From dbb26ca3c96b39b18fc125a365d2279de8675d71 Mon Sep 17 00:00:00 2001 From: Reinhard Pointner Date: Thu, 28 Jun 2018 01:23:02 +0700 Subject: [PATCH] gpg --verify doesn't actually work the way any sane person would think... --- installer/portable/update-filebot.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/installer/portable/update-filebot.sh b/installer/portable/update-filebot.sh index ecc4d822..6c8180c3 100755 --- a/installer/portable/update-filebot.sh +++ b/installer/portable/update-filebot.sh @@ -18,9 +18,10 @@ FILEBOT_HOME=`cd "$PRG_DIR" && pwd` # update core application files -PACKAGE_NAME="DELTA.tar.xz" +PACKAGE_NAME="CHANGES.tar.xz" PACKAGE_FILE="$FILEBOT_HOME/$PACKAGE_NAME" PACKAGE_URL="@{link.release.index}/HEAD/$PACKAGE_NAME" + SIGNATURE_FILE="$PACKAGE_FILE.asc" SIGNATURE_URL="$PACKAGE_URL.asc" @@ -33,17 +34,17 @@ if [ $HTTP_CODE -ne 200 ]; then exit 1 fi -curl -L -o "$PACKAGE_FILE" --retry 5 "$PACKAGE_URL" +curl -L -o "$PACKAGE_FILE" -z "$PACKAGE_FILE" --retry 5 "$PACKAGE_URL" # initialize gpg GPG_HOME="$FILEBOT_HOME/data/.gpg" if [ ! -d "$GPG_HOME" ]; then - mkdir -p "$GPG_HOME" && chmod 700 "$GPG_HOME" && gpg --homedir "$GPG_HOME" --import "$FILEBOT_HOME/maintainer.pub" + mkdir -p "$GPG_HOME" && chmod 700 "$GPG_HOME" && gpg --homedir "$GPG_HOME" --no-default-keyring --keyring "trustedkeys.kbx" --import "$FILEBOT_HOME/maintainer.pub" fi # verify signature and extract tar -if gpg --batch --yes --homedir "$GPG_HOME" --trusted-key "B0976E51E5C047AD0FD051294E402EBF7C3C6A71" --verify "$SIGNATURE_FILE" "$PACKAGE_FILE"; then - tar -xJvf "$PACKAGE_FILE" && rm -v "$PACKAGE_FILE" +if gpgv --homedir "$GPG_HOME" "$SIGNATURE_FILE" "$PACKAGE_FILE"; then + tar -xvf "$PACKAGE_FILE" fi