Commit Graph

5 Commits

Author SHA1 Message Date
Martin Holst Swende c60f7dd08d
deps: update minisign (#28066)
This updates minisign to the latest version. One new thing is that minisign (not go-minisign) has started to prehash the file, and in order to make geth pass the version-check, we need to sign the file in legacy-mode.
2023-09-07 04:18:46 -04:00
Martin Holst Swende af806168b6
cmd/geth: update vulnerabilities.json testdata (#24856) 2022-05-16 13:41:36 +02:00
Martin Holst Swende 5c89ec9b98
cmd/geth: update vulnerability testdata (#23252) 2021-07-27 16:19:48 +02:00
Martin Holst Swende 915643a3e5
cmd/geth: add test to verify regexps in version check (#21962) 2020-12-09 13:59:24 +01:00
Martin Holst Swende 15339cf1c9
cmd/geth: implement vulnerability check (#21859)
* cmd/geth: implement vulnerability check

* cmd/geth: use minisign to verify vulnerability feed

* cmd/geth: add the test too

* cmd/geth: more minisig/signify testing

* cmd/geth: support multiple pubfiles for signing

* cmd/geth: add @holiman minisig pubkey

* cmd/geth: polishes on vulnerability check

* cmd/geth: fix ineffassign linter nit

* cmd/geth: add CVE to version check struct

* cmd/geth/testdata: add missing testfile

* cmd/geth: add more keys to versionchecker

* cmd/geth: support file:// URLs in version check

* cmd/geth: improve key ID printing when signature check fails

Co-authored-by: Felix Lange <fjl@twurst.com>
2020-12-04 15:01:47 +01:00