aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authoronefang2019-11-26 01:03:55 +1000
committeronefang2019-11-26 01:03:55 +1000
commit3b7c66c9b0501c74916906c06a1b6f2d16c57779 (patch)
tree52747984469cbf910edf4066ba3dc3c06e92c72d
parentPut stamp file back. (diff)
downloadapt-panopticon-3b7c66c9b0501c74916906c06a1b6f2d16c57779.zip
apt-panopticon-3b7c66c9b0501c74916906c06a1b6f2d16c57779.tar.gz
apt-panopticon-3b7c66c9b0501c74916906c06a1b6f2d16c57779.tar.bz2
apt-panopticon-3b7c66c9b0501c74916906c06a1b6f2d16c57779.tar.xz
Basic integrity check - GPG verify Release files.
Diffstat (limited to '')
-rwxr-xr-xapt-panopticon.lua8
1 files changed, 8 insertions, 0 deletions
diff --git a/apt-panopticon.lua b/apt-panopticon.lua
index bf6f2bc..99f9418 100755
--- a/apt-panopticon.lua
+++ b/apt-panopticon.lua
@@ -75,6 +75,7 @@ local releaseFiles =
75{ 75{
76 -- Release file. 76 -- Release file.
77 "/Release", -- 3.7 MB 77 "/Release", -- 3.7 MB
78 "/Release.gpg", --
78-- "/InRelease", -- 3.7 MB 79-- "/InRelease", -- 3.7 MB
79-- "/main/binary-all/Packages.xz", -- 2.6 GB for all that changed recently. 80-- "/main/binary-all/Packages.xz", -- 2.6 GB for all that changed recently.
80 -- Contents files. -- 3.3 GB 81 -- Contents files. -- 3.3 GB
@@ -624,6 +625,13 @@ local postDownload = function(host, r, k)
624 " && [ ! -f results/" .. host .. "/merged/dists/" .. r .. k .. " ]; then cp" .. 625 " && [ ! -f results/" .. host .. "/merged/dists/" .. r .. k .. " ]; then cp" ..
625 " results/" .. host .. "/merged/dists/" .. r .. k .. ".old" .. 626 " results/" .. host .. "/merged/dists/" .. r .. k .. ".old" ..
626 " results/" .. host .. "/merged/dists/" .. r .. k .. "; fi") 627 " results/" .. host .. "/merged/dists/" .. r .. k .. "; fi")
628 if testing("Integrity") then
629 if ".gpg" == k:sub(-4, -1) then
630 local status, out = execute("gpgv --keyring /usr/share/keyrings/devuan-keyring.gpg results/" .. host .. "/merged/dists/" .. r .. k ..
631 " results/" .. host .. "/merged/dists/" .. r .. k:sub(1, -5) .. " 2>/dev/null")
632 if "0" ~= status then E("GPG check failed - " .. host .. "/merged/dists/" .. r .. k, "http", "Integrity", host) end
633 end
634 end
627end 635end
628 636
629local downloadLock = "flock -n results/curl-" 637local downloadLock = "flock -n results/curl-"