From 13ebc68636f922e799d71792748934b8883d2f1f Mon Sep 17 00:00:00 2001
From: zimbatm <zimbatm@zimbatm.com>
Date: Fri, 27 Dec 2013 15:18:40 +0000
Subject: [PATCH] Makes sure the GPG key fingerprint is inlined in the doc
 everywhere.

Instead of `curl $url | apt-get add -` use the ubuntu keyserver and a full
fingerprint to retreive the key. This makes the distribution of the GPG key
more secure an less likely to change even if 3rd party gains access to the
packages repository.

Docker-DCO-1.0-Signed-off-by: Jonas Pfenniger <zimbatm@zimbatm.com> (github: zimbatm)
---
 Vagrantfile                                 |  2 +-
 docs/sources/installation/ubuntulinux.rst   | 12 ++++--------
 docs/sources/installation/upgrading.rst     |  2 +-
 hack/infrastructure/docker-ci/deployment.py |  2 +-
 hack/install.sh                             |  2 +-
 hack/release.sh                             |  2 +-
 6 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/Vagrantfile b/Vagrantfile
index def85e5d72..c130587829 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -24,7 +24,7 @@ if [ -z "$user" ]; then
 fi
 
 # Adding an apt gpg key is idempotent.
-wget -q -O - https://get.docker.io/gpg | apt-key add -
+apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
 
 # Creating the docker.list file is idempotent, but it may overwrite desired
 # settings if it already exists.  This could be solved with md5sum but it
diff --git a/docs/sources/installation/ubuntulinux.rst b/docs/sources/installation/ubuntulinux.rst
index e4432c6710..8480979099 100644
--- a/docs/sources/installation/ubuntulinux.rst
+++ b/docs/sources/installation/ubuntulinux.rst
@@ -68,13 +68,11 @@ easy. **See the :ref:`installmirrors` section below if you are not in
 the United States.** Other sources of the Debian packages may be
 faster for you to install.
 
-First add the Docker repository key to your local keychain. You can use the
-``apt-key`` command to check the fingerprint matches: ``36A1 D786 9245 C895 0F96
-6E92 D857 6A8B A88D 21E9``
+First add the Docker repository key to your local keychain.
 
 .. code-block:: bash
 
-   sudo sh -c "wget -qO- https://get.docker.io/gpg | apt-key add -"
+   sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
 
 Add the Docker repository to your apt sources list, update and install the
 ``lxc-docker`` package.
@@ -142,13 +140,11 @@ Docker is available as a Debian package, which makes installation easy.
     Please note that these instructions have changed for 0.6. If you are upgrading from an earlier version, you will need
     to follow them again.
 
-First add the Docker repository key to your local keychain. You can use the
-``apt-key`` command to check the fingerprint matches: ``36A1 D786 9245 C895 0F96
-6E92 D857 6A8B A88D 21E9``
+First add the Docker repository key to your local keychain.
 
 .. code-block:: bash
 
-   sudo sh -c "wget -qO- https://get.docker.io/gpg | apt-key add -"
+   sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
 
 Add the Docker repository to your apt sources list, update and install the
 ``lxc-docker`` package.
diff --git a/docs/sources/installation/upgrading.rst b/docs/sources/installation/upgrading.rst
index ac4170dfba..c760115545 100644
--- a/docs/sources/installation/upgrading.rst
+++ b/docs/sources/installation/upgrading.rst
@@ -26,7 +26,7 @@ use ``apt-get`` to upgrade.
 .. code-block:: bash
 
    # Add the Docker repository key to your local keychain
-   sudo sh -c "curl https://get.docker.io/gpg | apt-key add -"
+   sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
 
    # Add the Docker repository to your apt sources list.
    sudo sh -c "echo deb https://get.docker.io/ubuntu docker main > /etc/apt/sources.list.d/docker.list"
diff --git a/hack/infrastructure/docker-ci/deployment.py b/hack/infrastructure/docker-ci/deployment.py
index 8fb0766bfe..fd0fdb0fe8 100755
--- a/hack/infrastructure/docker-ci/deployment.py
+++ b/hack/infrastructure/docker-ci/deployment.py
@@ -127,7 +127,7 @@ call('/usr/bin/rsync -aH {} {}@{}:{}'.format(DOCKER_CI_PATH, DO_IMAGE_USER, ip,
 
 # Install Docker and Buildbot dependencies
 sudo('mkdir /mnt/docker; ln -s /mnt/docker /var/lib/docker')
-sudo('wget -q -O - https://get.docker.io/gpg | apt-key add -')
+sudo('apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9')
 sudo('echo deb https://get.docker.io/ubuntu docker main >'
     ' /etc/apt/sources.list.d/docker.list')
 sudo('echo -e "deb http://archive.ubuntu.com/ubuntu raring main universe\n'
diff --git a/hack/install.sh b/hack/install.sh
index a22bb5c48e..0c92af3cd5 100755
--- a/hack/install.sh
+++ b/hack/install.sh
@@ -108,7 +108,7 @@ case "$lsb_dist" in
 		fi
 		(
 			set -x
-			$sh_c "$curl ${url}gpg | apt-key add -"
+			$sh_c "apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9"
 			$sh_c "echo deb ${url}ubuntu docker main > /etc/apt/sources.list.d/docker.list"
 			$sh_c 'sleep 3; apt-get update; apt-get install -y -q lxc-docker'
 		)
diff --git a/hack/release.sh b/hack/release.sh
index d1278a4c36..8256faa2dc 100755
--- a/hack/release.sh
+++ b/hack/release.sh
@@ -245,7 +245,7 @@ EOF
 # Add the repository to your APT sources
 echo deb $(s3_url)/ubuntu docker main > /etc/apt/sources.list.d/docker.list
 # Then import the repository key
-curl $(s3_url)/gpg | apt-key add -
+apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
 # Install docker
 apt-get update ; apt-get install -y lxc-docker