On Thu, May 07, 2015 at 07:11:39PM +0000, Sona Sarmadi wrote: > Hi, > > Does opkg have support for gpg signed ipk packages? It seems like that opkg > does not recognize gpg signed files. >
opkg 0.2.x only has support for checking the package feed signature. To use this, add the line 'option check_signature 1' to your opkg.conf file and place a Packages.sig file next to the Packages file in your package feed. ASCII-armoured signatures are not supported. opkg-0.3.0-rc2 extends this. Signatures for each package are supported, add the line 'option check_pkg_signature 1' to your opkg.conf file to use this. Then for a package named package_v1.ipk you'd need to create a package_v1.ipk.sig file in the same directory. ASCII-armoured signatures are used with the file extension .asc instead of .sig if the line 'option signature_type gpg-asc' is added to your opkg.conf file. The 'Filename' in the package feed should always refer to the ipk file, the signature is detached rather than included with the file. I've not used these options in a while so I might have remembered something wrong, but the general idea is right. > root@p2020rdb:~# opkg list-upgradable > curl - 7.35.0-r2.0 - 7.35.0-r3.0 > curl-dbg - 7.35.0-r2.0 - 7.35.0-r3.0 > libcurl5 - 7.35.0-r2.0 - 7.35.0-r3.0 > root@p2020rdb:~# opkg upgrade curl > Upgrading curl on root from 7.35.0-r2.0 to 7.35.0-r3.0... > Downloading > http://domain.com/tmp/ipk/ppce500v2/curl_7.35.0-r3.0_ppce500v2.ipk.asc. > Collected errors: > * deb_extract: /tmp/opkg-tslkbd/curl_7.35.0-r3.0_ppce500v2.ipk.asc: invalid > magic > * opkg_install_pkg: Failed to unpack control files from > /tmp/opkg-tslkbd/curl_7.35.0-r3.0_ppce500v2.ipk.asc. > root@p2020rdb:~# > > I have updated the Package file manually: > Package: curl > Version: 7.35.0-r3.0 > Depends: libcurl5 (>= 7.35.0), libz1 (>= 1.2.8), libc6 (>= 2.19) > Section: console/network > Architecture: ppce500v2 > Maintainer: ENEA <iss...@enea.com> > MD5Sum: 725f019d72b6f70845ae19299230738a > Size: 95616 > Filename: curl_7.35.0-r3.0_ppce500v2.ipk.asc > Source: http://curl.haxx.se/download/curl-7.35.0.tar.bz2 > file://pkgconfig_fix.patch file://CVE-2014-3613.patch > file://configure_ac.patch > Description: Command line tool and library for client-side URL transfers > Command line > tool and library for client-side URL transfers. > OE: curl > HomePage: http://curl.haxx.se/ > License: MIT > Priority: optional > > Thanks > //Sona Thanks, -- Paul Barker Email: p...@paulbarker.me.uk http://www.paulbarker.me.uk
signature.asc
Description: Digital signature
-- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
