From 3c4c9d30c58c4820ec3c18c461051cc7685b6e5e Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Wed, 23 Apr 2014 12:49:09 -0400
Subject: this keyring contains keys that git-annex should trust to sign
 upgrades

Currently, that is the git-annex distribution signing key, 89C809CB

I have also included my personal gpg key, 2512E3C7. This is in case
something goes wrong with the other key (perhaps it gets lost), we'll
hopefully avoid locking everything out of upgradng.
---
 standalone/trustedkeys.gpg | Bin 0 -> 4979 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 standalone/trustedkeys.gpg

(limited to 'standalone')

diff --git a/standalone/trustedkeys.gpg b/standalone/trustedkeys.gpg
new file mode 100644
index 000000000..0742182ae
Binary files /dev/null and b/standalone/trustedkeys.gpg differ
-- 
cgit v1.2.3


From bc12661f32692ab84c216c4fdeb8d9aee3656543 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Wed, 23 Apr 2014 13:30:30 -0400
Subject: Standalone builds now check gpg signatures before upgrading.

---
 Assistant/Threads/Upgrader.hs | 18 +-----------------
 Makefile                      |  2 ++
 debian/changelog              |  6 ++++++
 standalone/android/Makefile   |  1 +
 standalone/android/runshell   |  1 +
 5 files changed, 11 insertions(+), 17 deletions(-)

(limited to 'standalone')

diff --git a/Assistant/Threads/Upgrader.hs b/Assistant/Threads/Upgrader.hs
index 60aeec70b..637c82a7d 100644
--- a/Assistant/Threads/Upgrader.hs
+++ b/Assistant/Threads/Upgrader.hs
@@ -18,11 +18,8 @@ import Assistant.Types.UrlRenderer
 import Assistant.DaemonStatus
 import Assistant.Alert
 import Utility.NotificationBroadcaster
-import Utility.Tmp
 import qualified Annex
 import qualified Build.SysConfig
-import qualified Utility.Url as Url
-import qualified Annex.Url as Url
 import qualified Git.Version
 import Types.Distribution
 #ifdef WITH_WEBAPP
@@ -62,7 +59,7 @@ upgraderThread urlrenderer = namedThread "Upgrader" $
 checkUpgrade :: UrlRenderer -> Assistant ()
 checkUpgrade urlrenderer = do
 	debug [ "Checking if an upgrade is available." ]
-	go =<< getDistributionInfo
+	go =<< downloadDistributionInfo
   where
 	go Nothing = debug [ "Failed to check if upgrade is available." ]
 	go (Just d) = do
@@ -86,16 +83,3 @@ canUpgrade urgency urlrenderer d = ifM autoUpgradeEnabled
 		noop
 #endif
 	)
-
-getDistributionInfo :: Assistant (Maybe GitAnnexDistribution)
-getDistributionInfo = do
-	uo <- liftAnnex Url.getUrlOptions
-	liftIO $ withTmpFile "git-annex.tmp" $ \tmpfile h -> do
-		hClose h
-		ifM (Url.downloadQuiet distributionInfoUrl tmpfile uo)
-			( readish <$> readFileStrict tmpfile
-			, return Nothing
-			)
-
-distributionInfoUrl :: String
-distributionInfoUrl = fromJust Build.SysConfig.upgradelocation ++ ".info"
diff --git a/Makefile b/Makefile
index cbc369572..25a77be1f 100644
--- a/Makefile
+++ b/Makefile
@@ -120,6 +120,7 @@ linuxstandalone-nobuild: Build/Standalone Build/LinuxMkLibs
 	ln -sf git-annex "$(LINUXSTANDALONE_DEST)/bin/git-annex-shell"
 	zcat standalone/licences.gz > $(LINUXSTANDALONE_DEST)/LICENSE
 	cp doc/logo_16x16.png doc/logo.svg $(LINUXSTANDALONE_DEST)
+	cp standalone/trustedkeys.gpg $(LINUXSTANDALONE_DEST)
 
 	./Build/Standalone "$(LINUXSTANDALONE_DEST)"
 	
@@ -150,6 +151,7 @@ osxapp: Build/Standalone Build/OSXMkLibs
 	ln -sf git-annex "$(OSXAPP_BASE)/git-annex-shell"
 	gzcat standalone/licences.gz > $(OSXAPP_BASE)/LICENSE
 	cp $(OSXAPP_BASE)/LICENSE tmp/build-dmg/LICENSE.txt
+	cp standalone/trustedkeys.gpg $(OSXAPP_BASE)
 
 	./Build/Standalone $(OSXAPP_BASE)
 
diff --git a/debian/changelog b/debian/changelog
index 8d4816237..176178be0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+git-annex (5.20140422) UNRELEASED; urgency=medium
+
+  * Standalone builds now check gpg signatures before upgrading.
+
+ -- Joey Hess <joeyh@debian.org>  Wed, 23 Apr 2014 12:43:39 -0400
+
 git-annex (5.20140421) unstable; urgency=medium
 
   * assistant: Now detects immediately when other repositories push
diff --git a/standalone/android/Makefile b/standalone/android/Makefile
index 404841bc0..a11c0bcc1 100644
--- a/standalone/android/Makefile
+++ b/standalone/android/Makefile
@@ -76,6 +76,7 @@ build: start
 	cp $(GIT_ANNEX_ANDROID_SOURCETREE)/git/git.tar.gz $(GIT_ANNEX_ANDROID_SOURCETREE)/term/libs/armeabi/lib.git.tar.gz.so
 
 	git rev-parse HEAD > $(GIT_ANNEX_ANDROID_SOURCETREE)/term/libs/armeabi/lib.version.so
+	cp ../trustedkeys.gpg $(GIT_ANNEX_ANDROID_SOURCETREE)/term/libs/armeabi/lib.trustedkeys.so
 
 	mkdir -p ../../tmp/4.0 ../../tmp/4.3
 	
diff --git a/standalone/android/runshell b/standalone/android/runshell
index ef6744494..f6a0138e9 100755
--- a/standalone/android/runshell
+++ b/standalone/android/runshell
@@ -53,6 +53,7 @@ buildtree () {
 	$cmd echo "exec $base/lib/lib.start.so" >> "$base/runshell"
 	$cmd chmod 755 runshell
 
+	$cmd cat "$base/lib/lib.trustedkeys.so" > "$base/bin/trustedkeys.gpg"
 	$cmd cat "$base/lib/lib.version.so" > "$base/installed-version"
 	$cmd echo "Installation complete"
 }
-- 
cgit v1.2.3