6 files changed, 69 insertions, 61 deletions

diff --git a/libopkg/opkg.c b/libopkg/opkg.c
index d69721b..11b5ee7 100644
--- a/libopkg/opkg.c
+++ b/libopkg/opkg.c
@@ -850,42 +850,44 @@ opkg_update_package_lists (opkg_t *opkg, opkg_progress_callback_t progress_callb
     free (url);
 
 #ifdef HAVE_GPGME
-    char *sig_file_name;
-    /* download detached signitures to verify the package lists */
-    /* get the url for the sig file */
-    if (src->extra_data)  /* debian style? */
-      sprintf_alloc (&url, "%s/%s/%s", src->value, src->extra_data,
-                     "Packages.sig");
-    else
-      sprintf_alloc (&url, "%s/%s", src->value, "Packages.sig");
+    if ( opkg->conf->check_signature ) {
+        char *sig_file_name;
+        /* download detached signitures to verify the package lists */
+        /* get the url for the sig file */
+        if (src->extra_data)  /* debian style? */
+            sprintf_alloc (&url, "%s/%s/%s", src->value, src->extra_data,
+                    "Packages.sig");
+        else
+            sprintf_alloc (&url, "%s/%s", src->value, "Packages.sig");
 
-    /* create filename for signature */
-    sprintf_alloc (&sig_file_name, "%s/%s.sig", lists_dir, src->name);
+        /* create filename for signature */
+        sprintf_alloc (&sig_file_name, "%s/%s.sig", lists_dir, src->name);
 
-    /* make sure there is no existing signature file */
-    unlink (sig_file_name);
+        /* make sure there is no existing signature file */
+        unlink (sig_file_name);
 
-    err = opkg_download (opkg->conf, url, sig_file_name, NULL, NULL);
-    if (err)
-    {
-      /* XXX: Warning: Download failed */
-    }
-    else
-    {
-      int err;
-      err = opkg_verify_file (opkg->conf, list_file_name, sig_file_name);
-      if (err == 0)
-      {
-        /* XXX: Notice: Signature check passed */
-      }
-      else
-      {
-        /* XXX: Warning: Signature check failed */
-      }
+        err = opkg_download (opkg->conf, url, sig_file_name, NULL, NULL);
+        if (err)
+        {
+            /* XXX: Warning: Download failed */
+        }
+        else
+        {
+            int err;
+            err = opkg_verify_file (opkg->conf, list_file_name, sig_file_name);
+            if (err == 0)
+            {
+                /* XXX: Notice: Signature check passed */
+            }
+            else
+            {
+                /* XXX: Warning: Signature check failed */
+            }
+        }
+        free (sig_file_name);
+        free (list_file_name);
+        free (url);
     }
-    free (sig_file_name);
-    free (list_file_name);
-    free (url);
 #else
     /* XXX: Note: Signature check for %s skipped because GPG support was not
      * enabled in this build
diff --git a/libopkg/opkg_cmd.c b/libopkg/opkg_cmd.c
index 411bb72..043536c 100644
--- a/libopkg/opkg_cmd.c
+++ b/libopkg/opkg_cmd.c
@@ -261,34 +261,36 @@ static int opkg_update_cmd(opkg_conf_t *conf, int argc, char **argv)
 	  free(url);
 
