image: T3027: do not rely on the ISO filename when calculating sha256 hash - vyatta-cfg-system.git - Vyatta system-level configuration templates/scripts (mirror of https://github.com/vyos/vyatta-cfg-system.git)

diff options

author	Christian Poessinger <christian@poessinger.com>	2020-10-28 17:25:15 +0100
committer	Christian Poessinger <christian@poessinger.com>	2020-10-28 17:25:23 +0100
commit	840a815d620a629b093bd849b7d6e60f94f087e3 (patch)
tree	3c48cd67364934693cb937726e38a0cc99a85d66 /scripts/vyatta-update-tunnel.pl
parent	63162ff9d1ca8c7ecef2f37b958e9436a0c9bf62 (diff)
download	vyatta-cfg-system-840a815d620a629b093bd849b7d6e60f94f087e3.tar.gz vyatta-cfg-system-840a815d620a629b093bd849b7d6e60f94f087e3.zip

image: T3027: do not rely on the ISO filename when calculating sha256 hash

Updating a running VyOS installation by using the "add system image" command pointing to https://downloads.vyos.io/rolling/current/amd64/vyos-rolling-latest.iso will break the validation due to filename missmatch. The root cause for this is the sha256 checksum file itself. It contains the hash and the filename used when hashing. When running "sha256sum --check" during the upgrade it expects the "real" filename when calculating and verifying the hash. The real filename differs when using the vyos-rolling-latest.iso symlink on the webserver as it will tell the running VyOS installation a different filename and the validation fails. This is now fixed by not depending on the filename when verifying the hash. We simply calculate the hash of the downloaded file and compare it to the has we saved inside the checksum file and totally ignore the filename itself.

Diffstat (limited to 'scripts/vyatta-update-tunnel.pl')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: