build: remove automake/autoconf build system Signed-off-by: Jo-Philipp Wich <jo@mein.io>
libopkg: make MD5 support optional Disable md5 support code by default and introduce a new configure flag "--enable-md5" which allows reenabling the code. This shrinks the opkg executable by a few KB. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
libopkg: add support for signature checking through usign Adds a new configure switch "--enable-usign" which enables code to perform package feed signature checking using an external "/usr/sbin/opkg-key" helper program. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
build: remove output shaving support Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Disable sha256 code by default. This makes opkg GPLv2 by default. git-svn-id: http://opkg.googlecode.com/svn/trunk@569 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Forgot these two files in the last commit. Oops. git-svn-id: http://opkg.googlecode.com/svn/trunk@548 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
s/ipkgetcdir/opkgetcdir/ From David Bachelart via Issue #53. git-svn-id: http://opkg.googlecode.com/svn/trunk@539 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Bump revision for release. git-svn-id: http://opkg.googlecode.com/svn/trunk@523 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Add a configure flag to specify the lockfile path git-svn-id: http://opkg.googlecode.com/svn/trunk@511 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Move libopkg.c out into the src dir. It shouldn't be part of the library. git-svn-id: http://opkg.googlecode.com/svn/trunk@499 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Bump version number. git-svn-id: http://opkg.googlecode.com/svn/trunk@454 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
shave: making the autotools output sane Use shave (http://git.lespiau.name/cgit/shave) to make compilation more human friendly. Shave is enabled by default, Use --disable-shave to see the actual compiler and linker commands being executed. git-svn-id: http://opkg.googlecode.com/svn/trunk@364 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Respect the --with-opkglibdir configure switch in update-alternatives. From John L. Chmielewski <jlcster@gmail.com>. git-svn-id: http://opkg.googlecode.com/svn/trunk@342 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Specify --enable-pathfinder instead of --with-pathfinder. git-svn-id: http://opkg.googlecode.com/svn/trunk@265 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
I hate autotools. If the first call to PKG_CHECK_MODULES() may not occur, then the macro does something really really stupid: it sets PKG_CONFIG="". Thus subsequent calls will fail and tell you that pkg-config cannot be found or is too old. git-svn-id: http://opkg.googlecode.com/svn/trunk@264 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Add pathfinder support for certificate validation From http://code.google.com/p/pathfinder-pki/ PathFinder is designed to provide a mechanism for any program to perform RFC3280-compliant path validation of X509 certificates, even when some of the intermediate certificates are not present on the local machine. By design, Pathfinder automatically downloads any such certificates from the Internet as needed using the AIA and CRL distribution point extensions of the certificates it is processing. It has the ability to do revocation status checking either using CRL or OCSP, or both. And, given the recent vulnerabilities that have rendered the MD5 algorithm highly suspect, it allows the administrator to choose to not validate certificates using that algorithm anywhere in the trust path. git-svn-id: http://opkg.googlecode.com/svn/trunk@261 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Make `curl' an instance variable and ssl support This patch adds several new options - option ssl_ca_path /path/to/dir Tells curl to use the specified certificate directory to verify the peer. The certificates must be in PEM format, and the directory must have been processed using the c_rehash utility supplied with openssl. - option ssl_ca_file Tells curl to use the specified certificate file to verify the peer. The file may contain multiple CA certificates - option ssl_key_type Tells curl the Private key file type. Specify which type your ssl_key provided private key is. PEM (default), DER and ENG (see option ssl_engine) are recognized types. - option ssl_cert_type Tells curl what certificate type the provided certificate is in. PEM (default), DER and ENG (see option ssl_engine) are recognized types. - option ssl_key & option ssl_cert Tells curl to use the specified certificate file and private key when getting a file with HTTPS - option ssl_key_passwd Passphrase for the private key - option ssl_engine Select the OpenSSL crypto engine to use for cipher operations. - option ssl_dont_verify_peer This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate. This makes all connections considered "insecure" fail unless ssl_dont_verify_peer is used. git-svn-id: http://opkg.googlecode.com/svn/trunk@251 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Opkg support for smime (pkcs7) packages list signing Thanks to Camille Moncelier <moncelier@devlife.org> http://groups.google.com/group/opkg-devel/browse_thread/thread/6071ce290d5ceb77?utoken=qjR-TC0AAADKDldt5ZXsDDLs9sWCpWZI1zgeariQUwksg5ob1tmaFTCAL7MTcQRO6S85GfHgQ_k As promised :) here is a patch allowing opkg to authenticate a package list using smime and openssl instead of gpgme Example: Sign a package list: openssl smime -sign -in /path/to/repo/Packages \ -signer /root/server.pem -binary \ -outform PEM -out /path/to/repo/Packages.sig Configuration in /etc/opkg/opkg.conf option check_signature 1 option signature_ca_file /etc/serverCA.pem option signature_ca_path /path/to/certs/dir opkg update Downloading http://repo:8000/Packages Updated list of available packages in /usr/lib/opkg/lists/angstrom Downloading http://repo:8000/Packages.sig Signature check passed Package list corruption or MIM: Downloading http://repo:8000/Packages Updated list of available packages in /usr/lib/opkg/lists/angstrom Downloading http://repo:8000/Packages.sig Signature check failed Collected errors: * Verification failure Camille Moncelier http://devlife.org/ git-svn-id: http://opkg.googlecode.com/svn/trunk@221 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Add sha256 ckecksums to okpg Thanks to Camille Moncelier <moncelier@devlife.org> http://groups.google.com/group/opkg-devel/browse_thread/thread/78a2eb328da0ef73?utoken=pV1Kli0AAADKDldt5ZXsDDLs9sWCpWZI0mClVcTs45ANzZ7C9NH-1YGBxa5Bow63PTuzFmQCb1c Here is a patch which adds sha256 checksum checking to Opkg. More Opkg patches will follow shortly (x509 and smime signature support, libcurl client/server authentication) I hope these patch will be useful and finds their ways into okpg Camille Moncelier http://devlife.org/ git-svn-id: http://opkg.googlecode.com/svn/trunk@220 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
adds a configure option so "/etc/opkg" can be changed when opkg is configured and built. fix issue due to an error of opkg_conf.c Thanks to jlc <jlcster@gmail.com> http://groups.google.com/group/opkg-devel/browse_thread/thread/5c6e55832a7168aa git-svn-id: http://opkg.googlecode.com/svn/trunk@213 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358