1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
#!/bin/sh
# curl plugin
#
# ENVIRONMENT VARIABLES:
# URL URL to download known_hosts file from
# CURL_OPTIONS options passed to curl
# SIGURL URL of the OpenPGP signature
# KEYRING path to the OpenPGP keyring with certificates
#
set -e
if [ "${SIGURL}" ]; then
curl -fRz "./current" -m 300 ${CURL_OPTIONS} -o new.sig "${SIGURL}" -o new "${URL}"
[ -e new ] || exit 0
if command -v sopv >/dev/null; then
sopv verify new.sig "${KEYRING}" <new || exit 1
else
gpgv --keyring "${KEYRING}" --status-fd 2 new.sig new || exit 1
fi
# return 1 because it's not clear what other codes may be safe to
# use that do not overlap with codes from curl.
else
curl -fRz "./current" -m 300 ${CURL_OPTIONS} -o new "${URL}"
fi
# vim:set ft=sh:
|
