From 04d97616bf410442a28c2c1212fb480e38581363 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 20 Nov 2014 13:45:10 -0200 Subject: Piwik signature check --- TODO.md | 1 - piwik-dl | 11 +++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/TODO.md b/TODO.md index fcf4d44..9c6b2e1 100644 --- a/TODO.md +++ b/TODO.md @@ -2,4 +2,3 @@ TODO ==== * Advocate for [signed releases and https downloads](https://manual.sarava.org/specs/code/). -* Implemente http://piwik.org/blog/2014/11/verify-signatures-piwik-packages/ diff --git a/piwik-dl b/piwik-dl index e266c0b..3bdc1de 100755 --- a/piwik-dl +++ b/piwik-dl @@ -3,7 +3,18 @@ # Piwik simple upgrader. # +# Parameters +KEY="814E346FA01A20DBB04B6807B5DBD5925590A237" + +# See http://piwik.org/blog/2014/11/verify-signatures-piwik-packages/ +if ! gpg --list-keys "$KEY" &> /dev/null; then + gpg --keyserver keys.gnupg.net --recv-keys "$KEY" || exit 1 +fi + +# Upgrade procedure wget http://piwik.org/latest.zip && \ +wget http://piwik.org/latest.zip.asc && \ +gpg --verify latest.zip.asc latest.zip && \ mv piwik/ piwik.old && \ unzip latest.zip && \ rm *html && \ -- cgit v1.2.3