gaspersic/go-ethereum
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cmd/geth: implement vulnerability check (#21859)

Browse Source 
* cmd/geth: implement vulnerability check

* cmd/geth: use minisign to verify vulnerability feed

* cmd/geth: add the test too

* cmd/geth: more minisig/signify testing

* cmd/geth: support multiple pubfiles for signing

* cmd/geth: add @holiman minisig pubkey

* cmd/geth: polishes on vulnerability check

* cmd/geth: fix ineffassign linter nit

* cmd/geth: add CVE to version check struct

* cmd/geth/testdata: add missing testfile

* cmd/geth: add more keys to versionchecker

* cmd/geth: support file:// URLs in version check

* cmd/geth: improve key ID printing when signature check fails

Co-authored-by: Felix Lange <fjl@twurst.com>
This commit is contained in:
Martin Holst Swende
2020-12-04 15:01:47 +01:00
committed by GitHub
parent 7770e41cb5
commit 15339cf1c9
17 changed files with 433 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/geth/testdata/vcheck/signify-sigs/data.json.sig vendored Normal file
View File

@@ -0,0 +1,2 @@
untrusted comment: verify with ./signifykey.pub
RWSKLNhZb0KdAbhRUhW2LQZXdnwttu2SYhM9EuC4mMgOJB85h7/YIPupf8/ldTs4N8e9Y/fhgdY40q5LQpt5IFC62fq0v8U1/w8=