 #ifdef HAVE_GPGME
-	  /* download detached signitures to verify the package lists */
-	  /* get the url for the sig file */
-	  if (src->extra_data)	/* debian style? */
-	      sprintf_alloc(&url, "%s/%s/%s", src->value, src->extra_data,
-			    "Packages.sig");
-	  else
-	      sprintf_alloc(&url, "%s/%s", src->value, "Packages.sig");
-
-	  /* create temporary file for it */
-	  char *tmp_file_name;
-
-	  sprintf_alloc (&tmp_file_name, "%s/%s", tmp, "Packages.sig");
-
-	  err = opkg_download(conf, url, tmp_file_name, NULL, NULL);
-	  if (err) {
-	    failures++;
-		opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
-	  } else {
-	    int err;
-	    err = opkg_verify_file (conf, list_file_name, tmp_file_name);
-	    if (err == 0)
-		opkg_message (conf, OPKG_NOTICE, "Signature check passed\n");
-	    else
-		opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
-	  }
-	  unlink (tmp_file_name);
-	  free (tmp_file_name);
-	  free (url);
+          if (conf->check_signature) {
+              /* download detached signitures to verify the package lists */
+              /* get the url for the sig file */
+              if (src->extra_data)	/* debian style? */
+                  sprintf_alloc(&url, "%s/%s/%s", src->value, src->extra_data,
+                          "Packages.sig");
+              else
+                  sprintf_alloc(&url, "%s/%s", src->value, "Packages.sig");
+
+              /* create temporary file for it */
+              char *tmp_file_name;
+
+              sprintf_alloc (&tmp_file_name, "%s/%s", tmp, "Packages.sig");
+
+              err = opkg_download(conf, url, tmp_file_name, NULL, NULL);
+              if (err) {
+                  failures++;
+                  opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
+              } else {
+                  int err;
+                  err = opkg_verify_file (conf, list_file_name, tmp_file_name);
+                  if (err == 0)
+                      opkg_message (conf, OPKG_NOTICE, "Signature check passed\n");
+                  else
+                      opkg_message (conf, OPKG_NOTICE, "Signature check failed\n");
+              }
+              unlink (tmp_file_name);
+              free (tmp_file_name);
+              free (url);
+          }
 #else
           // Do nothing
 #endif
diff --git a/libopkg/opkg_conf.c b/libopkg/opkg_conf.c
index d722a0d..ac785c8 100644
--- a/libopkg/opkg_conf.c
+++ b/libopkg/opkg_conf.c
@@ -56,6 +56,7 @@ int opkg_init_options_array(const opkg_conf_t *conf, opkg_option_t **options)
 	  { "force_downgrade", OPKG_OPT_TYPE_BOOL, &conf->force_downgrade },
 	  { "force_reinstall", OPKG_OPT_TYPE_BOOL, &conf->force_reinstall },
 	  { "force_space", OPKG_OPT_TYPE_BOOL, &conf->force_space },
+          { "check_signature", OPKG_OPT_TYPE_INT, &conf->check_signature }, 
 	  { "ftp_proxy", OPKG_OPT_TYPE_STRING, &conf->ftp_proxy },
 	  { "http_proxy", OPKG_OPT_TYPE_STRING, &conf->http_proxy },
 	  { "no_proxy", OPKG_OPT_TYPE_STRING, &conf->no_proxy },
diff --git a/libopkg/opkg_conf.h b/libopkg/opkg_conf.h
index 407c8de..c2f9015 100644
--- a/libopkg/opkg_conf.h
+++ b/libopkg/opkg_conf.h
@@ -63,6 +63,7 @@ struct opkg_conf
      int force_space;
      int force_removal_of_dependent_packages;
      int force_removal_of_essential_packages;
+     int check_signature;
      int nodeps; /* do not follow dependences */
      char *offline_root;
      char *offline_root_path;
diff --git a/libopkg/opkg_download.c b/libopkg/opkg_download.c
index 93b5084..a212969 100644
--- a/libopkg/opkg_download.c
+++ b/libopkg/opkg_download.c
@@ -304,6 +304,8 @@ int
 opkg_verify_file (opkg_conf_t *conf, char *text_file, char *sig_file)
 {
 #ifdef HAVE_GPGME
+    if (conf->check_signature == 0 )
+        return 0;
     int status = -1;
     gpgme_ctx_t ctx;
     gpgme_data_t sig, text, key;
diff --git a/libopkg/opkg_install.c b/libopkg/opkg_install.c
index 5f154a5..50cdabb 100644
--- a/libopkg/opkg_install.c
+++ b/libopkg/opkg_install.c
@@ -832,7 +832,7 @@ int opkg_install_pkg(opkg_conf_t *conf, pkg_t *pkg, int from_upgrade)
      char *list_file_name, *sig_file_name, *lists_dir;
 
      /* check to ensure the package has come from a repository */
-     if (pkg->src)
+     if (conf->check_signature && pkg->src)
      {
        sprintf_alloc (&lists_dir, "%s",
                      (conf->restrict_to_default_dest)