Diff

Differences From Artifact [171439581e]:

To Artifact [2e09ba053f]:


    92     92   
    93     93   		if {![regexp {^[0-9a-f]*$} $value]} {
    94     94   			return false
    95     95   		}
    96     96   
    97     97   		return true
    98     98   	}
           99  +
          100  +	proc _verifySignatureAndCertificate {certificate signature} {
          101  +		return true
          102  +	}
    99    103   
   100    104   	proc _normalizeOS {os} {
   101    105   		set os [string tolower [string trim $os]]
   102    106   
   103    107   		switch -- $os {
   104    108   			"linux" - "freebsd" - "openbsd" - "netbsd" {
   105    109   				return $os
................................................................................
   225    229   		if {![info exists indexhash_data]} {
   226    230   			# Cache this result for 60 seconds
   227    231   			db eval {INSERT OR REPLACE INTO sites (hostname, lastUpdate, ttl) VALUES ($hostname, $now, $::appfs::nttl);}
   228    232   
   229    233   			return -code error "Unable to fetch $url"
   230    234   		}
   231    235   
   232         -		set indexhash [lindex [split $indexhash_data ","] 0]
          236  +		set indexhash_data [split $indexhash_data ","]
          237  +		set indexhash [lindex $indexhash_data 0]
          238  +		set indexhashmethod [lindex $indexhash_data 1]
          239  +		set indexhashcert   [lindex $indexhash_data 2]
          240  +		set indexhashsig    [lindex $indexhash_data 3]
   233    241   
   234    242   		if {![_isHash $indexhash]} {
   235    243   			return -code error "Invalid hash: $indexhash"
   236    244   		}
          245  +
          246  +		if {![_verifySignatureAndCertificate $indexhashcert $indexhashsig]} {
          247  +			return -code error "Invalid signature or certificate from $hostname"
          248  +		}
   237    249   
   238    250   		set file [download $hostname $indexhash]
   239    251   		set fd [open $file]
   240    252   		set data [read $fd]
   241    253   		close $fd
   242    254   
   243    255   		set curr_packages [list]