--- a/tools/userland-fetch Thu May 21 16:49:12 2015 -0700
+++ b/tools/userland-fetch Thu May 21 23:34:16 2015 -0700
@@ -352,7 +352,8 @@
# that the expected hash is just a typo, but we
# warn just in case.
if sig_valid:
- print "invalid hash!"
+ print "invalid hash! Did you forget " \
+ "to update it?"
else:
print "corruption detected"
@@ -360,9 +361,24 @@
print " actual: %s" % realhash
print " payload: %s" % payloadhash
- # An invalid hash shouldn't cause us to remove
- # the target file if the signature was valid.
- if not sig_valid:
+ # If the hash is invalid, but the signature
+ # validation succeeded, rename the archive (so
+ # the user doesn't have to re-download it) and
+ # fail. Otherwise, try to remove the file and
+ # try again.
+ if sig_valid:
+ newname = name + ".invalid-hash"
+ try:
+ os.rename(name, newname)
+ except OSError:
+ pass
+ else:
+ print "archive saved as %s; " \
+ "if it isn't corrupt, " \
+ "rename to %s" % (newname,
+ name)
+ sys.exit(1)
+ else:
try:
os.remove(name)
except OSError: