diff options
| author | Andrew Fresh <afresh1@cvs.openbsd.org> | 2023-10-14 18:10:48 +0000 |
|---|---|---|
| committer | Andrew Fresh <afresh1@cvs.openbsd.org> | 2023-10-14 18:10:48 +0000 |
| commit | 1e902e4e59e20fff7b07ebe435452508a450b230 (patch) | |
| tree | 0fd5003005d2e3083d4a56fa6f7cf431f6893e12 /usr.sbin/fw_update | |
| parent | 4427c5c0a63501ca1dfe43a73eabdd5baf98cf6f (diff) | |
Verify but don't overwrite SHA256.sig in fw_update(8)
Signify is happy to overwite the file with the signature stripped off.
However, if we do that, when downloading firmware we lose the ability
to check the signature before verifying checksums on the downloaded files.
Noticed by Thomas <exnihilo () fastmail ! org>
Right deraadt@
Diffstat (limited to 'usr.sbin/fw_update')
| -rw-r--r-- | usr.sbin/fw_update/fw_update.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/fw_update/fw_update.sh b/usr.sbin/fw_update/fw_update.sh index a379d7427fb..ae31ce21084 100644 --- a/usr.sbin/fw_update/fw_update.sh +++ b/usr.sbin/fw_update/fw_update.sh @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: fw_update.sh,v 1.50 2023/09/28 01:18:52 afresh1 Exp $ +# $OpenBSD: fw_update.sh,v 1.51 2023/10/14 18:10:47 afresh1 Exp $ # # Copyright (c) 2021,2023 Andrew Hewus Fresh <afresh1@openbsd.org> # @@ -180,7 +180,7 @@ fetch_cfile() { set +o noclobber # we want to get the latest CFILE fetch "$CFILE" || return 1 set -o noclobber - ! signify -qVep "$FWPUB_KEY" -x "$CFILE" -m "$CFILE" && + ! signify -qVep "$FWPUB_KEY" -x "$CFILE" -m /dev/null && warn "Signature check of SHA256.sig failed" && rm -f "$CFILE" && return 1 elif [ ! -e "$CFILE" ]; then |