Add scripts to handle package fetching from repo

building/build-iso/generate.sh

@@ -30,10 +30,13 @@ ADMITVER="$(head -n 1 ../build-debs/homeworld-admitclient/debian/changelog | cut
 cp "../build-debs/binaries/homeworld-apt-setup_${SETUPVER}_amd64.deb" "."
 cp "../build-debs/binaries/homeworld-admitclient_${ADMITVER}_amd64.deb" "."
 cp "${ADMISSION_PUBKEY}" admission.pem
+./utils/verify-homeworld-repo.py
+./utils/fetch-package-from-repo.py homeworld-apt-setup
+./utils/fetch-package-from-repo.py homeworld-admitclient
 echo "ADMISSION_SERVER=\"${ADMISSION_SERVER}\"" >admission.conf
 cpio -o -H newc -A -F cd/initrd <<EOF
-homeworld-apt-setup_${SETUPVER}_amd64.deb
-homeworld-admitclient_${ADMITVER}_amd64.deb
+homeworld-apt-setup_*_amd64.deb
+homeworld-admitclient_*_amd64.deb
 admission.pem
 admission.conf
 preseed.cfg

building/build-iso/utils/fetch-package-from-repo.py

@@ -0,0 +1,41 @@
+import sys
+import subprocess
+
+repo_url = "http://web.mit.edu/hyades/debian/"
+
+if len(sys.argv) < 2:
+    print("Usage: ", sys.argv[0], "<package name>")
+    exit(0)
+
+package_name = sys.argv[1]
+print("Looking for: ", package_name)
+#package_version = sys.argv[2]
+packages_file = open("Packages")
+line = packages_file.readline().strip()
+escape = 0
+while not line == ("Package: " + package_name) and escape < 2:
+    if line == "":
+        escape += 1
+    else:
+        escape = 0
+    line = packages_file.readline().strip()
+
+url = None
+while line is not "":
+    if line.startswith("Filename: "):
+        line = line.replace("Filename: ", "")
+        url = repo_url + line
+        break
+    line = packages_file.readline().strip()
+
+if url is None:
+    print("Unknown Package Name")
+    exit(1)
+
+print("Downloading file from url:", url)
+subprocess.call(["curl", "-O", url])
+print("Done!")
+
+
+
+

building/build-iso/utils/verify-homeworld-repo.py

@@ -0,0 +1,67 @@
+#!/usr/bin/python3.6
+
+import re
+import hashlib
+import urllib.request
+import subprocess
+
+with urllib.request.urlopen('http://web.mit.edu/hyades/debian/dists/homeworld/Release.gpg') as response:
+    file = open("Release.gpg", "w")
+    file.write(response.read().decode('utf-8'))
+    file.close()
+
+with urllib.request.urlopen('http://web.mit.edu/hyades/debian/dists/homeworld/Release') as response:
+    file = open("Release", "w")
+    file.write(response.read().decode('utf-8'))
+    file.close()
+
+gpg_verify_exit_code = subprocess.call(["gpg", "--no-default-keyring", "--keyring", "../../build-debs/homeworld-apt-setup/homeworld-archive-keyring.gpg",
+                 "--verify", "Release.gpg", "Release"])
+
+if gpg_verify_exit_code:
+    print("Failed to verify the Homeworld repo Release file")
+    exit(1)
+
+release_file = open('Release', 'r')
+engaged = False
+sha256_hash = None
+for line in release_file:
+    if line == 'SHA256:\n':
+        engaged = True
+        continue
+    if engaged:
+        if line[0] == ' ':
+            line2 = re.sub(r"^(\w+) \d+ ([^ ]+)$", r"\2", line.strip())
+            if line2 == 'main/binary-amd64/Packages':
+                sha256_hash = re.sub(r"^(\w+) \d+ ([^ ]+)$", r"\1", line.strip())
+                print('Found Packages SHA-256 Hash:', sha256_hash)
+        else:
+            engaged = False
+            break
+release_file.close()
+
+if sha256_hash is None:
+    print("Failed to extract SHA-256 Hash for Homeworld's repo Packages. Aborting...")
+    exit(1)
+
+Packages = None
+with urllib.request.urlopen('http://web.mit.edu/hyades/debian/dists/homeworld/main/binary-amd64/Packages') as response:
+    Packages = response.read()
+
+if Packages is None:
+    print("Failed to fetch Homeworld's Packages file from repo. Aborting...")
+    exit(1)
+
+packages_hash = hashlib.sha256(Packages).hexdigest()
+if not packages_hash == sha256_hash:
+    print("Packages file verification failed. Aborting...")
+    exit(1)
+else:
+    print("Verified Packages file from repo")
+
+packages_file = open("Packages", "w")
+packages_file.write(Packages.decode('utf-8'))
+packages_file.close()
+
+print("Packages file saved as Packages.")
+print("Done!")