Our build system caches files locally and only updates them when something
changes. Since I need to integrate some distsign stuff into the build system
to validate our Windows 7 MSIs, I want to be able to check the cached copy
of a package before downloading a fresh copy from pkgs.
If the signature changes, then obviously the local copy is outdated and we
return an error, at which point we call Download to refresh the package.
Updates https://github.com/tailscale/corp/issues/14334
Signed-off-by: Aaron Klotz <aaron@tailscale.com>
returnfmt.Errorf("signature %q for file %q does not validate with the current release signing key; either you are under attack, or attempting to download an old version of Tailscale which was signed with an older signing key",sigURL,localFilePath)
}
c.logf("Signature OK")
returnnil
}
// signingKeys fetches current signing keys from the server and validates them
// against the roots. Should be called before validation of any downloaded file