aboutsummaryrefslogtreecommitdiffstats
path: root/package
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2015-04-06 19:38:37 +0000
committerFelix Fietkau <nbd@openwrt.org>2015-04-06 19:38:37 +0000
commit3efd1303d81364e5bcdf71e981518aebcedbe70e (patch)
tree965e7955794769f326b16c3fa0e254515c19eb2d /package
parenta6cb86f48dcbf5bfde40d24fb210221c8e26cf16 (diff)
downloadupstream-3efd1303d81364e5bcdf71e981518aebcedbe70e.tar.gz
upstream-3efd1303d81364e5bcdf71e981518aebcedbe70e.tar.bz2
upstream-3efd1303d81364e5bcdf71e981518aebcedbe70e.zip
opkg: add patch for supporting signature checking through usign
Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45284
Diffstat (limited to 'package')
-rw-r--r--package/system/opkg/patches/200-usign_support.patch91
1 files changed, 91 insertions, 0 deletions
diff --git a/package/system/opkg/patches/200-usign_support.patch b/package/system/opkg/patches/200-usign_support.patch
new file mode 100644
index 0000000000..991708a8a3
--- /dev/null
+++ b/package/system/opkg/patches/200-usign_support.patch
@@ -0,0 +1,91 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -169,6 +169,15 @@ if test "x$want_gpgme" = "xyes"; then
+ fi
+ fi
+
++AC_ARG_ENABLE(usign,
++ AC_HELP_STRING([--enable-usign], [Enable signature checking with usign
++ [[default=yes]] ]),
++ [want_usign="$enableval"], [want_usign="yes"])
++
++if test "x$want_usign" = "xyes"; then
++ AC_DEFINE(HAVE_USIGN, 1, [Define if you want usign support])
++fi
++
+ AC_SUBST(GPGME_CFLAGS)
+ AC_SUBST(GPGME_LIBS)
+
+--- a/libopkg/opkg.c
++++ b/libopkg/opkg.c
+@@ -599,7 +599,7 @@ opkg_update_package_lists(opkg_progress_
+ }
+ free(url);
+
+-#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
++#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
+ if (conf->check_signature) {
+ char *sig_file_name;
+ /* download detached signitures to verify the package lists */
+--- a/libopkg/opkg_cmd.c
++++ b/libopkg/opkg_cmd.c
+@@ -169,7 +169,7 @@ opkg_update_cmd(int argc, char **argv)
+ list_file_name);
+ }
+ free(url);
+-#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
++#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
+ if (conf->check_signature) {
+ /* download detached signitures to verify the package lists */
+ /* get the url for the sig file */
+--- a/libopkg/opkg_install.c
++++ b/libopkg/opkg_install.c
+@@ -1288,7 +1288,7 @@ opkg_install_pkg(pkg_t *pkg, int from_up
+ }
+
+ /* check that the repository is valid */
+- #if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
++ #if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
+ char *list_file_name, *sig_file_name, *lists_dir;
+
+ /* check to ensure the package has come from a repository */
+--- a/libopkg/opkg_download.c
++++ b/libopkg/opkg_download.c
+@@ -19,6 +19,7 @@
+
+ #include "config.h"
+
++#include <sys/wait.h>
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <libgen.h>
+@@ -342,7 +343,28 @@ opkg_prepare_url_for_install(const char
+ int
+ opkg_verify_file (char *text_file, char *sig_file)
+ {
+-#if defined HAVE_GPGME
++#if defined HAVE_USIGN
++ int status = -1;
++ int pid;
++
++ if (conf->check_signature == 0 )
++ return 0;
++
++ pid = fork();
++ if (pid < 0)
++ return -1;
++
++ if (!pid) {
++ execl("/usr/sbin/opkg-key", "opkg-key", "verify", sig_file, text_file, NULL);
++ exit(255);
++ }
++
++ waitpid(pid, &status, 0);
++ if (!WIFEXITED(status) || WEXITSTATUS(status))
++ return -1;
++
++ return 0;
++#elif defined HAVE_GPGME
+ if (conf->check_signature == 0 )
+ return 0;
+ int status = -1;