opkg: add patch to circumvent signature checks on the command line
authorFelix Fietkau <nbd@openwrt.org>
Mon, 6 Apr 2015 19:39:22 +0000 (19:39 +0000)
committerFelix Fietkau <nbd@openwrt.org>
Mon, 6 Apr 2015 19:39:22 +0000 (19:39 +0000)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 45285

package/system/opkg/patches/210-add-force-signature.patch [new file with mode: 0644]

diff --git a/package/system/opkg/patches/210-add-force-signature.patch b/package/system/opkg/patches/210-add-force-signature.patch
new file mode 100644 (file)
index 0000000..c41eab0
--- /dev/null
@@ -0,0 +1,70 @@
+--- a/libopkg/opkg_conf.h
++++ b/libopkg/opkg_conf.h
+@@ -80,6 +80,7 @@ struct opkg_conf
+      int force_remove;
+      int force_checksum;
+      int check_signature;
++     int force_signature;
+      int nodeps; /* do not follow dependencies */
+      int nocase; /* perform case insensitive matching */
+      char *offline_root;
+--- a/src/opkg-cl.c
++++ b/src/opkg-cl.c
+@@ -51,6 +51,7 @@ enum {
+       ARGS_OPT_NOCASE,
+       ARGS_OPT_AUTOREMOVE,
+       ARGS_OPT_CACHE,
++      ARGS_OPT_FORCE_SIGNATURE,
+ };
+ static struct option long_options[] = {
+@@ -87,6 +88,8 @@ static struct option long_options[] = {
+       {"force_remove", 0, 0, ARGS_OPT_FORCE_REMOVE},
+       {"force-checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM},
+       {"force_checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM},
++      {"force-signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE},
++      {"force_signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE},
+       {"noaction", 0, 0, ARGS_OPT_NOACTION},
+       {"download-only", 0, 0, ARGS_OPT_DOWNLOAD_ONLY},
+       {"nodeps", 0, 0, ARGS_OPT_NODEPS},
+@@ -210,6 +213,9 @@ args_parse(int argc, char *argv[])
+         case ARGS_OPT_DOWNLOAD_ONLY:
+                       conf->download_only = 1;
+                       break;
++              case ARGS_OPT_FORCE_SIGNATURE:
++                      conf->force_signature = 1;
++                      break;
+               case ':':
+                       parse_err = -1;
+                       break;
+--- a/libopkg/opkg_install.c
++++ b/libopkg/opkg_install.c
+@@ -1306,13 +1306,15 @@ opkg_install_pkg(pkg_t *pkg, int from_up
+          if (opkg_verify_file (list_file_name, sig_file_name)){
+            opkg_msg(ERROR, "Failed to verify the signature of %s.\n",
+                            list_file_name);
+-           return -1;
++           if (!conf->force_signature)
++             return -1;
+          }
+        }else{
+          opkg_msg(ERROR, "Signature file is missing for %s. "
+                          "Perhaps you need to run 'opkg update'?\n",
+                        pkg->name);
+-         return -1;
++         if (!conf->force_signature)
++           return -1;
+        }
+        free (lists_dir);
+--- a/libopkg/opkg_cmd.c
++++ b/libopkg/opkg_cmd.c
+@@ -196,7 +196,7 @@ opkg_update_cmd(int argc, char **argv)
+                   else
+                       opkg_msg(NOTICE, "Signature check failed.\n");
+               }
+-              if (err) {
++              if (err && !conf->force_signature) {
+                   /* The signature was wrong so delete it */
+                   opkg_msg(NOTICE, "Remove wrong Signature file.\n");
+                   unlink (tmp_file_name);