1
0
mirror of https://github.com/b4tman/docker-squid.git synced 2024-11-21 18:56:54 +00:00

fix sig verification

keys imported from http://www.squid-cache.org/pgp.asc

from https://sks-keyservers.net :
> This service is deprecated. This means it is no longer maintained, and new HKPS certificates will not be issued. Service reliability should not be expected.
>
> Update 2021-06-21: Due to even more GDPR takedown requests, the DNS records for the pool will no longer be provided at all.
This commit is contained in:
Dmitry Belyaev 2021-07-01 14:14:15 +03:00
parent 9e6775a422
commit 2e3e78056d
Signed by: b4tman
GPG Key ID: 41A00BF15EA7E5F3
2 changed files with 4 additions and 7 deletions

View File

@ -1,7 +1,6 @@
FROM alpine:3.14.0 as build
ENV SQUID_VER 4.15
ENV SQUID_SIG_KEY B06884EDB779C89B044E64E3CD6DBF8EF3B17D3E
# fix conflict with libretls and libressl
RUN set -x && \
@ -31,15 +30,13 @@ RUN set -x && \
cd /tmp/build && \
curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz -o squid-${SQUID_VER}.tar.gz && \
curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz.asc -o squid-${SQUID_VER}.tar.gz.asc
COPY squid-keys.asc /tmp
RUN set -x && \
cd /tmp/build && \
export GNUPGHOME="$(mktemp -d)" && \
( \
gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys ${SQUID_SIG_KEY} || \
gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys ${SQUID_SIG_KEY} || \
gpg --keyserver hkp://pgp.mit.edu:80 --recv-keys ${SQUID_SIG_KEY} \
) && \
gpg --import /tmp/squid-keys.asc && \
gpg --batch --verify squid-${SQUID_VER}.tar.gz.asc squid-${SQUID_VER}.tar.gz && \
rm -rf "$GNUPGHOME"

BIN
squid-keys.asc Normal file

Binary file not shown.