#!/bin/bash
#
# simple file to download and verify a file
# Copyright 2002, Perry Lorier
# 
# Released under the GPL
#

function fetch() {
	wget -q $1
}

function verify_md5() {
	rm -f MD5SUMS ; fetch $DIR/MD5SUMS
	MD5_ERROR=$?
	if [ $MD5_ERROR -eq 0 ]; then
		cat MD5SUMS | grep $FILE | md5sum -c 
		MD5_ERROR=$?
		if [ $MD5_ERROR -gt 0 ]; then
			echo "$FILE: MD5SUM's don't match"
		else
			echo "$FILE: MD5SUM's match!"
		fi
	else
		echo Unable to fetch MD5SUMS
	fi
}

function verify_ascii() {
	rm -f $FILE.asc ; fetch $URL.asc
	ASC_ERROR=$?
	if [ $ASC_ERROR -eq 0 ]; then
		gpg --batch --quiet --verify $FILE.asc $FILE
		ASC_ERROR=$?
		if [ $MD5_ERROR -gt 0 ]; then
			echo "$FILE: ASCII signature does not match"
		fi
	else
		echo Unable to fetch $FILE.asc
	fi
}

function verify_gpg() {
	rm -f $FILE.asc ; fetch $URL.sig
	ASC_ERROR=$?
	if [ $ASC_ERROR -eq 0 ]; then
		gpg --batch --quiet --verify $FILE.sig $FILE
		ASC_ERROR=$?
		if [ $MD5_ERROR -gt 0 ]; then
			echo "$FILE: GPG signature does not match"
		fi
	else
		echo Unable to fetch $FILE.sig
	fi
}

function grab_file() {
	URL=$1
	FILE=$(basename $1)
	DIR=$(dirname $1)
	wget -nc $1
	verify_md5
	verify_ascii
	verify_gpg
}

if [ $# -eq 0 ]; then
	echo usage:
	echo " $0 url..."
else
	for i in $*; do
		grab_file $i
	done
fi