vyatta-cfg-system.git/scripts/install/install-image, branch cla

vyatta-cfg-system.git/scripts/install/install-image, branch cla Vyatta system-level configuration templates/scripts (mirror of https://github.com/vyos/vyatta-cfg-system.git) https://git.amelek.net/vyos/vyatta-cfg-system.git/atom?h=cla 2023-11-14T17:25:16+00:00 remote: T5726: Replace the download procedure call 2023-11-14T17:25:16+00:00 erkin me@erkin.party 2023-11-14T17:25:16+00:00 urn:sha1:77b37732f99ca67addfde6567d5ba61173ab7730 gpg: T3879: fix signature validation 2021-10-16T16:54:46+00:00 Christian Poessinger christian@poessinger.com 2021-10-16T16:53:39+00:00 urn:sha1:ab6da230b7ee01c7667cb6f215ca02bfcf505b14 (cherry picked from commit 217c4b5c165e9e8a64bfe82d3ddade256b0990e0) install-image: T2108: use minisign backup key if primary key fails 2021-09-06T10:38:32+00:00 Christian Poessinger christian@poessinger.com 2021-09-06T10:31:45+00:00 urn:sha1:7518c12e511464ac49353597f5bdac0d6d152c99 (cherry picked from commit 0c5edf1ced2872c495b190977db575deaf28fa1c) install-image: remove whitespaces after . 2021-09-06T10:34:12+00:00 Christian Poessinger christian@poessinger.com 2021-09-06T10:31:21+00:00 urn:sha1:fe5c06993da7b5c3979c95b7820c0080d9107c44 (cherry picked from commit c36db1614b60fc180d016fd3b7f64d9342a503a6) install-image: T2108: verify image by using minisign over GPG 2021-08-26T18:27:33+00:00 Christian Poessinger christian@poessinger.com 2021-08-26T18:27:33+00:00 urn:sha1:b5e7192e911692bcd28748674f84a56c5c125aab We will first download and try to verify the image using the generated minisign signature. If this fails, we try to retrieve the GPG signature file. T3356: Remove redundant error message 2021-06-13T19:11:36+00:00 erkin e.altunbas@vyos.io 2021-06-13T19:11:36+00:00 urn:sha1:34dc0fb63d7367ac61fc529411e97cf6df6d1812 T3356: remote: Read username and password from environment variables 2021-05-18T12:52:10+00:00 erkin e.altunbas@vyos.io 2021-05-18T12:52:10+00:00 urn:sha1:a31b092a4f6297cf13261023cb17e8c8e1e6b315 T3356: Switch install-image from curl to remote.py 2021-05-18T11:14:35+00:00 erkin e.altunbas@vyos.io 2021-05-18T11:14:35+00:00 urn:sha1:4fdebae4d858acd67f35385df3d7428fc6d60a87 T3351: Check for SHA256 files 2021-05-10T19:34:39+00:00 Lulu Cathrinus Grimalkin e.altunbas@vyos.io 2021-05-10T19:34:39+00:00 urn:sha1:085d0148c3d7d22afc5ce4fc10750b67c8cdfe26 Fall back to MD5 if SHA256 checksums could not be found Don't bother downloading .iso.sha256 files image: T3027: do not rely on the ISO filename when calculating sha256 hash 2020-10-28T16:25:23+00:00 Christian Poessinger christian@poessinger.com 2020-10-28T16:25:15+00:00 urn:sha1:840a815d620a629b093bd849b7d6e60f94f087e3 Updating a running VyOS installation by using the "add system image" command pointing to https://downloads.vyos.io/rolling/current/amd64/vyos-rolling-latest.iso will break the validation due to filename missmatch. The root cause for this is the sha256 checksum file itself. It contains the hash and the filename used when hashing. When running "sha256sum --check" during the upgrade it expects the "real" filename when calculating and verifying the hash. The real filename differs when using the vyos-rolling-latest.iso symlink on the webserver as it will tell the running VyOS installation a different filename and the validation fails. This is now fixed by not depending on the filename when verifying the hash. We simply calculate the hash of the downloaded file and compare it to the has we saved inside the checksum file and totally ignore the filename itself.