#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
+#include <openssl/ssl.h>
#endif
#if defined(HAVE_GPGME)
#include "file_util.h"
#include "str_util.h"
#include "opkg_defines.h"
+#include "libbb/libbb.h"
+
+#ifdef HAVE_PATHFINDER
+#include "opkg_pathfinder.h"
+#endif
#if defined(HAVE_OPENSSL) || defined(HAVE_SSLCURL)
static void openssl_init(void);
* each time
*/
static CURL *curl = NULL;
-static void opkg_curl_cleanup(void);
static CURL *opkg_curl_init(opkg_conf_t *conf, curl_progress_func cb, void *data);
#endif
{
int err = 0;
- char *src_basec = strdup(src);
+ char *src_basec = xstrdup(src);
char *src_base = basename(src_basec);
char *tmp_file_location;
}
#ifdef HAVE_CURL
- CURL *curl;
CURLcode res;
FILE * file = fopen (tmp_file_location, "w");
#else
{
int res;
- char *wgetcmd;
- char *wgetopts;
- wgetopts = getenv("OPKG_WGETOPTS");
- sprintf_alloc(&wgetcmd, "wget -q %s%s -O \"%s\" \"%s\"",
- (conf->http_proxy || conf->ftp_proxy) ? "-Y on " : "",
- (wgetopts!=NULL) ? wgetopts : "",
- tmp_file_location, src);
- opkg_message(conf, OPKG_INFO, "Executing: %s\n", wgetcmd);
- res = xsystem(wgetcmd);
- free(wgetcmd);
+ const char *argv[8];
+ int i = 0;
+
+ argv[i++] = "wget";
+ argv[i++] = "-q";
+ if (conf->http_proxy || conf->ftp_proxy) {
+ argv[i++] = "-Y";
+ argv[i++] = "on";
+ }
+ argv[i++] = "-O";
+ argv[i++] = tmp_file_location;
+ argv[i++] = src;
+ argv[i++] = NULL;
+ res = xsystem(argv);
+
if (res) {
opkg_message(conf, OPKG_ERROR, "Failed to download %s, error %d\n", src, res);
free(tmp_file_location);
static int opkg_download_cache(opkg_conf_t *conf, const char *src,
const char *dest_file_name, curl_progress_func cb, void *data)
{
- char *cache_name = strdup(src);
+ char *cache_name = xstrdup(src);
char *cache_location, *p;
int err = 0;
{
int err = 0;
pkg_t *pkg;
+
pkg = pkg_new();
- if (pkg == NULL)
- return ENOMEM;
if (str_starts_with(url, "http://")
|| str_starts_with(url, "ftp://")) {
char *tmp_file;
- char *file_basec = strdup(url);
+ char *file_basec = xstrdup(url);
char *file_base = basename(file_basec);
sprintf_alloc(&tmp_file, "%s/%s", conf->tmp_dir, file_base);
pkg->state_want = SW_INSTALL;
pkg->state_flag |= SF_PREFER;
pkg = hash_insert_pkg(&conf->pkg_hash, pkg, 1,conf);
- if ( pkg == NULL ){
- fprintf(stderr, "%s : This should never happen. Report this Bug in bugzilla please \n ",__FUNCTION__);
- return 0;
- }
+
if (namep) {
- *namep = strdup(pkg->name);
+ *namep = pkg->name;
}
return 0;
}
"Can't read signature file (Corrupted ?)\n");
goto verify_file_end;
}
+#if defined(HAVE_PATHFINDER)
+ if(conf->check_x509_path){
+ if(!pkcs7_pathfinder_verify_signers(p7)){
+ opkg_message(conf, OPKG_ERROR, "pkcs7_pathfinder_verify_signers: "
+ "Path verification failed\n");
+ goto verify_file_end;
+ }
+ }
+#endif
// Open the Package file to authenticate
if (!(indata = BIO_new_file(text_file, "rb"))){
#endif
#ifdef HAVE_CURL
-static void opkg_curl_cleanup(void){
+void opkg_curl_cleanup(void){
if(curl != NULL){
curl_easy_cleanup (curl);
curl = NULL;
* CURLOPT_SSL_VERIFYPEER default is nonzero (curl => 7.10)
*/
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+ }else{
+#ifdef HAVE_PATHFINDER
+ if(conf->check_x509_path){
+ if (curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, curl_ssl_ctx_function) != CURLE_OK){
+ opkg_message(conf, OPKG_DEBUG, "Failed to set ssl path verification callback\n");
+ }else{
+ curl_easy_setopt(curl, CURLOPT_SSL_CTX_DATA, NULL);
+ }
+ }
+#endif
}
/* certification authority file and/or path */
curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD, userpwd);
free (userpwd);
}
-
- /* add curl cleanup callback */
- if(!atexit(opkg_curl_cleanup)){
- opkg_message(conf,OPKG_DEBUG, "Failed to register atexit curl cleanup function\n");
- }
-
}
curl_easy_setopt (curl, CURLOPT_NOPROGRESS, (cb == NULL));