aboutsummaryrefslogtreecommitdiffstats
path: root/package
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@nbd.name>2019-02-12 16:37:30 +0100
committerFelix Fietkau <nbd@nbd.name>2019-02-12 16:42:03 +0100
commitb044b52ab9553b8d94cfc5565d2ea5013364159d (patch)
tree7c468694ce471599e58f500df1305594c5a4c532 /package
parent8f4e31ea6eeb3ff70aea8cda53d4ec66ac460ae0 (diff)
downloadupstream-b044b52ab9553b8d94cfc5565d2ea5013364159d.tar.gz
upstream-b044b52ab9553b8d94cfc5565d2ea5013364159d.tar.bz2
upstream-b044b52ab9553b8d94cfc5565d2ea5013364159d.zip
base-files: fix ucert verification
ucert needs to check the firmware part with metadata, but without the signature. Use the new fwtool mode to extract that without altering the firmware image inside the check Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'package')
-rw-r--r--package/base-files/files/lib/upgrade/fwtool.sh3
1 files changed, 2 insertions, 1 deletions
diff --git a/package/base-files/files/lib/upgrade/fwtool.sh b/package/base-files/files/lib/upgrade/fwtool.sh
index 6d7300bad6..a0b3fb0a04 100644
--- a/package/base-files/files/lib/upgrade/fwtool.sh
+++ b/package/base-files/files/lib/upgrade/fwtool.sh
@@ -18,7 +18,8 @@ fwtool_check_signature() {
return 0
fi
- ucert -V -m "$1" -c "/tmp/sysupgrade.ucert" -P /etc/opkg/keys
+ fwtool -q -T -s /dev/null "$1" | \
+ ucert -V -m - -c "/tmp/sysupgrade.ucert" -P /etc/opkg/keys
return $?
}