summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add pathfinder support for certificate validationpixdamix2009-11-056-5/+180
| | | | | | | | | | | | | | | | | | From http://code.google.com/p/pathfinder-pki/ PathFinder is designed to provide a mechanism for any program to perform RFC3280-compliant path validation of X509 certificates, even when some of the intermediate certificates are not present on the local machine. By design, Pathfinder automatically downloads any such certificates from the Internet as needed using the AIA and CRL distribution point extensions of the certificates it is processing. It has the ability to do revocation status checking either using CRL or OCSP, or both. And, given the recent vulnerabilities that have rendered the MD5 algorithm highly suspect, it allows the administrator to choose to not validate certificates using that algorithm anywhere in the trust path. git-svn-id: http://opkg.googlecode.com/svn/trunk@261 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* These functions cannot fail, so return void.graham.gower2009-11-0412-76/+51
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@260 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* s/malloc/xmalloc/ s/calloc/xcalloc/ s/realloc/realloc/graham.gower2009-11-0421-219/+80
| | | | | | | And redundant error checking removed from the places where allocation failures were actually checked. git-svn-id: http://opkg.googlecode.com/svn/trunk@259 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Don't set PATH="/dev/null". Shuffle things around while here.graham.gower2009-11-041-31/+27
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@258 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove code path which cannot be executed.graham.gower2009-11-041-2/+0
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@257 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* s/strndup/xstrndup/ - check memory allocations for failure.graham.gower2009-11-032-8/+8
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@256 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* s/strdup/xstrdup/ - check memory allocations for failure.graham.gower2009-11-0314-72/+64
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@255 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove some strdup abuse.graham.gower2009-11-034-21/+30
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@254 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove str_dup_safe() in favour of xstrdup() from libbb.graham.gower2009-11-035-29/+21
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@253 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove unused opkg_set_current_state bits.graham.gower2009-11-0310-142/+10
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@252 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Make `curl' an instance variable and ssl supportpixdamix2009-11-035-32/+231
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds several new options - option ssl_ca_path /path/to/dir Tells curl to use the specified certificate directory to verify the peer. The certificates must be in PEM format, and the directory must have been processed using the c_rehash utility supplied with openssl. - option ssl_ca_file Tells curl to use the specified certificate file to verify the peer. The file may contain multiple CA certificates - option ssl_key_type Tells curl the Private key file type. Specify which type your ssl_key provided private key is. PEM (default), DER and ENG (see option ssl_engine) are recognized types. - option ssl_cert_type Tells curl what certificate type the provided certificate is in. PEM (default), DER and ENG (see option ssl_engine) are recognized types. - option ssl_key & option ssl_cert Tells curl to use the specified certificate file and private key when getting a file with HTTPS - option ssl_key_passwd Passphrase for the private key - option ssl_engine Select the OpenSSL crypto engine to use for cipher operations. - option ssl_dont_verify_peer This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate. This makes all connections considered "insecure" fail unless ssl_dont_verify_peer is used. git-svn-id: http://opkg.googlecode.com/svn/trunk@251 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* The list-installed command does not exist.graham.gower2009-11-031-1/+0
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@250 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove response_callback bits. Forgot to commit this before.graham.gower2009-11-032-25/+15
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@249 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove some code duplication, check for realloc failure.graham.gower2009-11-031-6/+9
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@248 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Clean up pkg_vec_insert.graham.gower2009-11-031-4/+8
| | | | | | | | - Check for realloc failure. - Don't cast an lvalue. - Remove unused counter. git-svn-id: http://opkg.googlecode.com/svn/trunk@247 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove prototype for deleted function.graham.gower2009-11-021-1/+0
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@246 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Stop my eyes from bleeding.graham.gower2009-11-023-497/+111
| | | | | | | Testing shows that the info and status commands give the same output as before. If you find a case where they differ, please let me know. git-svn-id: http://opkg.googlecode.com/svn/trunk@245 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove unused callbacks, a legacy of the now removed ipkg API.graham.gower2009-11-023-74/+1
