Instead of adding all public signature keys from the openwrt-keyring
repository only add the key which is used to sign the OpenWrt 21.02 feeds.
If one of the other keys would be compromised this would not affect
users of 21.02 release builds.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
include $(TOPDIR)/rules.mk
PKG_NAME:=openwrt-keyring
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/keyring.git
define Package/openwrt-keyring/install
$(INSTALL_DIR) $(1)/etc/opkg/keys/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/* $(1)/etc/opkg/keys/
+ # Public usign key for 21.02 release builds
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/2f8b0b98e08306bf $(1)/etc/opkg/keys/
endef
$(eval $(call BuildPackage,openwrt-keyring))