hoellen/dockerfiles
1
0
Fork 0
mirror of https://github.com/hoellen/dockerfiles.git synced 2025-04-20 04:19:18 +00:00
Code Issues Projects Releases Wiki Activity

tor: verify gpg fingerprint

Browse Source
This commit is contained in:
Wonderfall 2016-05-08 12:29:41 +02:00
parent d135ae95bd
commit 8a10b28fe3
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
tor/Dockerfile
View File

@ -3,6 +3,7 @@ FROM alpine:3.3
ARG ARM_VERSION=1.4.5.0 ARG ARM_VERSION=1.4.5.0
ARG TOR_VERSION=0.2.7.6 ARG TOR_VERSION=0.2.7.6
ARG TOR_USER_ID=45553 ARG TOR_USER_ID=45553
ARG GPG_Mathewson="B35B F85B F194 89D0 4E28 C33C 2119 4EBB 1657 33EA"
ENV TERM=xterm ENV TERM=xterm
@ -23,7 +24,10 @@ RUN BUILD_DEPS=" \
&& wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz \ && wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz \
&& wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz.asc \ && wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz.asc \
&& gpg --keyserver keys.gnupg.net --recv-keys 0x165733EA \ && gpg --keyserver keys.gnupg.net --recv-keys 0x165733EA \
&& gpg --verify tor-0.2.7.6.tar.gz.asc \ && FINGERPRINT="$(LANG=C gpg --verify tor-${TOR_VERSION}.tar.gz.asc tor-${TOR_VERSION}.tar.gz 2>&1 \
| sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \
&& if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \
&& if [ "${FINGERPRINT}" != "${GPG_Mathewson}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \
&& tar xzf tor-${TOR_VERSION}.tar.gz \ && tar xzf tor-${TOR_VERSION}.tar.gz \
&& cd tor-${TOR_VERSION} \ && cd tor-${TOR_VERSION} \
&& ./configure --disable-asciidoc \ && ./configure --disable-asciidoc \