mirrors/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2025-03-03 17:26:57 +01:00
Code Issues Projects Releases Wiki Activity

scripts: verify version in manifest

Browse source 
To make a downgrade attack harder, we also check that the version string
is contained in the manifest, on the same line as the hash.
This commit is contained in:
Oliver Gugger 2021-09-27 11:03:16 +02:00
parent 5bafff2cf2
commit d7d1574095
No known key found for this signature in database
GPG key ID: 8E4256593F177720
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
scripts/verify-install.sh
View file

@ -231,7 +231,7 @@ function check_hash() {
fi
fi
if ! grep -q "^$SUM" "$TEMP_DIR/$MANIFEST"; then
if ! grep "^$SUM" "$TEMP_DIR/$MANIFEST" | grep -q "$VERSION"; then
echo "ERROR: Hash $SUM for $2 not found in $MANIFEST: "
cat "$TEMP_DIR/$MANIFEST"
echo " The expected release binaries have been verified with the developer "