summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-09-06 12:31:45 +0200
committerChristian Poessinger <christian@poessinger.com>2021-09-06 12:38:32 +0200
commit7518c12e511464ac49353597f5bdac0d6d152c99 (patch)
tree7f84788cb8c41bb85f454602932d0f666daed4b2 /scripts
parentfe5c06993da7b5c3979c95b7820c0080d9107c44 (diff)
downloadvyatta-cfg-system-7518c12e511464ac49353597f5bdac0d6d152c99.tar.gz
vyatta-cfg-system-7518c12e511464ac49353597f5bdac0d6d152c99.zip
install-image: T2108: use minisign backup key if primary key fails
(cherry picked from commit 0c5edf1ced2872c495b190977db575deaf28fa1c)
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/install/install-image7
1 files changed, 6 insertions, 1 deletions
diff --git a/scripts/install/install-image b/scripts/install/install-image
index 13de9ab0..5e040e5e 100755
--- a/scripts/install/install-image
+++ b/scripts/install/install-image
@@ -139,7 +139,12 @@ fetch_iso_by_url ()
echo "Checking digital signature..."
if [ -f ${filename}.minisig ]; then
minisign -V -q -p /usr/share/vyos/keys/vyos-release.minisign.pub -m ${filename} -x ${filename}.minisig
- elif [ -f ${filename}.asc ]; then
+ if [ $? -ne 0 ]; then
+ echo "Signature check FAILED, trying BACKUP key..."
+ minisign -V -q -p /usr/share/vyos/keys/vyos-backup.minisign.pub -m ${filename} -x ${filename}.minisig
+ fi
+ fi
+ if [ -f ${filename}.asc ]; then
gpg --keyring /etc/apt/trusted.gpg --verify ${filename}.asc
fi
if [ $? -ne 0 ]; then