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@244 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Stop using opkg_cb_message.graham.gower2009-11-022-18/+13
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@243 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Clean up some _cmd functions, in particular remove use of print callbacks.graham.gower2009-11-021-121/+34
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@242 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Remove unused code: if pkg was NULL, we would already have segfaulted.graham.gower2009-11-021-3/+0
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@241 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* opkg: fix nullpointer dereferencepixdamix2009-11-021-1/+1
| | | | | | Applied 011-fix_nullpointer_deref.patch from OpenWRT git-svn-id: http://opkg.googlecode.com/svn/trunk@240 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* opkg: fix the -force_space optionpixdamix2009-11-021-0/+3
| | | | | | - 006-fix_force_space.patch from OpenWRT git-svn-id: http://opkg.googlecode.com/svn/trunk@239 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Cleanup error_list stuff a bit more.graham.gower2009-11-017-84/+60
| | | | | | | | | - Remove reverse_error_list. - Push messages on to the tail of the list. - Move the print function in with the other error list functions. - Indentation and variable name cleanups. git-svn-id: http://opkg.googlecode.com/svn/trunk@238 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Free memory if we fail to remove a package due to it having dependents.graham.gower2009-11-011-0/+1
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@237 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Avoid reading past the end of the array.graham.gower2009-11-011-1/+1
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@236 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* pkg_init_from_file() already does this strdup(), so stop another leak.graham.gower2009-11-012-4/+0
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@235 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Free memory used when parsing a control file.graham.gower2009-11-011-2/+8
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@234 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Fix memory leaks.graham.gower2009-11-011-13/+21
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@233 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* free() temporary string.graham.gower2009-11-011-0/+1
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@232 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Missing free in sha256 hash verificationpixdamix2009-10-301-0/+1
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@231 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Add missing free (again)pixdamix2009-10-301-0/+7
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@230 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Fix some memory leaks.graham.gower2009-10-304-10/+8
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@229 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* The compiler almost certainly knows better.graham.gower2009-10-304-31/+31
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@228 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Fix problems in error listpixdamix2009-10-294-15/+33
| | | | | | | | | | push_error_list() should allocate the sizeof(struct) not sizeof(pointer to struct). And add some memory deallocation in error paths found while looking at this. git-svn-id: http://opkg.googlecode.com/svn/trunk@227 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Removed a unused variable warningpixdamix2009-10-281-0/+4
| | | | | | | When compiled without openssl nor gpg signature verification opkg build fail due to 3 unused variable and -Werror git-svn-id: http://opkg.googlecode.com/svn/trunk@226 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Add error messages in case of signature errorpixdamix2009-10-281-1/+6
| | | | git-svn-id: http://opkg.googlecode.com/svn/trunk@225 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Fix implicit declaration of strnduppixdamix2009-10-281-1/+1
| | | | | | | | s/strndup/xstrndup/ Thanks to Graham Gower <graham.gower@gmail.com> git-svn-id: http://opkg.googlecode.com/svn/trunk@224 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Adding sha256.[ch]ticktock352009-10-282-0/+645
| | | | | | | Sorry forgot adding them. Thanks for Graham Gower <graham.gower@gmail.com> git-svn-id: http://opkg.googlecode.com/svn/trunk@223 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Improve the poor man's fseek in unarchive.cpixdamix2009-10-271-6/+22
| | | | | | | | | | Modified seek_sub_file since the fgetc in the for loop was very slow when installing huge packages. A test on my machine showed a 4x gain when installing a large package (23Mib) git-svn-id: http://opkg.googlecode.com/svn/trunk@222 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Opkg support for smime (pkcs7) packages list signingticktock352009-10-278-9/+178
