aboutsummaryrefslogtreecommitdiffstats
path: root/package
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2015-04-06 19:38:37 +0000
committerFelix Fietkau <nbd@openwrt.org>2015-04-06 19:38:37 +0000
commit89345a15f0bbadb05e3f16ddfe2f50cdc5db8a65 (patch)
tree8b666cde86591e8fda06cbd744dbe575514979d8 /package
parentd43c6f9831001bfe35dd8e91a56d1b914d5ca144 (diff)
downloadmaster-187ad058-89345a15f0bbadb05e3f16ddfe2f50cdc5db8a65.tar.gz
master-187ad058-89345a15f0bbadb05e3f16ddfe2f50cdc5db8a65.tar.bz2
master-187ad058-89345a15f0bbadb05e3f16ddfe2f50cdc5db8a65.zip
opkg: add patch for supporting signature checking through usign
Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45284 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package')
-rw-r--r--package/system/opkg/patches/200-usign_support.patch91
1 files changed, 91 insertions, 0 deletions
diff --git a/package/system/opkg/patches/200-usign_support.patch b/package/system/opkg/patches/200-usign_support.patch
new file mode 100644
index 0000000000..991708a8a3
--- /dev/null
+++ b/package/system/opkg/patches/200-usign_support.patch
@@ -0,0 +1,91 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -169,6 +169,15 @@ if test "x$want_gpgme" = "xyes"; then
+ fi
+ fi
+
++AC_ARG_ENABLE(usign,
++ AC_HELP_STRING([--enable-usign], [Enable signature checking with usign
++ [[default=yes]] ]),
++ [want_usign="$enableval"], [want_usign="yes"])
++
++if test "x$want_usign" = "xyes"; then
++ AC_DEFINE(HAVE_USIGN, 1, [Define if you want usign support])
++fi
++
+ AC_SUBST(GPGME_CFLAGS)
+ AC_SUBST(GPGME_LIBS)
+
+--- a/libopkg/opkg.c
++++ b/libopkg/opkg.c
+@@ -599,7 +599,7 @@ opkg_update_package_lists(opkg_progress_
+ }
+ free(url);
+
+-#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
++#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
+ if (conf->check_signature) {
+ char *sig_file_name;
+ /* download detached signitures to verify the package lists */
+--- a/libopkg/opkg_cmd.c
++++ b/libopkg/opkg_cmd.c
+@@ -169,7 +169,7 @@ opkg_update_cmd(int argc, char **argv)
+ list_file_name);
+ }
+ free(url);
+-#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
++#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
+ if (conf->check_signature) {
+ /* download detached signitures to verify the package lists */
+ /* get the url for the sig file */
+--- a/libopkg/opkg_install.c
++++ b/libopkg/opkg_install.c
+@@ -1288,7 +1288,7 @@ opkg_install_pkg(pkg_t *pkg, int from_up
+ }
+
+ /* check that the repository is valid */
+- #if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
++ #if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
+ char *list_file_name, *sig_file_name, *lists_dir;
+
+ /* check to ensure the package has come from a repository */
+--- a/libopkg/opkg_download.c
++++ b/libopkg/opkg_download.c
+@@ -19,6 +19,7 @@
+
+ #include "config.h"
+
++#include <sys/wait.h>
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <libgen.h>
+@@ -342,7 +343,28 @@ opkg_prepare_url_for_install(const char
+ int
+ opkg_verify_file (char *text_file, char *sig_file)
+ {
+-#if defined HAVE_GPGME
++#if defined HAVE_USIGN
++ int status = -1;
++ int pid;
++
++ if (conf->check_signature == 0 )
++ return 0;
++
++ pid = fork();
++ if (pid < 0)
++ return -1;
++
++ if (!pid) {
++ execl("/usr/sbin/opkg-key", "opkg-key", "verify", sig_file, text_file, NULL);
++ exit(255);
++ }
++
++ waitpid(pid, &status, 0);
++ if (!WIFEXITED(status) || WEXITSTATUS(status))
++ return -1;
++
++ return 0;
++#elif defined HAVE_GPGME
+ if (conf->check_signature == 0 )
+ return 0;
+ int status = -1;