Age | Commit message (Collapse) | Author |
|
The OpenSSL libraries are used by libopkg directly, as an optional
method of verifying package feed signatures against a locally stored CA
certificate. They are enabled only when the --enable-openssl argument is
passed to AutoConf.
Assert that --enable-openssl is not widely used by opkg integrators and
that GPG feed signing (--enable-gpg) is preferred in all cases.
Remove:
* OpenSSL signature verification
* the --enable-openssl AutoConf option
* the `signature_ca_file` opkg conf setting
* the `signature_ca_path` opkg conf setting
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
Signed-off-by: Yann CARDAILLAC <yann.cardaillac@smile.fr>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
Since malloc.h is an extension to the language and is not available
on all systems (like BSD family), stdlib.h should be used instead,
which defines malloc function family.
Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
For some libc(musl) stdio.h may not get included indirectly which means
we need to mention it in explicit include list
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
|
|
Use an intermediate variable to move multi-line expressions outside of if
statements.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
For each file, the command executed was:
indent -linux -i4 -nut -sc -bbo -nhnl $f
This is the first step in improving the code formatting and further work is
still required. 'indent' is confused by the 'extern "c" {}' wrapping in the
header files and gets the indentation wrong. It also produces sub-optimal
formatting for some long lines.
Each file will be reviewed by hand after this commit.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
If the configuration option 'signature_type' is set to 'gpg-asc' then signatures
are assumed to be in ascii-armoured format with a filename extension of '.asc'
instead of '.sig'.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
The decision as to which signature verification method to use does not have to
be determined at compile time. Instead this decision can be selected at run time
using a configuration option.
If support for the selected method has not been compiled in, an error message is
displayed and the return value is -1.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
If no signature verification method is enabled, this is indicated by an error
message and a return value of -1 instead of simply being ignored.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
This function name is clearer as it specifies what verification is performed on
the file.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
The file to be verified may not always be a plain text file so calling this
argument 'text_file' could be confusing. Instead the arguments are named to
match the same arguments of opkg_verify_gpg_signature and
opkg_verify_openssl_signature.
The arguments are also given const modifiers as they are not modified.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
This function is always compiled so that callers don't need to check whether
sha256sum checking is enabled. If it isn't enabled, an INFO message is outputted
and the sha256sum is not checked.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|
|
This file will contain all verification checks to be performed on downloaded
files. For now it just contains opkg_verify_file().
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
|