summaryrefslogtreecommitdiff
path: root/roles/installer
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2022-10-28 23:17:56 +0200
committerChristian Pointner <equinox@spreadspace.org>2022-10-28 23:17:56 +0200
commit2b01a83a3dabf649d24d34d08fc4d1db531beaab (patch)
tree01afdae0ab8e3e4a3109c1137ff96bf35d379b81 /roles/installer
parentadd support for kali linux (WIP) (diff)
kali has fixed this now: https://bugs.kali.org/view.php?id=8022
Diffstat (limited to 'roles/installer')
-rw-r--r--roles/installer/debian/fetch/tasks/verify-kali.yml26
-rw-r--r--roles/installer/debian/fetch/tasks/verify-ubuntu.yml4
2 files changed, 8 insertions, 22 deletions
diff --git a/roles/installer/debian/fetch/tasks/verify-kali.yml b/roles/installer/debian/fetch/tasks/verify-kali.yml
index 6c1c41cb..d113a6cb 100644
--- a/roles/installer/debian/fetch/tasks/verify-kali.yml
+++ b/roles/installer/debian/fetch/tasks/verify-kali.yml
@@ -1,33 +1,19 @@
---
-- name: download Release and Signature file
+- name: download SHA256SUMS and signature file
loop:
- - Release
- - Release.gpg
+ - SHA256SUMS
+ - SHA256SUMS.gpg
get_url:
- url: "{{ debian_installer_base_url | dirname | dirname | dirname | dirname }}/{{ item }}"
+ url: "{{ debian_installer_base_url }}/{{ item }}"
dest: "{{ debian_installer_target_dir }}/{{ item }}"
force: "{{ debian_installer_force_download }}"
-- name: verfiy signature of Release file
+- name: verfiy signature of SHA256SUMS.gpg file
command: >-
gpgv --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/kali-archive.gpg"
- "{{ debian_installer_target_dir }}/Release.gpg" "{{ debian_installer_target_dir }}/Release"
+ "{{ debian_installer_target_dir }}/SHA256SUMS.gpg" "{{ debian_installer_target_dir }}/SHA256SUMS"
changed_when: False
register: debian_installer_gpg_result
- debug:
var: debian_installer_gpg_result.stderr_lines
-
-### TODO: actually enable Signature verification!!!
-
-# - name: extract checksum file hash from Release file
-# command: grep -E "^ [0-9a-z]{64} .* main/installer-{{ debian_installer_arch }}/current/{{ [debian_installer_distro, debian_installer_codename] | di_images_path }}/SHA256SUMS$" "{{ debian_installer_target_dir }}/Release"
-# changed_when: false
-# register: debian_installer_release_sha256
-
-- name: download SHA256SUMS
- get_url:
- url: "{{ debian_installer_base_url }}/SHA256SUMS"
- dest: "{{ debian_installer_target_dir }}/SHA256SUMS"
-# checksum: "sha256:{{ (debian_installer_release_sha256.stdout | trim).split(' ') | first }}"
- force: "{{ debian_installer_force_download }}"
diff --git a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
index 669c722b..d23d50dc 100644
--- a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
+++ b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml
@@ -1,8 +1,8 @@
---
- name: download SHA256SUMS and signature file
loop:
- - SHA256SUMS
- - SHA256SUMS.gpg
+ - SHA256SUMS
+ - SHA256SUMS.gpg
get_url:
url: "{{ debian_installer_base_url }}/{{ item }}"
dest: "{{ debian_installer_target_dir }}/{{ item }}"