diff options
| author | Timo Teras <timo.teras@iki.fi> | 2009-07-22 16:06:34 +0300 |
|---|---|---|
| committer | Timo Teras <timo.teras@iki.fi> | 2009-07-22 16:06:34 +0300 |
| commit | 5375efac1af6488f8af5063fab243fe844334f05 (patch) | |
| tree | 70d3a4c22f45f4960276de6261e967fe8b5d1045 | |
| parent | 23582a0ec5e52489c22c15a1a77f32de514cf5d9 (diff) | |
| download | aports-5375efac1af6488f8af5063fab243fe844334f05.tar.bz2 aports-5375efac1af6488f8af5063fab243fe844334f05.tar.xz | |
apk: allow-untrusted option
to not make hard error of untrusted or missing signatures
| -rw-r--r-- | src/apk.c | 5 | ||||
| -rw-r--r-- | src/apk_defines.h | 1 | ||||
| -rw-r--r-- | src/package.c | 25 |
3 files changed, 21 insertions, 10 deletions
@@ -43,6 +43,8 @@ static struct apk_option generic_options[] = { { 0x101, "progress", "Show a progress bar" }, { 0x102, "clean-protected", "Do not create .apk-new files to " "configuration dirs" }, + { 0x103, "allow-untrusted", "Blindly install packages with untrusted " + "signatures or no signature at all" }, { 0x104, "simulate", "Show what would be done without actually " "doing it" }, { 0x105, "wait", "Wait for TIME seconds to get an exclusive " @@ -351,6 +353,9 @@ int main(int argc, char **argv) case 0x102: apk_flags |= APK_CLEAN_PROTECTED; break; + case 0x103: + apk_flags |= APK_ALLOW_UNTRUSTED; + break; case 0x104: apk_flags |= APK_SIMULATE; break; diff --git a/src/apk_defines.h b/src/apk_defines.h index 8cfb62b811..7e66ada519 100644 --- a/src/apk_defines.h +++ b/src/apk_defines.h @@ -59,6 +59,7 @@ extern unsigned int apk_flags; #define APK_RECURSIVE 0x0020 #define APK_PREFER_AVAILABLE 0x0040 #define APK_UPDATE_CACHE 0x0080 +#define APK_ALLOW_UNTRUSTED 0x0100 #define apk_error(args...) do { apk_log("ERROR: ", args); } while (0) #define apk_warning(args...) do { if (apk_verbosity > 0) { apk_log("WARNING: ", args); } } while (0) diff --git a/src/package.c b/src/package.c index e480c6f77f..5e4a3d2a00 100644 --- a/src/package.c +++ b/src/package.c @@ -453,16 +453,20 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) return 0; /* Verify the signature if we have public key */ - if (sctx->action == APK_SIGN_VERIFY && - sctx->signature.pkey != NULL) { - r = EVP_VerifyFinal(&sctx->mdctx, - (unsigned char *) sctx->signature.data.ptr, - sctx->signature.data.len, - sctx->signature.pkey); - if (r != 1) - return -EKEYREJECTED; + if (sctx->action == APK_SIGN_VERIFY) { + if (sctx->signature.pkey == NULL) { + if (!(apk_flags & APK_ALLOW_UNTRUSTED)) + return -ENOKEY; + } else { + r = EVP_VerifyFinal(&sctx->mdctx, + (unsigned char *) sctx->signature.data.ptr, + sctx->signature.data.len, + sctx->signature.pkey); + if (r != 1) + return -EKEYREJECTED; - sctx->control_verified = 1; + sctx->control_verified = 1; + } EVP_DigestInit_ex(&sctx->mdctx, sctx->md, NULL); return 0; } else if (sctx->action == APK_SIGN_GENERATE) { @@ -492,7 +496,8 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) EVP_MD_CTX_size(&sctx->mdctx)) != 0) return -EKEYREJECTED; sctx->data_verified = 1; - if (!sctx->control_verified) + if (!(apk_flags & APK_ALLOW_UNTRUSTED) && + !sctx->control_verified) return -ENOKEY; } else if (sctx->action == APK_SIGN_VERIFY) { if (sctx->signature.pkey == NULL) |