cli: implement --force-signature
authorJo-Philipp Wich <jo@mein.io>
Fri, 10 Feb 2017 09:37:02 +0000 (10:37 +0100)
committerJo-Philipp Wich <jo@mein.io>
Fri, 10 Feb 2017 09:37:02 +0000 (10:37 +0100)
Implement a new "--force-signature" flag which causes opkg to ignore signature
verification errors.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
libopkg/opkg_cmd.c
libopkg/opkg_conf.h
libopkg/opkg_install.c
src/opkg-cl.c

index c30e34d..04716fc 100644 (file)
@@ -196,7 +196,7 @@ opkg_update_cmd(int argc, char **argv)
                   else
                       opkg_msg(NOTICE, "Signature check failed.\n");
               }
-              if (err) {
+              if (err && !conf->force_signature) {
                   /* The signature was wrong so delete it */
                   opkg_msg(NOTICE, "Remove wrong Signature file.\n");
                   unlink (tmp_file_name);
index 09437f1..ca77c88 100644 (file)
@@ -80,6 +80,7 @@ struct opkg_conf
      int force_remove;
      int force_checksum;
      int check_signature;
+     int force_signature;
      int nodeps; /* do not follow dependencies */
      int nocase; /* perform case insensitive matching */
      char *offline_root;
index 7e0e17e..f833bc6 100644 (file)
@@ -1306,13 +1306,15 @@ opkg_install_pkg(pkg_t *pkg, int from_upgrade)
          if (opkg_verify_file (list_file_name, sig_file_name)){
            opkg_msg(ERROR, "Failed to verify the signature of %s.\n",
                            list_file_name);
-           return -1;
+           if (!conf->force_signature)
+             return -1;
          }
        }else{
          opkg_msg(ERROR, "Signature file is missing for %s. "
                          "Perhaps you need to run 'opkg update'?\n",
                         pkg->name);
-         return -1;
+         if (!conf->force_signature)
+           return -1;
        }
 
        free (lists_dir);
index 4ce0414..a8e5717 100644 (file)
@@ -51,6 +51,7 @@ enum {
        ARGS_OPT_NOCASE,
        ARGS_OPT_AUTOREMOVE,
        ARGS_OPT_CACHE,
+       ARGS_OPT_FORCE_SIGNATURE,
 };
 
 static struct option long_options[] = {
@@ -87,6 +88,8 @@ static struct option long_options[] = {
        {"force_remove", 0, 0, ARGS_OPT_FORCE_REMOVE},
        {"force-checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM},
        {"force_checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM},
+       {"force-signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE},
+       {"force_signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE},
        {"noaction", 0, 0, ARGS_OPT_NOACTION},
        {"download-only", 0, 0, ARGS_OPT_DOWNLOAD_ONLY},
        {"nodeps", 0, 0, ARGS_OPT_NODEPS},
@@ -210,6 +213,9 @@ args_parse(int argc, char *argv[])
         case ARGS_OPT_DOWNLOAD_ONLY:
                        conf->download_only = 1;
                        break;
+               case ARGS_OPT_FORCE_SIGNATURE:
+                       conf->force_signature = 1;
+                       break;
                case ':':
                        parse_err = -1;
                        break;