2.3-Release 2G NanoBSD release not signed?



  • Received "This image is not digitally signed." error message when attempting to auto-upgrade from 2.0.2-Release. I know RCs typically aren't signed–is this true for stable releases as well?

    Update source: http://updates.pfsense.org/_updaters/

    File in question: latest-nanobsd-2g.img.gz, 12-Apr-2016 18:11
    SHA256 hash matches. MD5 does not, as it is for a previous version, pfSense-2.2.6-RELEASE-2g-i386-nanobsd-upgrade.img.gz.

    If there is a signature, but my install doesn't trust it because I'm running an ancient release, I apologize for the noise.



  • We stopped updating the md5s because recent versions only check the sha256, but I didn't think about the fact that much older releases can still need the md5. Fixed the md5s, and the staging script so those will continue to be updated.

    The signature is there and correct though. Maybe it errored out with a signature error because of the wrong md5? I don't recall for sure offhand how that would have failed in 2.0.x, too many releases since then. The cert on 2.0.x versions is the same as what's on 2.2.x. I'd already ran a full set of all 2.2.6 nanos through auto-update, but did it again on the same size and version your're on. All good.

    Try it again now that the md5 is correct.



  • Thanks for the quick response.
    I browsed through the logs, and found the following error message during the auto-update attempts:

    php: /system_firmware_auto.php: The command '/usr/local/sbin/gzsig verify /etc/pubkey.pem < '/root/latest.tgz'' returned exit code '2', the output was ''
    Not sure what hashing algorithms that version of gzsig supports, or if there is a file located at /root/latest.tgz. I believe the signature and hashes provided for file verification are unrelated, so they wouldn't have an impact.

    Since you vetted the file, I did attempt an auto-update configured to ignore unsigned images, and received a corrupt file notification. This could be the fault of file verification hashes, if it's expecting an different algorithm, file location, or contents.

    Instead of spending too much time on it, I'll probably be better off putting together an upgrade path to get to 2.2.6 and upgrading to 2.3 from there. Thanks for checking though!



  • Any indication you're running out of disk space? Probably would log in the system log. If you have additional packages installed it's possible to be down low enough on free space that it wouldn't have enough room to write the file out to /root/ and then it'd fail verification.

    Not likely an upgrade to 2.2.6 would succeed either, unless it is disk space and you happen to have enough to fit 2.2.6 (2.3 is ~80 MB bigger).