@@ -143,7 +143,7 @@ static int opkg_update_cmd(int argc, char **argv)
}
free(url);
#if defined(HAVE_USIGN)
- if (pkglist_dl_error == 0 && conf->check_signature) {
+ if (pkglist_dl_error == 0 && conf->check_signature && ! src->trusted) {
/* download detached signitures to verify the package lists */
/* get the url for the sig file */
if (src->extra_data) /* debian style? */
@@ -295,7 +295,7 @@ opkg_conf_parse_file(const char *filename,
if (!nv_pair_list_find
((nv_pair_list_t *) dist_src_list, name)) {
pkg_src_list_append(dist_src_list, name,
- value, extra, 0);
+ value, extra, 0, 0);
} else {
opkg_msg(ERROR,
"Duplicate dist declaration (%s %s). "
@@ -305,7 +305,7 @@ opkg_conf_parse_file(const char *filename,
if (!nv_pair_list_find
((nv_pair_list_t *) dist_src_list, name)) {
pkg_src_list_append(dist_src_list, name,
- value, extra, 1);
+ value, extra, 1, 0);
} else {
opkg_msg(ERROR,
"Duplicate dist declaration (%s %s). "
@@ -315,7 +315,7 @@ opkg_conf_parse_file(const char *filename,
if (!nv_pair_list_find
((nv_pair_list_t *) pkg_src_list, name)) {
pkg_src_list_append(pkg_src_list, name,
- value, extra, 0);
+ value, extra, 0, 0);
} else {
opkg_msg(ERROR,
"Duplicate src declaration (%s %s). "
@@ -325,7 +325,27 @@ opkg_conf_parse_file(const char *filename,
if (!nv_pair_list_find
((nv_pair_list_t *) pkg_src_list, name)) {
pkg_src_list_append(pkg_src_list, name,
- value, extra, 1);
+ value, extra, 1, 0);
+ } else {
+ opkg_msg(ERROR,
+ "Duplicate src declaration (%s %s). "
+ "Skipping.\n", name, value);
+ }
+ } else if (strcmp(type, "src/trusted") == 0) {
+ if (!nv_pair_list_find
+ ((nv_pair_list_t *) pkg_src_list, name)) {
+ pkg_src_list_append(pkg_src_list, name,
+ value, extra, 0, 1);
+ } else {
+ opkg_msg(ERROR,
+ "Duplicate src declaration (%s %s). "
+ "Skipping.\n", name, value);
+ }
+ } else if (strcmp(type, "src/gz/trusted") == 0) {
+ if (!nv_pair_list_find
+ ((nv_pair_list_t *) pkg_src_list, name)) {
+ pkg_src_list_append(pkg_src_list, name,
+ value, extra, 1, 1);
} else {
opkg_msg(ERROR,
"Duplicate src declaration (%s %s). "
@@ -84,7 +84,7 @@ int dist_hash_add_from_file(const char *lists_dir, pkg_src_t * dist)
return -1;
}
pkg_src_list_append(&conf->pkg_src_list, subname,
- dist->value, "__dummy__", 0);
+ dist->value, "__dummy__", 0, 0);
}
free(list_file);
@@ -19,11 +19,12 @@
#include "libbb/libbb.h"
int pkg_src_init(pkg_src_t * src, const char *name, const char *base_url,
- const char *extra_data, int gzip)
+ const char *extra_data, int gzip, int trusted)
{
src->gzip = gzip;
src->name = xstrdup(name);
src->value = xstrdup(base_url);
+ src->trusted = trusted;
if (extra_data)
src->extra_data = xstrdup(extra_data);
else
@@ -25,10 +25,11 @@ typedef struct {
char *value;
char *extra_data;
int gzip;
+ int trusted;
} pkg_src_t;
int pkg_src_init(pkg_src_t * src, const char *name, const char *base_url,
- const char *extra_data, int gzip);
+ const char *extra_data, int gzip, int trusted);
void pkg_src_deinit(pkg_src_t * src);
#endif
@@ -42,11 +42,11 @@ void pkg_src_list_deinit(pkg_src_list_t * list)
pkg_src_t *pkg_src_list_append(pkg_src_list_t * list,
const char *name, const char *base_url,
- const char *extra_data, int gzip)
+ const char *extra_data, int gzip, int trusted)
{
/* freed in pkg_src_list_deinit */
pkg_src_t *pkg_src = xcalloc(1, sizeof(pkg_src_t));
- pkg_src_init(pkg_src, name, base_url, extra_data, gzip);
+ pkg_src_init(pkg_src, name, base_url, extra_data, gzip, trusted);
void_list_append((void_list_t *) list, pkg_src);
@@ -38,6 +38,6 @@ void pkg_src_list_deinit(pkg_src_list_t * list);
pkg_src_t *pkg_src_list_append(pkg_src_list_t * list, const char *name,
const char *root_dir, const char *extra_data,
- int gzip);
+ int gzip, int trusted);
#endif
This options allows to individually disable signature checks for individual feeds. This option should only be used for local feeds or remote feeds downloaded via HTTPS. Within OpenWrt this option allows ImageBuilders to verify remote feeds while also taking local feeds into account which are unsigned. The two new config options are: src/trusted src/gz/trusted Signed-off-by: Paul Spooren <mail@aparcar.org> --- ImageBuilders offer a folder called "packages/" which includes at least the packages kernel_*.ipk and libc*.ipk, additionally packages provided by the user. It is not possible to enable signature checks within the ImageBuilder and allow an unsigned local package feed at the same time. This patch is an option to set the special local packages feed to "trusted". As an alternative, the ImageBuilder could generate usign keys which sign the local package feed, however those keys would then also be considered for remote feeds which seems less secure. libopkg/opkg_cmd.c | 2 +- libopkg/opkg_conf.c | 28 ++++++++++++++++++++++++---- libopkg/pkg_hash.c | 2 +- libopkg/pkg_src.c | 3 ++- libopkg/pkg_src.h | 3 ++- libopkg/pkg_src_list.c | 4 ++-- libopkg/pkg_src_list.h | 2 +- 7 files changed, 33 insertions(+), 11 deletions(-)