On Mon, Aug 03, 2015 at 01:40:25PM +0200, Natanael Copa wrote: > We need specify which hashing algorithm was used to create the signature > we check. > > Fixes #609 > > Signed-off-by: Natanael Copa <nc...@alpinelinux.org>
Acked-by: Stéphane Graber <stgra...@ubuntu.com>
> ---
> This should also go to the stable-1.0 and stable-1.1 branches.
>
> templates/lxc-alpine.in | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/templates/lxc-alpine.in b/templates/lxc-alpine.in
> index 963c42a..6dcc51b 100644
> --- a/templates/lxc-alpine.in
> +++ b/templates/lxc-alpine.in
> @@ -83,7 +83,7 @@ get_static_apk () {
>
> # verify the static apk binary signature
> APK=$rootfs/sbin/apk.static
> - openssl dgst -verify $rootfs/etc/apk/keys/$keyname \
> + openssl dgst -sha1 -verify $rootfs/etc/apk/keys/$keyname \
> -signature "$APK.SIGN.RSA.$keyname" "$APK" || return 1
>
> if [ "$auto_repo_dir" ]; then
> --
> 2.5.0
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
signature.asc
Description: Digital signature
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
