blob: 1ee68312407675ec2502c70a9a4de38e37ca1359 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
#!/bin/sh
# rsync plugin
#
# ENVIRONMENT VARIABLES:
# URL URL to download known_hosts file from
# SIGURL URL of the OpenPGP signature
# KEYRING path to the OpenPGP keyring with certificates
#
set -e
ln -f current new || true
rsync -vt --timeout=300 "${URL}" new
if [ "${SIGURL}" ]; then
rsync -vt --timeout=300 "${SIGURL}" new.sig
if command -v sopv >/dev/null; then
sopv verify new.sig "${KEYRING}" <new || exit 1
else
gpgv --keyring "${KEYRING}" --status-fd 2 new.sig new || exit 1
fi
# return 1 because it's not clear what other codes may be safe to
# use that do not overlap with codes from rsync.
fi
# vim:set ft=sh:
|
