From d0eb8ffd2410ff68b32c922c65261742332dc864 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Tue, 30 Apr 2019 11:41:45 +0200
Subject: version: add certificate checking for official versions

This is an easy circumventable check designed mostly for convenience.
---
 updater/downloader.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'updater')

diff --git a/updater/downloader.go b/updater/downloader.go
index c1ca4beb..382d284b 100644
--- a/updater/downloader.go
+++ b/updater/downloader.go
@@ -162,7 +162,7 @@ func DownloadVerifyAndExecute() (progress chan DownloadProgress) {
 		out = nil
 
 		progress <- DownloadProgress{Activity: "Verifying authenticode signature"}
-		if !version.IsOfficialPath(unverifiedDestinationFilename) {
+		if !version.VerifyAuthenticode(unverifiedDestinationFilename) {
 			os.Remove(unverifiedDestinationFilename)
 			progress <- DownloadProgress{Error: errors.New("The downloaded update does not have an authentic authenticode signature")}
 			return
-- 
cgit v1.2.3-59-g8ed1b