diff options
author | Jeremy Cline <jeremy@jcline.org> | 2018-04-02 14:55:36 -0400 |
---|---|---|
committer | Jeremy Cline <jeremy@jcline.org> | 2018-04-09 11:31:10 -0400 |
commit | 192ccb6e5f187877d6fa461993727dbd3a528e3c (patch) | |
tree | 4511dcefde2e5b08ca15731ef33295d9b32af2de /scripts/stable-update.sh | |
parent | 5324c746460e3f5b248cfe9fec25f3e2a3a23163 (diff) | |
download | kernel-192ccb6e5f187877d6fa461993727dbd3a528e3c.tar.gz kernel-192ccb6e5f187877d6fa461993727dbd3a528e3c.tar.xz kernel-192ccb6e5f187877d6fa461993727dbd3a528e3c.zip |
Download patch signatures and verify them
Before uploading the source files, verify the GPG signature is good.
Signed-off-by: Jeremy Cline <jeremy@jcline.org>
Diffstat (limited to 'scripts/stable-update.sh')
-rwxr-xr-x | scripts/stable-update.sh | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/scripts/stable-update.sh b/scripts/stable-update.sh index eefd9a96d..2ea5fb78b 100755 --- a/scripts/stable-update.sh +++ b/scripts/stable-update.sh @@ -42,6 +42,21 @@ if [ ! -f patch-$1.xz ]; then fi fi +if [ ! -f "patch-$1.sign" ]; then + wget "https://cdn.kernel.org/pub/linux/kernel/v4.x/patch-$1.sign" + if [ ! $? -eq 0 ]; then + echo "Signature download failed" + exit 1 + fi +fi + +xzcat "patch-$1.xz" | gpg2 --verify "patch-$1.sign" - +if [ ! $? -eq 0 ]; then + echo "Patch file has invalid or untrusted signature!" + echo "See https://www.kernel.org/category/signatures.html" + exit 1 +fi + grep $1 sources &> /dev/null if [ ! $? -eq 0 ]; then fedpkg upload patch-$1.xz |