Using https sounds like a good idea. When I first wrote these scripts exactly (!) 3 years ago, I don't think the https URL was available. But it is now, so I'm changing it.
On Tue, 17 May 2016 21:02:48 -0700 Reed Loden <[email protected]> wrote: > Please update your scripts to use https://, such as > https://ftp.mozilla.org/pub/firefox/releases/. Even with the GPG > checking you seem to be doing, always better to download files over > TLS to prevent MITM. > > ~reed > > On Tue, May 17, 2016 at 7:55 PM, Paul Kosinski <[email protected]> > wrote: > > > Another handy script for updating Firefox, that goes with the > > download script I just posted (1) does the GPG verification for the > > downloads, and (2) computes and displays the SHA512 checksums for > > the downloaded files right next to the checksums extracted from the > > SHA512SUMS file. > > > > Also shown is sample output, showing the "cleaned up" filenames. > > Note that the checksum extracted from the SHA512SUMS file comes > > first, followed by the locally computed checksum of the > > just-downloaded file. > > > > ----------------------------------------------------------------------- > > > > #!/bin/bash > > > > if [ "$1" == '' ] ; then > > echo "Usage is: $0 ESR-version-number" > > exit > > fi > > > > VERSION="$1" > > > > cd /home/prk/Downloads/Mozilla-ESR/Firefox > > > > echo '' > > /usr/bin/gpg --verify SHA512SUMS-FF-$VERSION-esr.txt.asc > > > > > > # linux-i686/en-US/firefox-45.1.0esr.tar.bz2 > > echo '' > > /usr/bin/egrep ' linux-i686/en-US/firefox.*esr.tar.bz2$' > > SHA512SUMS-FF-$VERSION-esr.txt > > /usr/bin/sha512sum *$VERSION-esr-32.tar.bz2 > > > > > > # linux-x86_64/en-US/firefox-45.1.0esr.tar.bz2 > > echo '' > > /usr/bin/egrep ' linux-x86_64/en-US/firefox.*esr.tar.bz2' > > SHA512SUMS-FF-$VERSION-esr.txt > > /usr/bin/sha512sum *$VERSION-esr-64.tar.bz2 > > > > > > # win32/en-US/Firefox Setup 45.1.0esr.exe > > echo '' > > /usr/bin/egrep ' win32/en-US/Firefox Setup .*esr.exe$' > > SHA512SUMS-FF-$VERSION-esr.txt > > /usr/bin/sha512sum *$VERSION-esr-32.exe > > > > > > # win64/en-US/Firefox Setup 45.1.0esr.exe > > if [ "s$VERSION" \> 's45.0.0' ] ; then > > echo '' > > /usr/bin/egrep ' win64/en-US/Firefox Setup .*esr.exe$' > > SHA512SUMS-FF-$VERSION-esr.txt > > /usr/bin/sha512sum *$VERSION-esr-64.exe > > fi > > > > echo '' > > > > > > ----------------------------------------------------------------------- > > > > ~/ESR/esr-check-firefox 45.1.0 > > > > gpg: Signature made Thu 21 Apr 2016 02:46:57 AM EDT using RSA key ID > > 5E9905DB > > gpg: Good signature from "Mozilla Software Releases > > <[email protected]>" gpg: WARNING: This key is not certified with > > a trusted signature! gpg: There is no indication that the > > signature belongs to the owner. > > Primary key fingerprint: 14F2 6682 D091 6CDD 81E3 7B6D 61B7 B526 > > D98F 0353 Subkey fingerprint: F2EF 4E6E 6AE7 5B95 F11F 1EB5 1C69 > > C4E5 5E99 05DB > > > > f69f52450c606f05041364784eb2ad36e4d368a1583c017c0b672986ac620f17399ddee49d66e90fb992bdd6173340a01d48d7583b3792ab06413f9dc773915d > > linux-i686/en-US/firefox-45.1.0esr.tar.bz2 > > f69f52450c606f05041364784eb2ad36e4d368a1583c017c0b672986ac620f17399ddee49d66e90fb992bdd6173340a01d48d7583b3792ab06413f9dc773915d > > firefox-45.1.0-esr-32.tar.bz2 > > > > e59058d89c4896ee44040f209cae07a7ad6c8119dfdc214091bb255f6ca717cb9eae903c01b6550f72f7438e19f1b9650a68141100f7d9cdd306ed40ddc3439d > > linux-x86_64/en-US/firefox-45.1.0esr.tar.bz2 > > e59058d89c4896ee44040f209cae07a7ad6c8119dfdc214091bb255f6ca717cb9eae903c01b6550f72f7438e19f1b9650a68141100f7d9cdd306ed40ddc3439d > > firefox-45.1.0-esr-64.tar.bz2 > > > > 8c7c344d9e38f82cdee78b70cd8adb4878964b021f5cf2acb5cee2e11f80b1d8bdb890a37b65d07cdda0b28eecb1ec1271f2712ad38fc1dd519508f653b55316 > > win32/en-US/Firefox Setup 45.1.0esr.exe > > 8c7c344d9e38f82cdee78b70cd8adb4878964b021f5cf2acb5cee2e11f80b1d8bdb890a37b65d07cdda0b28eecb1ec1271f2712ad38fc1dd519508f653b55316 > > Firefox-Setup-45.1.0-esr-32.exe > > > > fd509fdfc55d9649a38a0a046ea312dad0d3583d86426070661817388781bc57b68c772687957b57d0caa917b3ce38c9098155abc2edb8b926adcdebe319dcb0 > > win64/en-US/Firefox Setup 45.1.0esr.exe > > fd509fdfc55d9649a38a0a046ea312dad0d3583d86426070661817388781bc57b68c772687957b57d0caa917b3ce38c9098155abc2edb8b926adcdebe319dcb0 > > Firefox-Setup-45.1.0-esr-64.exe > > > > > > _______________________________________________ > > Enterprise mailing list > > [email protected] > > https://mail.mozilla.org/listinfo/enterprise > > > > To unsubscribe from this list, please visit > > https://mail.mozilla.org/listinfo/enterprise or send an email to > > [email protected] with a subject of "unsubscribe" > > _______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