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Thanks to Camille Moncelier <moncelier@devlife.org> http://groups.google.com/group/opkg-devel/browse_thread/thread/6071ce290d5ceb77?utoken=qjR-TC0AAADKDldt5ZXsDDLs9sWCpWZI1zgeariQUwksg5ob1tmaFTCAL7MTcQRO6S85GfHgQ_k As promised :) here is a patch allowing opkg to authenticate a package list using smime and openssl instead of gpgme Example: Sign a package list: openssl smime -sign -in /path/to/repo/Packages \ -signer /root/server.pem -binary \ -outform PEM -out /path/to/repo/Packages.sig Configuration in /etc/opkg/opkg.conf option check_signature 1 option signature_ca_file /etc/serverCA.pem option signature_ca_path /path/to/certs/dir opkg update Downloading http://repo:8000/Packages Updated list of available packages in /usr/lib/opkg/lists/angstrom Downloading http://repo:8000/Packages.sig Signature check passed Package list corruption or MIM: Downloading http://repo:8000/Packages Updated list of available packages in /usr/lib/opkg/lists/angstrom Downloading http://repo:8000/Packages.sig Signature check failed Collected errors: * Verification failure Camille Moncelier http://devlife.org/ git-svn-id: http://opkg.googlecode.com/svn/trunk@221 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Add sha256 ckecksums to okpgticktock352009-10-2711-2/+127
| | | | | | | | | | | | | | | | Thanks to Camille Moncelier <moncelier@devlife.org> http://groups.google.com/group/opkg-devel/browse_thread/thread/78a2eb328da0ef73?utoken=pV1Kli0AAADKDldt5ZXsDDLs9sWCpWZI0mClVcTs45ANzZ7C9NH-1YGBxa5Bow63PTuzFmQCb1c Here is a patch which adds sha256 checksum checking to Opkg. More Opkg patches will follow shortly (x509 and smime signature support, libcurl client/server authentication) I hope these patch will be useful and finds their ways into okpg Camille Moncelier http://devlife.org/ git-svn-id: http://opkg.googlecode.com/svn/trunk@220 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Improve install candidate selectionticktock352009-10-051-9/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Florian Boor <florian.boor@kernelconcepts.de> Hello, I have noticed that opkg does not resolve package selection properly if the same package is available in more than one compatible architecture. Failing having installable candidates available is not necessary in this case: Either the packages are from feeds with different priorities - in this case we can select by priority - or the priorities are the same and it does not matter which one gets installed. Another problem is that in some situations the package lists seem to contain duplicates for no obvious reason. (e.g. one package available from two feeds makes four entries in the package lists.) The patch implements a workaround for this by filtering out duplicates when the candidate lists are created and makes opkg select an install candidate per feed priority. I have tested the changes with OpenEmbedded and it does not seem to cause any obvious problems. Could I get some opinions about the solution? :) Greetings Florian ----------- Thanks to Florian git-svn-id: http://opkg.googlecode.com/svn/trunk@219 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Fix Segmentation fault while data in Package.gz is not goodticktock352009-09-221-0/+4
| | | | | | | | | | | | While setting up a personal opkg feed, I encountered a crash in opgk when trying to install the package from the repository. Instead of an error message from opkg, it just gave me "Segmentation fault" and exited. Thanks to EdorFaus <edorfaus@gmail.com> http://groups.google.com/group/opkg-devel/browse_thread/thread/9620711475fa98d2 git-svn-id: http://opkg.googlecode.com/svn/trunk@218 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Fix opkg doesn't handle long link/path names in tar files wellticktock352009-09-211-3/+4
| | | | | | | | | | | | | 1. provide opkg with a tar file that has a link name that is 100 characters or 2. provide opkg with a tar file that has a 'path_prefix' of 155 characters. Thanks to pblack88@gmail.com http://code.google.com/p/opkg/issues/detail?id=21 git-svn-id: http://opkg.googlecode.com/svn/trunk@217 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Adding error message for the lock file.ticktock352009-09-171-1/+10
| | | | | | | | | | | | pkg just says "Could not obtain administrative lock" and provides no further info when it encounters problems with the lock file. The attached patch makes these errors a bit easier to diagnose. Thanks to cconroy http://code.google.com/p/opkg/issues/detail?id=22 git-svn-id: http://opkg.googlecode.com/svn/trunk@216 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Fix issue on "Segmentation fault on package removal"ticktock352009-07-031-2/+3
| | | | | | | | | Thanks to http://code.google.com/u/kosmaty/ Find the issue and fix it. http://code.google.com/p/opkg/issues/detail?id=13 git-svn-id: http://opkg.googlecode.com/svn/trunk@215 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* Thanks to claudyus84 and Gillesticktock352009-06-261-2/+2
| | | | | | | | | http://www.crisos.org/flyspray/index.php?do=details&task_id=10 Fix issue: http://code.google.com/p/opkg/issues/detail?id=4#c5 git-svn-id: http://opkg.googlecode.com/svn/trunk@214 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* adds a configure option so "/etc/opkg" can beticktock352009-06-145-10/+34
| | | | | | | | | | changed when opkg is configured and built. fix issue due to an error of opkg_conf.c Thanks to jlc <jlcster@gmail.com> http://groups.google.com/group/opkg-devel/browse_thread/thread/5c6e55832a7168aa git-svn-id: http://opkg.googlecode.com/svn/trunk@213 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
* adding new flag flag_maintainerticktock352009-04-176-12/+29
| | | | | | | This flag is used for maintainer can use the latest conffile. this flag need to be set manually. git-svn-id: http://opkg.googlecode.com/svn/trunk@212 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358