Difuse/difos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

openwrt-keyring: Only copy sign key for snapshots

Browse source 
Instead of adding all public signature keys from the openwrt-keyring
repository only add the key which is used to sign the master feeds.

If one of the other keys would be compromised this would not affect
users of master snapshot builds.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Hauke Mehrtens 2021-05-13 01:25:55 +02:00
parent f2844a6338
commit 097dc943f1
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
package/system/openwrt-keyring/Makefile
View file

@ -3,7 +3,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=openwrt-keyring PKG_NAME:=openwrt-keyring
PKG_RELEASE:=1 PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/keyring.git PKG_SOURCE_URL=$(PROJECT_GIT)/keyring.git
@ -32,7 +32,8 @@ Build/Compile=
define Package/openwrt-keyring/install define Package/openwrt-keyring/install
$(INSTALL_DIR) $(1)/etc/opkg/keys/ $(INSTALL_DIR) $(1)/etc/opkg/keys/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/* $(1)/etc/opkg/keys/ # Public usign key for unattended snapshot builds
$(INSTALL_DATA) $(PKG_BUILD_DIR)/usign/b5043e70f9a75cde $(1)/etc/opkg/keys/
endef endef
$(eval $(call BuildPackage,openwrt-keyring)) $(eval $(call BuildPackage,openwrt-keyring))