TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-11 13:18:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

release/dist/cli: add verify-package-signature command (#9110)

Browse Source 
Helper command to verify package signatures, mainly for debugging.
Also fix a copy-paste mistake in error message in distsign.

Updates #8760

Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
This commit is contained in:
Andrew Lytvynov
2023-08-28 11:52:05 -06:00
committed by GitHub
parent c86a610eb3
commit 18d9c92342
2 changed files with 60 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clientupdate/distsign/distsign.go
View File

@@ -224,7 +224,7 @@ func (c *Client) Download(srcPath, dstPath string) error {
if !VerifyAny(sigPub, msg, sig) {
// Best-effort clean up of downloaded package.
os.Remove(dstPathUnverified)
return fmt.Errorf("signature %q for key %q does not validate with the current release signing key; either you are under attack, or attempting to download an old version of Tailscale which was signed with an older signing key", sigURL, srcURL)
return fmt.Errorf("signature %q for file %q does not validate with the current release signing key; either you are under attack, or attempting to download an old version of Tailscale which was signed with an older signing key", sigURL, srcURL)
}
if err := os.Rename(dstPathUnverified, dstPath); err != nil {