Merge pull request #4963 from guggero/verify-no-key-fix
scripts: don't fail signature verification on missing public key
This commit is contained in:
commit
688a8045f0
@ -108,14 +108,17 @@ NUM_CHECKS=0
|
|||||||
for signature in $SIGNATURES; do
|
for signature in $SIGNATURES; do
|
||||||
# First make sure the downloaded signature file is valid.
|
# First make sure the downloaded signature file is valid.
|
||||||
echo "Verifying $signature"
|
echo "Verifying $signature"
|
||||||
if ! gpg --verify "$signature" 2>&1 | grep -q "Good signature"; then
|
if gpg --verify "$signature" 2>&1 | grep -q "Good signature"; then
|
||||||
|
echo "Signature for $signature checks out: "
|
||||||
|
gpg --verify "$signature" 2>&1 | grep "using"
|
||||||
|
elif gpg --verify "$signature" 2>&1 | grep -q "No public key"; then
|
||||||
|
echo "Unable to verify signature $signature, no key available, skipping"
|
||||||
|
continue
|
||||||
|
else
|
||||||
echo "ERROR: Did not get valid signature for $signature!"
|
echo "ERROR: Did not get valid signature for $signature!"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Signature for $signature checks out: "
|
|
||||||
gpg --verify "$signature" 2>&1 | grep "using"
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
# Then make sure that the hash of the installed binaries can be found in the
|
# Then make sure that the hash of the installed binaries can be found in the
|
||||||
|
Loading…
Reference in New Issue
Block a user