#!/bin/sh

# 0. obtain the untrusted file into trusted location
# 1. check md5 AND sha1 against trusted checksums
# 2. execute the payload (it must be .run equivalent)
# 3. drop the checked file (no way to reget it anyways)

exit_handler() {
	local rc=$1
	rm -f -- "$safedir/$filename" "$remove"
	exit $rc
}
trap 'exit_handler $?' EXIT

safedir="/var/cache/userinstall/files"
checksumdir="/var/cache/userinstall/goodsums"

[ -d "$safedir" ] || exit 1

usage() {
	echo "Please read `realpath "$0"` to use it." >&2
	exit 0
}

# a filename or a pkgname
object="$2"
remove=

# filename case
check() {
	[ -n "$object" -a -s "$object" ] || exit 3

	cd "$safedir"
	cp -t . -- "$object" && remove="$object" || exit 4

	filename="$(basename "$object")"
	md5="$(md5sum "$object" | cut -f1 -d' ')"
	sha1="$(sha1sum "$object" | cut -f1 -d' ')"

	grep -q "^$md5$" "$checksumdir/$filename" || exit 5
	grep -q "^$sha1$" "$checksumdir/$filename" || exit 6
}

case "$1" in
--run)
	check && RUN="sh --";;
--install)
	check && RUN="rpm -Uvh --";;
--rpminstall)
	check && RUN="rpminstall";;
--remove)
	RUN="rpm -e --justdb --";;
--help)
	usage;;
*)
	exit 6;;
esac

[ -n "$RUN" ] || exit 254
$RUN "$object" >&2
