diff options
author | ticktock35 <ticktock35@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2008-12-28 02:53:44 (EST) |
---|---|---|
committer | ticktock35 <ticktock35@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2008-12-28 02:53:44 (EST) |
commit | fb70577757cf49404fc6e837bd94d4f7d1f81f61 (patch) | |
tree | 3b5a9d6380b0cb4d3f5fe9de0791cc004001f875 /libopkg/opkg_cmd.c | |
parent | 2c6f8eda7145ce3e8645567aa930b16853770f94 (diff) |
adding check_signature config
default if off
you can turn that on via adding one line in /etc/opkg/opkg.conf file
+ option check_signature 1
git-svn-id: http://opkg.googlecode.com/svn/trunk@193 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Diffstat (limited to 'libopkg/opkg_cmd.c')
-rw-r--r-- | libopkg/opkg_cmd.c | 58 |
1 files changed, 30 insertions, 28 deletions
diff --git a/libopkg/opkg_cmd.c b/libopkg/opkg_cmd.c index 411bb72..043536c 100644 --- a/libopkg/opkg_cmd.c +++ b/libopkg/opkg_cmd.c @@ -261,34 +261,36 @@ static int opkg_update_cmd(opkg_conf_t *conf, int argc, char **argv) free(url); #ifdef HAVE_GPGME - /* download detached signitures to verify the package lists */ - /* get the url for the sig file */ - if (src->extra_data) /* debian style? */ - sprintf_alloc(&url, "%s/%s/%s", src->value, src->extra_data, - "Packages.sig"); - else - sprintf_alloc(&url, "%s/%s", src->value, "Packages.sig"); - - /* create temporary file for it */ - char *tmp_file_name; - - sprintf_alloc (&tmp_file_name, "%s/%s", tmp, "Packages.sig"); - - err = opkg_download(conf, url, tmp_file_name, NULL, NULL); - if (err) { - failures++; - opkg_message (conf, OPKG_NOTICE, "Signature check failed\n"); - } else { - int err; - err = opkg_verify_file (conf, list_file_name, tmp_file_name); - if (err == 0) - opkg_message (conf, OPKG_NOTICE, "Signature check passed\n"); - else - opkg_message (conf, OPKG_NOTICE, "Signature check failed\n"); - } - unlink (tmp_file_name); - free (tmp_file_name); - free (url); + if (conf->check_signature) { + /* download detached signitures to verify the package lists */ + /* get the url for the sig file */ + if (src->extra_data) /* debian style? */ + sprintf_alloc(&url, "%s/%s/%s", src->value, src->extra_data, + "Packages.sig"); + else + sprintf_alloc(&url, "%s/%s", src->value, "Packages.sig"); + + /* create temporary file for it */ + char *tmp_file_name; + + sprintf_alloc (&tmp_file_name, "%s/%s", tmp, "Packages.sig"); + + err = opkg_download(conf, url, tmp_file_name, NULL, NULL); + if (err) { + failures++; + opkg_message (conf, OPKG_NOTICE, "Signature check failed\n"); + } else { + int err; + err = opkg_verify_file (conf, list_file_name, tmp_file_name); + if (err == 0) + opkg_message (conf, OPKG_NOTICE, "Signature check passed\n"); + else + opkg_message (conf, OPKG_NOTICE, "Signature check failed\n"); + } + unlink (tmp_file_name); + free (tmp_file_name); + free (url); + } #else // Do nothing #endif |