Download GPG signature from archive location
This addresses an issue wher the downloaded signature would not match the archive, if an older version of the archive is downloaded.
This commit is contained in:
Levi Brown
parent
1f4c6c40d1
commit
ddb8bbc636
|
|
@ -463,18 +463,18 @@ echo
|
||||||
# Download OpenSSL when not present
|
# Download OpenSSL when not present
|
||||||
OPENSSL_ARCHIVE_BASE_NAME="openssl-${VERSION}"
|
OPENSSL_ARCHIVE_BASE_NAME="openssl-${VERSION}"
|
||||||
OPENSSL_ARCHIVE_FILE_NAME="${OPENSSL_ARCHIVE_BASE_NAME}.tar.gz"
|
OPENSSL_ARCHIVE_FILE_NAME="${OPENSSL_ARCHIVE_BASE_NAME}.tar.gz"
|
||||||
OPENSSL_ARCHIVE_SIGNATURE_FILE_NAME="${OPENSSL_ARCHIVE_FILE_NAME}.asc"
|
OPENSSL_ARCHIVE_SIGNATURE_FILE_EXT=".asc"
|
||||||
|
OPENSSL_ARCHIVE_SIGNATURE_FILE_NAME="${OPENSSL_ARCHIVE_FILE_NAME}${OPENSSL_ARCHIVE_SIGNATURE_FILE_EXT}"
|
||||||
if [ ! -e ${OPENSSL_ARCHIVE_FILE_NAME} ]; then
|
if [ ! -e ${OPENSSL_ARCHIVE_FILE_NAME} ]; then
|
||||||
echo "Downloading ${OPENSSL_ARCHIVE_FILE_NAME}..."
|
echo "Downloading ${OPENSSL_ARCHIVE_FILE_NAME}..."
|
||||||
OPENSSL_ARCHIVE_BASE_URL="https://www.openssl.org/source"
|
OPENSSL_ARCHIVE_BASE_URL="https://www.openssl.org/source"
|
||||||
OPENSSL_ARCHIVE_URL="${OPENSSL_ARCHIVE_BASE_URL}/${OPENSSL_ARCHIVE_FILE_NAME}"
|
OPENSSL_ARCHIVE_URL="${OPENSSL_ARCHIVE_BASE_URL}/${OPENSSL_ARCHIVE_FILE_NAME}"
|
||||||
OPENSSL_ARCHIVE_SIGNATURE_URL="${OPENSSL_ARCHIVE_BASE_URL}/${OPENSSL_ARCHIVE_SIGNATURE_FILE_NAME}"
|
|
||||||
|
|
||||||
# Check whether file exists here (this is the location of the latest version for each branch)
|
# Check whether file exists here (this is the location of the latest version for each branch)
|
||||||
# -s be silent, -f return non-zero exit status on failure, -I get header (do not download)
|
# -s be silent, -f return non-zero exit status on failure, -I get header (do not download)
|
||||||
curl ${CURL_OPTIONS} -sfI "${OPENSSL_ARCHIVE_URL}" > /dev/null
|
curl ${CURL_OPTIONS} -sfI "${OPENSSL_ARCHIVE_URL}" > /dev/null
|
||||||
|
|
||||||
# If unsuccessful, try the archive
|
# If unsuccessful, update the URL for older versions and try again.
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
BRANCH=$(echo "${VERSION}" | grep -Eo '^[0-9]\.[0-9]\.[0-9]')
|
BRANCH=$(echo "${VERSION}" | grep -Eo '^[0-9]\.[0-9]\.[0-9]')
|
||||||
OPENSSL_ARCHIVE_URL="https://www.openssl.org/source/old/${BRANCH}/${OPENSSL_ARCHIVE_FILE_NAME}"
|
OPENSSL_ARCHIVE_URL="https://www.openssl.org/source/old/${BRANCH}/${OPENSSL_ARCHIVE_FILE_NAME}"
|
||||||
|
|
@ -492,7 +492,8 @@ if [ ! -e ${OPENSSL_ARCHIVE_FILE_NAME} ]; then
|
||||||
# Archive was found, so proceed with download.
|
# Archive was found, so proceed with download.
|
||||||
# -O Use server-specified filename for download
|
# -O Use server-specified filename for download
|
||||||
curl ${CURL_OPTIONS} -O "${OPENSSL_ARCHIVE_URL}"
|
curl ${CURL_OPTIONS} -O "${OPENSSL_ARCHIVE_URL}"
|
||||||
curl ${CURL_OPTIONS} -O "${OPENSSL_ARCHIVE_SIGNATURE_URL}"
|
# also download the gpg signature from the same location
|
||||||
|
curl ${CURL_OPTIONS} -O "${OPENSSL_ARCHIVE_URL}${OPENSSL_ARCHIVE_SIGNATURE_FILE_EXT}"
|
||||||
|
|
||||||
else
|
else
|
||||||
echo "Using ${OPENSSL_ARCHIVE_FILE_NAME}"
|
echo "Using ${OPENSSL_ARCHIVE_FILE_NAME}"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue