Opkg support for smime (pkcs7) packages list signing

[oweals/opkg-lede.git] / libopkg / opkg_cmd.c

diff --git a/libopkg/opkg_cmd.c b/libopkg/opkg_cmd.c
index 411bb72a45795c05d603d106cf6b5978e4247c07..4a0410ce32774e5de927421aa14ed54f05dd5978 100644 (file)
--- a/libopkg/opkg_cmd.c
+++ b/libopkg/opkg_cmd.c
@@ -167,7 +167,7 @@ int opkg_cmd_exec(opkg_cmd_t *cmd, opkg_conf_t *conf, int argc, const char **arg
        result = (cmd->fun)(conf, argc, argv);
 
         if ( result != 0 && !error_list) {
-           opkg_message(conf, OPKG_NOTICE, "An error ocurred, return value: %d.\n", result);
+           opkg_message(conf, OPKG_NOTICE, "An error occurred, return value: %d.\n", result);
         }
 
         opkg_print_error_list (conf);
@@ -259,36 +259,39 @@ static int opkg_update_cmd(opkg_conf_t *conf, int argc, char **argv)
                            list_file_name);
          }
          free(url);
-
-#ifdef HAVE_GPGME
-         /* download detached signitures to verify the package lists */
-         /* get the url for the sig file */
-         if (src->extra_data)  /* debian style? */
-             sprintf_alloc(&url, "%s/%s/%s", src->value, src->extra_data,
-                           "Packages.sig");
-         else
-             sprintf_alloc(&url, "%s/%s", src->value, "Packages.sig");
-
-         /* create temporary file for it */
-         char *tmp_file_name;
-
-         sprintf_alloc (&tmp_file_name, "%s/%s", tmp, "Packages.sig");
-
-         err = opkg_download(conf, url, tmp_file_name, NULL, NULL);
-         if (err) {
-           failures++;
-               opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
-         } else {
-           int err;
-           err = opkg_verify_file (conf, list_file_name, tmp_file_name);
-           if (err == 0)
-               opkg_message (conf, OPKG_NOTICE, "Signature check passed\n");
-           else
-               opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
-         }
-         unlink (tmp_file_name);
-         free (tmp_file_name);
-         free (url);
+#if defined(HAVE_GPGME) || defined(HAVE_OPENSSL)
+          if (conf->check_signature) {
+              /* download detached signitures to verify the package lists */
+              /* get the url for the sig file */
+              if (src->extra_data)     /* debian style? */
+                  sprintf_alloc(&url, "%s/%s/%s", src->value, src->extra_data,
+                          "Packages.sig");
+              else
+                  sprintf_alloc(&url, "%s/%s", src->value, "Packages.sig");
+
+              /* create temporary file for it */
+              char *tmp_file_name;
+
+              /* Put the signature in the right place */
+              sprintf_alloc (&tmp_file_name, "%s/%s.sig", lists_dir, src->name);
+
+              err = opkg_download(conf, url, tmp_file_name, NULL, NULL);
+              if (err) {
+                  failures++;
+                  opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
+              } else {
+                  int err;
+                  err = opkg_verify_file (conf, list_file_name, tmp_file_name);
+                  if (err == 0)
+                      opkg_message (conf, OPKG_NOTICE, "Signature check passed\n");
+                  else
+                      opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
+              }
+              /* We shouldn't unlink the signature ! */
+              // unlink (tmp_file_name);
+              free (tmp_file_name);
+              free (url);
+          }
 #else
           // Do nothing
 #endif
@@ -377,6 +380,7 @@ static int opkg_finalize_intercepts(opkg_intercept_t ctx)
            }
            free (path);
        }
+        closedir(dir);
     } else
        perror (ctx->statedir);
        
@@ -813,7 +817,7 @@ static int opkg_info_status_cmd(opkg_conf_t *conf, int argc, char **argv, int in
      char *pkg_name = NULL;
      char **pkg_fields = NULL;
      int n_fields = 0;
-     char *buff ; 
+     char *buff = NULL; 
 
      if (argc > 0) {
          pkg_name = argv[0];
@@ -845,6 +849,7 @@ static int opkg_info_status_cmd(opkg_conf_t *conf, int argc, char **argv, int in
    We need to free it :)  ( Thanks florian for seeing the error )
 */
                free(buff);
+               buff = NULL;
           }
          if (conf->verbosity > 1) {
               conffile_list_elt_t *iter;