From 414c5be62b1300ed7fe1521a9a1abb6b2e0d8158 Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Wed, 2 Oct 2013 12:12:10 +0000 Subject: Add package signing infrastructure Add package signing key and certificate configuration options to the "Image configuration" submenu. If enabled, the Packages.gz list will be signed as file Packages.sig. The passphrase for the signing key can be sourced from a file or entered by the user. The signing certificate is automatically added to the firmware image if opkg-smime is selected. Signed-off-by: Evan Hunt Signed-off-by: Steven Barth git-svn-id: svn://svn.openwrt.org/openwrt/trunk@38284 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/system/opkg/Makefile | 6 +++++- package/system/opkg/files/opkg-smime.conf | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'package/system') diff --git a/package/system/opkg/Makefile b/package/system/opkg/Makefile index eb3b10a776..3327a8e1ad 100644 --- a/package/system/opkg/Makefile +++ b/package/system/opkg/Makefile @@ -109,8 +109,12 @@ define Package/opkg/Default/install endef Package/opkg/install = $(call Package/opkg/Default/install,$(1),) -Package/opkg-smime/install = $(call Package/opkg/Default/install,$(1),-smime) +define Package/opkg-smime/install + $(call Package/opkg/Default/install,$(1),-smime) + $(INSTALL_DIR) $(1)/etc/ssl/certs + $(if $(CONFIG_OPKGSMIME_CERT),$(INSTALL_DATA) $(call qstrip,$(CONFIG_OPKGSMIME_CERT)) $(1)/etc/ssl/certs/opkg.pem,) +endef define Build/InstallDev mkdir -p $(1)/usr/include diff --git a/package/system/opkg/files/opkg-smime.conf b/package/system/opkg/files/opkg-smime.conf index 103f231842..849bb65b20 100644 --- a/package/system/opkg/files/opkg-smime.conf +++ b/package/system/opkg/files/opkg-smime.conf @@ -4,4 +4,4 @@ dest ram /tmp lists_dir ext /var/opkg-lists option overlay_root /overlay option check_signature 1 -option signature_ca_path /etc/ssl/certs/ +option signature_ca_file /etc/ssl/certs/opkg.pem -- cgit v1.2.3