lxc-alpine: fix verification of apk.static binary

We need specify which hashing algorithm was used to create the signature we check. Fixes #609 Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

lxc-alpine: fix verification of apk.static binary
24e41ff7 · Natanael Copa · Stéphane Graber · b7e6f8f0 · 24e41ff7
Commit 24e41ff7 authored Aug 03, 2015 by Natanael Copa Committed by Stéphane Graber Aug 13, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

lxc-alpine.in templates/lxc-alpine.in +1 -1

No files found.
--- a/templates/lxc-alpine.in
+++ b/templates/lxc-alpine.in
@@ -83,7 +83,7 @@ get_static_apk () {

    # verify the static apk binary signature
    APK=$rootfs/sbin/apk.static
-    openssl dgst -verify $rootfs/etc/apk/keys/$keyname \
+    openssl dgst -sha1 -verify $rootfs/etc/apk/keys/$keyname \
        -signature "$APK.SIGN.RSA.$keyname" "$APK" || return 1

    if [ "$auto_repo_dir" ]; then