From e259cf526cc83edf25faa295f138695274cbfe11 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Fri, 10 Feb 2017 10:37:02 +0100 Subject: [PATCH] cli: implement --force-signature Implement a new "--force-signature" flag which causes opkg to ignore signature verification errors. Signed-off-by: Jo-Philipp Wich --- libopkg/opkg_cmd.c | 2 +- libopkg/opkg_conf.h | 1 + libopkg/opkg_install.c | 6 ++++-- src/opkg-cl.c | 6 ++++++ 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/libopkg/opkg_cmd.c b/libopkg/opkg_cmd.c index c30e34d..04716fc 100644 --- a/libopkg/opkg_cmd.c +++ b/libopkg/opkg_cmd.c @@ -196,7 +196,7 @@ opkg_update_cmd(int argc, char **argv) else opkg_msg(NOTICE, "Signature check failed.\n"); } - if (err) { + if (err && !conf->force_signature) { /* The signature was wrong so delete it */ opkg_msg(NOTICE, "Remove wrong Signature file.\n"); unlink (tmp_file_name); diff --git a/libopkg/opkg_conf.h b/libopkg/opkg_conf.h index 09437f1..ca77c88 100644 --- a/libopkg/opkg_conf.h +++ b/libopkg/opkg_conf.h @@ -80,6 +80,7 @@ struct opkg_conf int force_remove; int force_checksum; int check_signature; + int force_signature; int nodeps; /* do not follow dependencies */ int nocase; /* perform case insensitive matching */ char *offline_root; diff --git a/libopkg/opkg_install.c b/libopkg/opkg_install.c index 7e0e17e..f833bc6 100644 --- a/libopkg/opkg_install.c +++ b/libopkg/opkg_install.c @@ -1306,13 +1306,15 @@ opkg_install_pkg(pkg_t *pkg, int from_upgrade) if (opkg_verify_file (list_file_name, sig_file_name)){ opkg_msg(ERROR, "Failed to verify the signature of %s.\n", list_file_name); - return -1; + if (!conf->force_signature) + return -1; } }else{ opkg_msg(ERROR, "Signature file is missing for %s. " "Perhaps you need to run 'opkg update'?\n", pkg->name); - return -1; + if (!conf->force_signature) + return -1; } free (lists_dir); diff --git a/src/opkg-cl.c b/src/opkg-cl.c index 4ce0414..a8e5717 100644 --- a/src/opkg-cl.c +++ b/src/opkg-cl.c @@ -51,6 +51,7 @@ enum { ARGS_OPT_NOCASE, ARGS_OPT_AUTOREMOVE, ARGS_OPT_CACHE, + ARGS_OPT_FORCE_SIGNATURE, }; static struct option long_options[] = { @@ -87,6 +88,8 @@ static struct option long_options[] = { {"force_remove", 0, 0, ARGS_OPT_FORCE_REMOVE}, {"force-checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM}, {"force_checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM}, + {"force-signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE}, + {"force_signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE}, {"noaction", 0, 0, ARGS_OPT_NOACTION}, {"download-only", 0, 0, ARGS_OPT_DOWNLOAD_ONLY}, {"nodeps", 0, 0, ARGS_OPT_NODEPS}, @@ -210,6 +213,9 @@ args_parse(int argc, char *argv[]) case ARGS_OPT_DOWNLOAD_ONLY: conf->download_only = 1; break; + case ARGS_OPT_FORCE_SIGNATURE: + conf->force_signature = 1; + break; case ':': parse_err = -1; break; -- 2.25.1