1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
--- a/configure.ac
+++ b/configure.ac
@@ -169,6 +169,15 @@ if test "x$want_gpgme" = "xyes"; then
fi
fi
+AC_ARG_ENABLE(usign,
+ AC_HELP_STRING([--enable-usign], [Enable signature checking with usign
+ [[default=yes]] ]),
+ [want_usign="$enableval"], [want_usign="yes"])
+
+if test "x$want_usign" = "xyes"; then
+ AC_DEFINE(HAVE_USIGN, 1, [Define if you want usign support])
+fi
+
AC_SUBST(GPGME_CFLAGS)
AC_SUBST(GPGME_LIBS)
--- a/libopkg/opkg.c
+++ b/libopkg/opkg.c
@@ -599,7 +599,7 @@ opkg_update_package_lists(opkg_progress_
}
free(url);
-#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
+#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
if (conf->check_signature) {
char *sig_file_name;
/* download detached signitures to verify the package lists */
--- a/libopkg/opkg_cmd.c
+++ b/libopkg/opkg_cmd.c
@@ -169,7 +169,7 @@ opkg_update_cmd(int argc, char **argv)
list_file_name);
}
free(url);
-#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
+#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
if (conf->check_signature) {
/* download detached signitures to verify the package lists */
/* get the url for the sig file */
--- a/libopkg/opkg_install.c
+++ b/libopkg/opkg_install.c
@@ -1288,7 +1288,7 @@ opkg_install_pkg(pkg_t *pkg, int from_up
}
/* check that the repository is valid */
- #if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
+ #if defined(HAVE_GPGME) || defined(HAVE_OPENSSL) || defined(HAVE_USIGN)
char *list_file_name, *sig_file_name, *lists_dir;
/* check to ensure the package has come from a repository */
--- a/libopkg/opkg_download.c
+++ b/libopkg/opkg_download.c
@@ -19,6 +19,7 @@
#include "config.h"
+#include <sys/wait.h>
#include <stdio.h>
#include <unistd.h>
#include <libgen.h>
@@ -342,7 +343,28 @@ opkg_prepare_url_for_install(const char
int
opkg_verify_file (char *text_file, char *sig_file)
{
-#if defined HAVE_GPGME
+#if defined HAVE_USIGN
+ int status = -1;
+ int pid;
+
+ if (conf->check_signature == 0 )
+ return 0;
+
+ pid = fork();
+ if (pid < 0)
+ return -1;
+
+ if (!pid) {
+ execl("/usr/sbin/opkg-key", "opkg-key", "verify", sig_file, text_file, NULL);
+ exit(255);
+ }
+
+ waitpid(pid, &status, 0);
+ if (!WIFEXITED(status) || WEXITSTATUS(status))
+ return -1;
+
+ return 0;
+#elif defined HAVE_GPGME
if (conf->check_signature == 0 )
return 0;
int status = -1;
|
