Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
tails
tails
Commits
c526408b
Commit
c526408b
authored
Jan 04, 2015
by
Tails developers
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'bugfix/handle-website-CA-change' into stable
parents
3b214506
ce5e5246
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
34 additions
and
1 deletion
+34
-1
config/chroot_local-hooks/58-create-tails-website-CA-bundle
config/chroot_local-hooks/58-create-tails-website-CA-bundle
+12
-0
config/chroot_local-includes/usr/local/bin/tails-security-check
.../chroot_local-includes/usr/local/bin/tails-security-check
+1
-1
config/chroot_local-patches/iuk-handle-website-CA-change.patch
...g/chroot_local-patches/iuk-handle-website-CA-change.patch
+21
-0
No files found.
config/chroot_local-hooks/58-create-
upgrader
-CA-bundle
→
config/chroot_local-hooks/58-create-
tails-website
-CA-bundle
View file @
c526408b
...
...
@@ -2,12 +2,11 @@
set
-e
echo
"Creating
Tails Upgrader's CA bundle
"
echo
"Creating
CA bundle for authenticating https://tails.boum.org/
"
BUNDLE
=
/usr/local/etc/ssl/certs/tails
-iuk
.pem
BUNDLE
=
/usr/local/etc/ssl/certs/tails
.boum.org-CA
.pem
cat
/etc/ssl/certs/AddTrust_External_Root.pem
\
/etc/ssl/certs/UTN_USERFirst_Hardware_Root_CA.pem
\
>
"
$BUNDLE
"
chmod
a+r
"
$BUNDLE
"
config/chroot_local-includes/usr/local/bin/tails-security-check
View file @
c526408b
...
...
@@ -48,7 +48,7 @@ use Net::SSLeay;
BEGIN
{
IO::Socket::SSL::
set_ctx_defaults
(
verify_mode
=>
Net::
SSLeay
->
VERIFY_PEER
(),
ca_file
=>
'
/etc/ssl/certs/
UTN_USERFirst_Hardware_Root_
CA.pem
',
ca_file
=>
'
/
usr/local/
etc/ssl/certs/
tails.boum.org-
CA.pem
',
);
}
use
LWP::
UserAgent
;
# needs to be *after* IO::Socket::SSL's initialization
...
...
config/chroot_local-patches/iuk-handle-website-CA-change.patch
0 → 100644
View file @
c526408b
--- a/usr/share/perl5/Tails/IUK.pm
+++ b/usr/share/perl5/Tails/IUK.pm
@@ -255,6 +255,7 @@
method _build_squashfs_diff {
run_as_root(
"rsync", "--archive", "--quiet", "--delete-after", "--acls",
+ "--checksum",
sprintf("%s/", dir($new_squashfs_mount)),
sprintf("%s/", dir($union)),
);
--- a/usr/share/perl5/Tails/IUK/UpgradeDescriptionFile/Download.pm
+++ b/usr/share/perl5/Tails/IUK/UpgradeDescriptionFile/Download.pm
@@ -105,7 +105,7 @@
method _build_curl_opts {
}
else {
my $cafile = $ENV{HTTPS_CA_FILE};
- $cafile //= '/etc/ssl/certs/UTN_USERFirst_Hardware_Root_CA.pem';
+ $cafile //= '/usr/local/etc/ssl/certs/tails.boum.org-CA.pem';
push @opts, CURLOPT_SSL_VERIFYHOST, 2;
push @opts, CURLOPT_SSL_VERIFYPEER, 1;
push @opts, CURLOPT_CAINFO, $cafile;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment