#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
+#include <openssl/ssl.h>
#endif
#if defined(HAVE_GPGME)
#include "includes.h"
#include "opkg_download.h"
#include "opkg_message.h"
-#include "opkg_state.h"
#include "sprintf_alloc.h"
#include "xsystem.h"
#include "file_util.h"
#include "str_util.h"
#include "opkg_defines.h"
+#include "libbb/libbb.h"
+
+#ifdef HAVE_PATHFINDER
+#include "opkg_pathfinder.h"
+#endif
#if defined(HAVE_OPENSSL) || defined(HAVE_SSLCURL)
static void openssl_init(void);
{
int err = 0;
- char *src_basec = strdup(src);
+ char *src_basec = xstrdup(src);
char *src_base = basename(src_basec);
char *tmp_file_location;
}
#ifdef HAVE_CURL
- CURL *curl;
CURLcode res;
FILE * file = fopen (tmp_file_location, "w");
static int opkg_download_cache(opkg_conf_t *conf, const char *src,
const char *dest_file_name, curl_progress_func cb, void *data)
{
- char *cache_name = strdup(src);
+ char *cache_name = xstrdup(src);
char *cache_location, *p;
int err = 0;
{
int err;
char *url;
- char *pkgid;
char *stripped_filename;
if (pkg->src == NULL) {
return -1;
}
- sprintf_alloc (&pkgid, "%s;%s;%s;", pkg->name, pkg->version, pkg->architecture);
- opkg_set_current_state (conf, OPKG_STATE_DOWNLOADING_PKG, pkgid);
- free (pkgid);
-
sprintf_alloc(&url, "%s/%s", pkg->src->value, pkg->filename);
/* XXX: BUG: The pkg->filename might be something like
err = opkg_download_cache(conf, url, pkg->local_filename, NULL, NULL);
free(url);
- opkg_set_current_state (conf, OPKG_STATE_NONE, NULL);
return err;
}
{
int err = 0;
pkg_t *pkg;
+
pkg = pkg_new();
- if (pkg == NULL)
- return ENOMEM;
if (str_starts_with(url, "http://")
|| str_starts_with(url, "ftp://")) {
char *tmp_file;
- char *file_basec = strdup(url);
+ char *file_basec = xstrdup(url);
char *file_base = basename(file_basec);
sprintf_alloc(&tmp_file, "%s/%s", conf->tmp_dir, file_base);
pkg->state_want = SW_INSTALL;
pkg->state_flag |= SF_PREFER;
pkg = hash_insert_pkg(&conf->pkg_hash, pkg, 1,conf);
- if ( pkg == NULL ){
- fprintf(stderr, "%s : This should never happen. Report this Bug in bugzilla please \n ",__FUNCTION__);
- return 0;
- }
+
if (namep) {
- *namep = strdup(pkg->name);
+ *namep = pkg->name;
}
return 0;
}
"Can't read signature file (Corrupted ?)\n");
goto verify_file_end;
}
+#if defined(HAVE_PATHFINDER)
+ if(conf->check_x509_path){
+ if(!pkcs7_pathfinder_verify_signers(p7)){
+ opkg_message(conf, OPKG_ERROR, "pkcs7_pathfinder_verify_signers: "
+ "Path verification failed\n");
+ goto verify_file_end;
+ }
+ }
+#endif
// Open the Package file to authenticate
if (!(indata = BIO_new_file(text_file, "rb"))){
* CURLOPT_SSL_VERIFYPEER default is nonzero (curl => 7.10)
*/
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+ }else{
+#ifdef HAVE_PATHFINDER
+ if(conf->check_x509_path){
+ if (curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, curl_ssl_ctx_function) != CURLE_OK){
+ opkg_message(conf, OPKG_DEBUG, "Failed to set ssl path verification callback\n");
+ }else{
+ curl_easy_setopt(curl, CURLOPT_SSL_CTX_DATA, NULL);
+ }
+ }
+#endif
}
/* certification authority file and/or path */