From bb8ea6c0dbaaaf1350a04c225720ec8736352159 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexis=20M=C3=A9taireau?= <alexis@freedom.press>
Date: Wed, 26 Feb 2025 17:08:25 +0100
Subject: [PATCH] FIXUP: Add a comment to update the DEFAULT_LOG_INDEX with
 releases

---
 dangerzone/updater/signatures.py | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/dangerzone/updater/signatures.py b/dangerzone/updater/signatures.py
index 15b8edb..8c2bf6f 100644
--- a/dangerzone/updater/signatures.py
+++ b/dangerzone/updater/signatures.py
@@ -26,6 +26,10 @@ def appdata_dir() -> Path:
     return Path(platformdirs.user_data_dir("dangerzone"))
 
 
+# RELEASE: Bump this value to the log index of the latest signature
+# to ensures the software can't upgrade to container images that predates it.
+DEFAULT_LOG_INDEX = 0
+
 # XXX Store this somewhere else.
 DEFAULT_PUBKEY_LOCATION = get_resource_path("freedomofpress-dangerzone-pub.key")
 SIGNATURES_PATH = appdata_dir() / "signatures"
@@ -156,17 +160,14 @@ def verify_signatures(
         raise errors.SignatureVerificationError("No signatures found")
 
     for signature in signatures:
-        if not verify_signature(signature, image_digest, pubkey):
-            msg = f"Unable to verify signature for {image_digest} with pubkey {pubkey}"
-            raise errors.SignatureVerificationError(msg)
-
+        verify_signature(signature, image_digest, pubkey)
     return True
 
 
 def get_last_log_index() -> int:
     SIGNATURES_PATH.mkdir(parents=True, exist_ok=True)
     if not LAST_LOG_INDEX.exists():
-        return 0
+        return DEFAULT_LOG_INDEX
 
     with open(LAST_LOG_INDEX) as f:
         return int(f.read())