From 527907118c8493afdb032dcff06222a4d7da98e0 Mon Sep 17 00:00:00 2001
From: Dennis Groenen <tj.groenen@gmail.com>
Date: Tue, 16 Oct 2012 11:05:55 +0200
Subject: [PATCH] use SHA1 hashes instead of MD5 hashes

---
 debian/scripts/install-binary.sh   |   16 ++++++++--------
 debian/scripts/uninstall-binary.sh |   26 +++++++++++++-------------
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/debian/scripts/install-binary.sh b/debian/scripts/install-binary.sh
index 2a9de6f..c1141b9 100755
--- a/debian/scripts/install-binary.sh
+++ b/debian/scripts/install-binary.sh
@@ -37,12 +37,12 @@ CHECK_SYMLINKSFILE() {
     fi
 }
 
-# Create MD5 hashes of relevant binaries
+# Create SHA1 hashes of relevant binaries
 HASH_BINARIES() {
-    $EXECPWR md5sum $INSTALLDIR/busybox.power | $EXECPWR awk '{ print $1 }' \
-      > $INSTALLDIR/busybox.power.md5
-    $EXECPWR md5sum /bin/busybox | $EXECPWR awk '{ print $1 }' \
-      > $INSTALLDIR/busybox.original.md5
+    $EXECPWR sha1sum $INSTALLDIR/busybox.power | $EXECPWR awk '{ print $1 }' \
+      > $INSTALLDIR/busybox.power.sha1
+    $EXECPWR sha1sum /bin/busybox | $EXECPWR awk '{ print $1 }' \
+      > $INSTALLDIR/busybox.original.sha1
 }
 
 # Backup the original BusyBox binary
@@ -55,9 +55,9 @@ BACKUP() {
         ;;
       FREMANTLE)
         # Check whether busybox-power isn't somehow installed already
-        INSTBINARY_MD5=`$EXECPWR cat $INSTALLDIR/busybox.power.md5`
-        ORIGBINARY_MD5=`$EXECPWR cat $INSTALLDIR/busybox.original.md5`
-        if test "$INSTBINARY_MD5" == "$ORIGBINARY_MD5"; then
+        INSTBINARY_SHA1=`$EXECPWR cat $INSTALLDIR/busybox.power.sha1`
+        ORIGBINARY_SHA1=`$EXECPWR cat $INSTALLDIR/busybox.original.sha1`
+        if test "$INSTBINARY_SHA1" == "$ORIGBINARY_SHA1"; then
           echo "warning: installed busybox binary matches the binary"
           echo "  that is to be installed"
           if ! test -e $INSTALLDIR/busybox.original; then 
diff --git a/debian/scripts/uninstall-binary.sh b/debian/scripts/uninstall-binary.sh
index f76db36..479a553 100755
--- a/debian/scripts/uninstall-binary.sh
+++ b/debian/scripts/uninstall-binary.sh
@@ -35,24 +35,24 @@ CHECK_BACKUP() {
     fi
 
     # Secondly, check the integrity of the backup
-    if test -e $INSTALLDIR/busybox.original.md5; then
-      INSTBINARY_MD5=`cat $INSTALLDIR/busybox.original.md5`
-      ORIGBINARY_MD5=`md5sum $INSTALLDIR/busybox.original | awk '{ print $1 }'`
-      if test ! "$INSTBINARY_MD5" == "$ORIGBINARY_MD5"; then
-        echo -e "Warning: the backed-up original binary has been modified since installing busybox-power (invalid md5 checksum). Do not continue unless you're sure $INSTALLDIR/busybox.original isn't corrupted.\n" >> /tmp/busybox-power-error
+    if test -e $INSTALLDIR/busybox.original.sha1; then
+      INSTBINARY_SHA1=`cat $INSTALLDIR/busybox.original.sha1`
+      ORIGBINARY_SHA1=`sha1sum $INSTALLDIR/busybox.original | awk '{ print $1 }'`
+      if test ! "$INSTBINARY_SHA1" == "$ORIGBINARY_SHA1"; then
+        echo -e "Warning: the backed-up original binary has been modified since installing busybox-power (invalid SHA1 checksum). Do not continue unless you're sure $INSTALLDIR/busybox.original isn't corrupted.\n" >> /tmp/busybox-power-error
       fi
     else
-      echo -e "Warning: couldn't load the saved md5 checksum of the original binary; the integrity of the backup of the original binary can not be guaranteed.\n" >> /tmp/busybox-power-error
+      echo -e "Warning: couldn't load the saved SHA1 checksum of the original binary; the integrity of the backup of the original binary can not be guaranteed.\n" >> /tmp/busybox-power-error
     fi
 }
 
 # Check whether /bin/busybox has been modified after bb-power's installation
 CHECK_INSTALLEDBIN() {
-    if test -e $INSTALLDIR/busybox.power.md5; then
-      INSTBINARY_MD5=`md5sum /bin/busybox | awk '{ print $1 }'`
-      ORIGBINARY_MD5=`cat $INSTALLDIR/busybox.power.md5`
-      if test ! "$INSTBINARY_MD5" == "$ORIGBINARY_MD5"; then
-        echo -e "Warning: /bin/busybox has been modified since installing busybox-power (invalid md5 checksum). This can be the result of a busybox upgrade, e.g. from CSSU. Your current /bin/busybox won't be touched, our backup of the original /bin/busybox will be copied to /opt/busybox.original. \n" >> /tmp/busybox-power-error
+    if test -e $INSTALLDIR/busybox.power.sha1; then
+      INSTBINARY_SHA1=`sha1sum /bin/busybox | awk '{ print $1 }'`
+      ORIGBINARY_SHA1=`cat $INSTALLDIR/busybox.power.sha1`
+      if test ! "$INSTBINARY_SHA1" == "$ORIGBINARY_SHA1"; then
+        echo -e "Warning: /bin/busybox has been modified since installing busybox-power (invalid SHA1 checksum). This can be the result of a busybox upgrade, e.g. from CSSU. Your current /bin/busybox won't be touched, our backup of the original /bin/busybox will be copied to /opt/busybox.original. \n" >> /tmp/busybox-power-error
         MODIFIEDBIN="1"
       fi
     fi
@@ -144,8 +144,8 @@ UNSYMLINK() {
 # Action to be performed after restoring original busybox
 CLEANUP() {
     OLDFILES="busybox-power.symlinks
-      busybox.power.md5
-      busybox.original.md5"
+      busybox.power.sha1
+      busybox.original.sha1"
 
     for file in $OLDFILES; do
       if test -e $INSTALLDIR/$file; then
-- 
1.7.9.5