From b6f196764a30e75f4667ac68ad92c001dce19e91 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jo@mein.io>
Date: Sun, 3 May 2020 18:01:57 +0200
Subject: [PATCH] libopkg: use xsystem() to spawn opkg-key

Instead of the custom fork()/exec() implementation, use the existing
xsystem() helper function which provides a number of benefits:

 - It readily provides error reporting in case the execution fails
 - It has a simpler api
 - It uses vfork() internally which avoids the need to copy pages

This likely fixes https://bugs.openwrt.org/index.php?do=details&task_id=2734.

Fixes: 71f02a3 ("libopkg: add support for signature checking through usign")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
 libopkg/opkg_download.c | 26 +++-----------------------
 1 file changed, 3 insertions(+), 23 deletions(-)

diff --git a/libopkg/opkg_download.c b/libopkg/opkg_download.c
index f9e7e98..e970506 100644
--- a/libopkg/opkg_download.c
+++ b/libopkg/opkg_download.c
@@ -17,7 +17,6 @@
    General Public License for more details.
 */
 
-#include <sys/wait.h>
 #include <stdio.h>
 #include <unistd.h>
 #include <libgen.h>
@@ -299,29 +298,10 @@ int opkg_prepare_url_for_install(const char *url, char **namep)
 int opkg_verify_file(char *text_file, char *sig_file)
 {
 #if defined HAVE_USIGN
-	int status = -1;
-	int pid;
+	const char *argv[] = { "/usr/sbin/opkg-key", "verify", sig_file,
+	                       text_file, NULL };
 
-	if (conf->check_signature == 0)
-		return 0;
-
-	pid = fork();
-	if (pid < 0) {
-		opkg_perror(ERROR, "Failed to fork opkg-key process");
-		return -1;
-	}
-
-	if (!pid) {
-		execl("/usr/sbin/opkg-key", "opkg-key", "verify", sig_file,
-		      text_file, NULL);
-		exit(255);
-	}
-
-	waitpid(pid, &status, 0);
-	if (!WIFEXITED(status) || WEXITSTATUS(status))
-		return -1;
-
-	return 0;
+	return xsystem(argv) ? -1 : 0;
 #else
 	/* mute `unused variable' warnings. */
 	(void)sig_file;
-- 
2.25.1