From: Paul Spooren <mail@aparcar.org>
Date: Thu, 6 Jan 2022 16:35:04 +0000 (+0000)
Subject: openwrt-keyring: store keys in /etc/usign/keys
X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=780bd6616354ff01240490b8346c0a8798d8e9ec;p=openwrt%2Fstaging%2Faparcar.git

openwrt-keyring: store keys in /etc/usign/keys

By replacing OPKG with APK the folder /etc/opkg/keys becomes obsolete.
Instead use the /etc/usign/keys folder. APK uses a different key format
which is currently not compatible with usign/ucert.

Signed-off-by: Paul Spooren <mail@aparcar.org>
---

diff --git a/package/base-files/Makefile b/package/base-files/Makefile
index 25308e20b9..bef464fcb9 100644
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -102,8 +102,8 @@ Build/Compile = $(Build/Compile/Default)
 
 ifndef CONFIG_BUILDBOT
   define Package/base-files/install-key
-	mkdir -p $(1)/etc/opkg/keys
-	$(CP) $(BUILD_KEY).pub $(1)/etc/opkg/keys/`$(STAGING_DIR_HOST)/bin/usign -F -p $(BUILD_KEY).pub`
+	mkdir -p $(1)/etc/usign/keys
+	$(CP) $(BUILD_KEY).pub $(1)/etc/usign/keys/`$(STAGING_DIR_HOST)/bin/usign -F -p $(BUILD_KEY).pub`
 
 	mkdir -p $(1)/etc/apk/keys
 	$(CP) $(BUILD_KEY_APK_PUB) $(1)/etc/apk/keys/
diff --git a/package/base-files/files/lib/upgrade/fwtool.sh b/package/base-files/files/lib/upgrade/fwtool.sh
index a45f3bbc73..299b1486cf 100644
--- a/package/base-files/files/lib/upgrade/fwtool.sh
+++ b/package/base-files/files/lib/upgrade/fwtool.sh
@@ -19,7 +19,7 @@ fwtool_check_signature() {
 	fi
 
 	fwtool -q -T -s /dev/null "$1" | \
-		ucert -V -m - -c "/tmp/sysupgrade.ucert" -P /etc/opkg/keys
+		ucert -V -m - -c "/tmp/sysupgrade.ucert" -P /etc/usign/keys
 
 	return $?
 }
diff --git a/package/system/openwrt-keyring/Makefile b/package/system/openwrt-keyring/Makefile
index 318d42cf92..4b406d9451 100644
--- a/package/system/openwrt-keyring/Makefile
+++ b/package/system/openwrt-keyring/Makefile
@@ -3,7 +3,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openwrt-keyring
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/keyring.git
@@ -31,9 +31,9 @@ endef
 Build/Compile=
 
 define Package/openwrt-keyring/install
-	$(INSTALL_DIR) $(1)/etc/opkg/keys/
+	$(INSTALL_DIR) $(1)/etc/usign/keys/
 	# Public usign key for unattended snapshot builds
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/b5043e70f9a75cde $(1)/etc/opkg/keys/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/b5043e70f9a75cde $(1)/etc/usign/keys/
 endef
 
 $(eval $(call BuildPackage,openwrt-keyring))