diff options
author | ticktock35 <ticktock35@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2008-12-14 23:20:10 (EST) |
---|---|---|
committer | ticktock35 <ticktock35@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2008-12-14 23:20:10 (EST) |
commit | 080a13effc327e8d9c2419d425e81aedc37c6c89 (patch) | |
tree | 3a4a7b04e2b393d8695809e084efd8c75abe8d44 /opkg_cmd.c | |
parent | 41a2d0807aace08c3f2895d7768594c929edf3cd (diff) |
opkg: initial implementation of package list signature verification
git-svn-id: http://opkg.googlecode.com/svn/trunk@21 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Diffstat (limited to 'opkg_cmd.c')
-rw-r--r-- | opkg_cmd.c | 34 |
1 files changed, 34 insertions, 0 deletions
@@ -265,6 +265,40 @@ static int opkg_update_cmd(opkg_conf_t *conf, int argc, char **argv) list_file_name); } free(url); + + /* download detached signitures to verify the package lists */ + /* get the url for the sig file */ + if (src->extra_data) /* debian style? */ + sprintf_alloc(&url, "%s/%s/%s", src->value, src->extra_data, + "Packages.sig"); + else + sprintf_alloc(&url, "%s/%s", src->value, "Packages.sig"); + + /* create temporary dir for it */ + char *tmp, *tmp_file_name; + tmp = strdup ("/tmp/opkg.XXXXXX"); + if (mkdtemp (tmp) == NULL) { + perror ("mkdtemp"); + failures++; + continue; + } + sprintf_alloc (&tmp_file_name, "%s/%s", tmp, "Packages.sig"); + + err = opkg_download(conf, url, tmp_file_name); + if (err) { + failures++; + } else { + int err; + err = opkg_verify_file (list_file_name, tmp_file_name); + if (err == 0) + opkg_message (conf, OPKG_NOTICE, "Signature check passed\n"); + else + opkg_message (conf, OPKG_NOTICE, "Signature check failed\n"); + } + unlink (tmp_file_name); + free (tmp_file_name); + + free (url); free(list_file_name); } free(lists_dir); |