From: Fabian Grünbichler Date: Wed, 7 Sep 2022 12:00:48 +0000 (+0200) Subject: switch to production signing key X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=05da7b3569d79afeb451239a82470d5635d1a962;p=proxmox-offline-mirror.git switch to production signing key shipped by proxmox-archive-keyring Signed-off-by: Fabian Grünbichler --- diff --git a/debian/debcargo.toml b/debian/debcargo.toml index 245bba5..aeda7d9 100644 --- a/debian/debcargo.toml +++ b/debian/debcargo.toml @@ -14,4 +14,4 @@ repositories and subscription keys: - proxmox-offline-mirror (binary for the mirror host with internet access) - proxmox-apt-repo (binary for the Proxmox host without internet access) """ -depends = ["proxmox-offline-mirror-docs"] +depends = ["proxmox-offline-mirror-docs", "proxmox-archive-keyring"] diff --git a/src/bin/proxmox_offline_mirror_cmds/subscription.rs b/src/bin/proxmox_offline_mirror_cmds/subscription.rs index 9d638f4..c71ed39 100644 --- a/src/bin/proxmox_offline_mirror_cmds/subscription.rs +++ b/src/bin/proxmox_offline_mirror_cmds/subscription.rs @@ -5,6 +5,8 @@ use proxmox_offline_mirror::{ subscription::{extract_mirror_key, refresh}, types::{ProductType, PROXMOX_SUBSCRIPTION_KEY_SCHEMA}, }; +use proxmox_subscription::files::DEFAULT_SIGNING_KEY; +use proxmox_sys::fs::file_get_contents; use serde_json::Value; use proxmox_router::cli::{ @@ -25,8 +27,7 @@ pub const LIST_KEYS_RETURN_TYPE: ReturnType = ReturnType { }; fn public_key() -> Result, Error> { - // TODO read from file shipped by proxmox-offline-mirror? make configurable? - openssl::pkey::PKey::public_key_from_pem("-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEvmzKX6LBz6RXiYjzI4+TLKiLfTKy3h93\nbSn7wEo530zPDYgMTzZLIdXtBAECUmUEtNx5ctro/0ypvLpj7F/fe2gPZwvkNrRQ\nXBgvpyDCfcXgusv9eGhef3jIYKIIlXy8\n-----END PUBLIC KEY-----".as_bytes()) + openssl::pkey::PKey::public_key_from_pem(&file_get_contents(DEFAULT_SIGNING_KEY)?) .map_err(Error::from) }