrefslogtreecommitdiffstats
path: root/vagrant/lib
diff options
context:
space:
mode:
authorTails developers <amnesia@boum.org>2012-05-12 17:51:30 +0200
committerTails developers <amnesia@boum.org>2012-05-16 12:50:33 +0200
commit703e118c80a355b8c43e927b83b6ef785f96d7ef (patch)
treefe0fa839b078acb4f5f82e4b3f8544a06e999baa /vagrant/lib
parentc70173c9c8d69d763ca90a26ce97cf2846013e5c (diff)
vagrant: Download and verify squeeze.box from Tails mirror
Vagrant does not currently offer any way to verify a downloaded box file. In order to overcome this limitation, we monkey-patch Vagrant::Action::Box::Download#download method to verify a checksum right after the file has been retrieved. This should definitely implemented upstream in a more proper way but it will do for now.
Diffstat (limited to 'vagrant/lib')
-rw-r--r--vagrant/lib/vagrant_verified_download.rb37
1 files changed, 37 insertions, 0 deletions
diff --git a/vagrant/lib/vagrant_verified_download.rb b/vagrant/lib/vagrant_verified_download.rb
new file mode 100644
index 0000000..976aa47
--- /dev/null
+++ b/vagrant/lib/vagrant_verified_download.rb
@@ -0,0 +1,37 @@
+# Tails: The Amnesic Incognito Live System
+# Copyright © 2012 Tails developers <tails@boum.org>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+require 'digest'
+
+# The following will monkeypatch Vagrant (successfuly tested against Vagrant
+# 1.0.2) in order to verify the checksum of a downloaded box.
+module Vagrant
+ class Config::VMConfig
+ attr_accessor :box_checksum
+ end
+
+ class Action::Box::Download
+ alias :unverified_download :download
+ def download
+ unverified_download
+
+ checksum = Digest::SHA256.new.file(@temp_path).hexdigest
+ if checksum != @env['global_config'].vm.box_checksum
+ raise Errors::BoxVerificationFailed.new
+ end
+ end
+ end
+end