diff options
| author | Jeremy Cline <jeremy@jcline.org> | 2018-04-02 14:55:36 -0400 |
|---|---|---|
| committer | Jeremy Cline <jeremy@jcline.org> | 2018-04-09 11:32:01 -0400 |
| commit | d1b9c24e9410811046d7f579152b11060f36e3b0 (patch) | |
| tree | 77d0c71a80f1ba08358ef32a74430bb4b48be3cb /scripts | |
| parent | 12d6dcc62be2b6926d6ffdf12ee82ecbc10ad94c (diff) | |
| download | kernel-d1b9c24e9410811046d7f579152b11060f36e3b0.tar.gz kernel-d1b9c24e9410811046d7f579152b11060f36e3b0.tar.xz kernel-d1b9c24e9410811046d7f579152b11060f36e3b0.zip | |
Download patch signatures and verify them
Before uploading the source files, verify the GPG signature is good.
Signed-off-by: Jeremy Cline <jeremy@jcline.org>
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/stable-update.sh | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/scripts/stable-update.sh b/scripts/stable-update.sh index eefd9a96d..2ea5fb78b 100755 --- a/scripts/stable-update.sh +++ b/scripts/stable-update.sh @@ -42,6 +42,21 @@ if [ ! -f patch-$1.xz ]; then fi fi +if [ ! -f "patch-$1.sign" ]; then + wget "https://cdn.kernel.org/pub/linux/kernel/v4.x/patch-$1.sign" + if [ ! $? -eq 0 ]; then + echo "Signature download failed" + exit 1 + fi +fi + +xzcat "patch-$1.xz" | gpg2 --verify "patch-$1.sign" - +if [ ! $? -eq 0 ]; then + echo "Patch file has invalid or untrusted signature!" + echo "See https://www.kernel.org/category/signatures.html" + exit 1 +fi + grep $1 sources &> /dev/null if [ ! $? -eq 0 ]; then fedpkg upload patch-$1.xz |