fix sig verification

keys imported from http://www.squid-cache.org/pgp.asc from https://sks-keyservers.net : > This service is deprecated. This means it is no longer maintained, and new HKPS certificates will not be issued. Service reliability should not be expected. > > Update 2021-06-21: Due to even more GDPR takedown requests, the DNS records for the pool will no longer be provided at all.
2021-07-01 14:14:15 +03:00 · 2021-07-01 14:14:15 +03:00 · 2e3e78056d
parent 9e6775a422
commit 2e3e78056d
2 changed files with 4 additions and 7 deletions
--- a/11
+++ b/11
@ -1,7 +1,6 @@
 FROM alpine:3.14.0 as build

 ENV SQUID_VER 4.15
-ENV SQUID_SIG_KEY B06884EDB779C89B044E64E3CD6DBF8EF3B17D3E

 # fix conflict with libretls and libressl
 RUN set -x && \
@ -31,15 +30,13 @@ RUN set -x && \
 	cd /tmp/build && \
    curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz -o squid-${SQUID_VER}.tar.gz && \
 	curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz.asc -o squid-${SQUID_VER}.tar.gz.asc
-	
+
+COPY squid-keys.asc /tmp
+
 RUN set -x && \
 	cd /tmp/build && \
 	export GNUPGHOME="$(mktemp -d)" && \
-	( \
-	 gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys ${SQUID_SIG_KEY} || \
-     gpg --keyserver hkp://ipv4.pool.sks-keyservers.net   --recv-keys ${SQUID_SIG_KEY} ||  \
-     gpg --keyserver hkp://pgp.mit.edu:80                 --recv-keys ${SQUID_SIG_KEY} \
-	) && \
+	gpg --import /tmp/squid-keys.asc && \
 	gpg --batch --verify squid-${SQUID_VER}.tar.gz.asc squid-${SQUID_VER}.tar.gz && \
 	rm -rf "$GNUPGHOME"
 	
--- a/squid-keys.asc
+++ b/squid-keys.asc