From 07a4c32f1f440f77c651089b835546b036f1d982 Mon Sep 17 00:00:00 2001 From: J0WI Date: Sun, 15 Oct 2017 16:20:26 +0200 Subject: [PATCH] Use TLS to fetch nginx sources, signatures and public keys --- mainline/alpine-perl/Dockerfile | 8 ++++---- mainline/alpine/Dockerfile | 8 ++++---- mainline/amplify/Dockerfile | 4 ++-- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- stable/alpine-perl/Dockerfile | 8 ++++---- stable/alpine/Dockerfile | 8 ++++---- stable/stretch-perl/Dockerfile | 4 ++-- stable/stretch/Dockerfile | 4 ++-- 9 files changed, 26 insertions(+), 26 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index c2746acc..9ef01439 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -67,14 +67,14 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ gd-dev \ geoip-dev \ perl-dev \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ && export GNUPGHOME="$(mktemp -d)" \ && found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $GPG_KEYS from $server"; \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 8868666d..ae4076ab 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -65,14 +65,14 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ libxslt-dev \ gd-dev \ geoip-dev \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ && export GNUPGHOME="$(mktemp -d)" \ && found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $GPG_KEYS from $server"; \ diff --git a/mainline/amplify/Dockerfile b/mainline/amplify/Dockerfile index f020604e..293d9721 100644 --- a/mainline/amplify/Dockerfile +++ b/mainline/amplify/Dockerfile @@ -17,8 +17,8 @@ RUN set -x \ found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 5a9e590b..0350382e 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -13,8 +13,8 @@ RUN set -x \ found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index fbfc09e2..62c172f4 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -13,8 +13,8 @@ RUN set -x \ found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index de8f3041..9c6c463e 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -67,14 +67,14 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ gd-dev \ geoip-dev \ perl-dev \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ && export GNUPGHOME="$(mktemp -d)" \ && found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $GPG_KEYS from $server"; \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 01894ea2..63275605 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -65,14 +65,14 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ libxslt-dev \ gd-dev \ geoip-dev \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ && export GNUPGHOME="$(mktemp -d)" \ && found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $GPG_KEYS from $server"; \ diff --git a/stable/stretch-perl/Dockerfile b/stable/stretch-perl/Dockerfile index 503c1412..37c7f224 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/stretch-perl/Dockerfile @@ -13,8 +13,8 @@ RUN set -x \ found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ diff --git a/stable/stretch/Dockerfile b/stable/stretch/Dockerfile index da310f16..56655101 100644 --- a/stable/stretch/Dockerfile +++ b/stable/stretch/Dockerfile @@ -13,8 +13,8 @@ RUN set -x \ found=''; \ for server in \ ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ + hkps://keyserver.ubuntu.com:80 \ + hkps://p80.pool.sks-keyservers.net:80 \ pgp.mit.edu \ ; do \ echo "Fetching GPG key $NGINX_GPGKEY from $server"; \