[source] opkg: drop S/MIME support
LEDE Commits
lede-commits at lists.infradead.org
Tue Jan 10 04:44:35 PST 2017
nbd pushed a commit to source.git, branch master:
https://git.lede-project.org/9cdf852ae09e8b418d9ab5c462b95742dc2f0fc2
commit 9cdf852ae09e8b418d9ab5c462b95742dc2f0fc2
Author: Felix Fietkau <nbd at nbd.name>
AuthorDate: Tue Jan 10 13:02:33 2017 +0100
opkg: drop S/MIME support
It has never been used by default (due to being too bloated), and it is
properly replaced by usign (which has been the default for a long time
now).
Remove this feature to simplify the build system
Signed-off-by: Felix Fietkau <nbd at nbd.name>
---
package/Makefile | 28 ----------------
package/base-files/image-config.in | 39 ----------------------
package/system/opkg/Makefile | 67 +++++---------------------------------
3 files changed, 8 insertions(+), 126 deletions(-)
diff --git a/package/Makefile b/package/Makefile
index 17378a9..3250e7b 100644
--- a/package/Makefile
+++ b/package/Makefile
@@ -74,15 +74,6 @@ $(curdir)/install: $(TMP_DIR)/.build $(curdir)/system/opkg/host/install $(curdir
$(call prepare_rootfs,$(TARGET_DIR))
-PASSOPT=""
-PASSARG=""
-ifndef CONFIG_OPKGSMIME_PASSPHRASE
- ifneq ($(call qstrip,$(CONFIG_OPKGSMIME_PASSFILE)),)
- PASSOPT="-passin"
- PASSARG="file:$(call qstrip,$(CONFIG_OPKGSMIME_PASSFILE))"
- endif
-endif
-
$(curdir)/index: FORCE
@echo Generating package index...
@for d in $(PACKAGE_SUBDIRS); do ( \
@@ -99,25 +90,6 @@ ifdef CONFIG_SIGNED_PACKAGES
cd $$d || continue; \
$(STAGING_DIR_HOST)/bin/usign -S -m Packages -s $(BUILD_KEY); \
); done
-else
-ifeq ($(call qstrip,$(CONFIG_OPKGSMIME_KEY)),)
- @echo Signing key has not been configured
-else
-ifeq ($(call qstrip,$(CONFIG_OPKGSMIME_CERT)),)
- @echo Certificate has not been configured
-else
- @echo Signing package index...
- @for d in $(PACKAGE_SUBDIRS); do ( \
- [ -d $$d ] && \
- cd $$d || continue; \
- openssl smime -binary -in Packages.gz \
- -out Packages.sig -outform PEM -sign \
- -signer $(CONFIG_OPKGSMIME_CERT) \
- -inkey $(CONFIG_OPKGSMIME_KEY) \
- $(PASSOPT) $(PASSARG); \
- ); done
-endif
-endif
endif
$(curdir)/preconfig:
diff --git a/package/base-files/image-config.in b/package/base-files/image-config.in
index 448fc1c..b43d7c7 100644
--- a/package/base-files/image-config.in
+++ b/package/base-files/image-config.in
@@ -292,42 +292,3 @@ menuconfig PER_FEED_REPO
Add not enabled feeds as commented out source lines to opkg.conf.
source "tmp/.config-feeds.in"
-
-
-menuconfig SMIMEOPT
- bool "Package signing options" if IMAGEOPT
- default n
- help
- These options configure the signing key and certificate to
- be used for signing and verifying packages.
-
- config OPKGSMIME_CERT
- string
- prompt "Path to certificate (PEM certificate format)" if SMIMEOPT
- help
- Path to the certificate to use for signature verification
-
- config OPKGSMIME_KEY
- string
- prompt "Path to signing key (PEM private key format)" if SMIMEOPT
- help
- Path to the key to use for signing packages
-
- config OPKGSMIME_PASSPHRASE
- bool
- default y
- prompt "Wait for a passphrase when signing packages?" if SMIMEOPT
- help
- If this value is set, then the build will pause and request a passphrase
- from the command line when signing packages. This SHOULD NOT be used with
- automatic builds. If this value is not set, a file can be specified from
- which the passphrase will be read.
-
- config OPKGSMIME_PASSFILE
- string
- prompt "Path to a file containing the passphrase" if SMIMEOPT
- depends on !OPKGSMIME_PASSPHRASE
- help
- Path to a file containing the passphrase for the signing key.
- If the signing key is not encrypted and does not require a passphrase,
- this option may be left blank.
diff --git a/package/system/opkg/Makefile b/package/system/opkg/Makefile
index cbd731f..898d769 100644
--- a/package/system/opkg/Makefile
+++ b/package/system/opkg/Makefile
@@ -37,7 +37,7 @@ PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
-define Package/opkg/Default
+define Package/opkg
SECTION:=base
CATEGORY:=Base system
TITLE:=opkg package manager
@@ -46,7 +46,7 @@ define Package/opkg/Default
MENU:=1
endef
-define Package/opkg/Default/description
+define Package/opkg/description
Lightweight package management system
opkg is the opkg Package Management System, for handling
installation and removal of packages on a system. It can
@@ -66,47 +66,12 @@ config OPKG_SUPPORT_MD5
Old opkg used md5s, new uses sha. This options enables understanding both while prefering sha.
endef
-define Package/opkg
- $(call Package/opkg/Default)
- VARIANT:=unsigned
-endef
-
-define Package/opkg/description
- $(call Package/opkg/Default/description)
-endef
-
define Package/opkg/conffiles
/etc/opkg.conf
/etc/opkg/keys/
/etc/opkg/customfeeds.conf
endef
-
-define Package/opkg-smime
- $(call Package/opkg/Default)
- TITLE+= (with S/MIME signature support)
- DEPENDS+=+PACKAGE_opkg-smime:libopenssl
- VARIANT:=smime
-endef
-
-define Package/opkg-smime/description
- $(call Package/opkg/Default/description)
-
- This package allows the Package index to be verified with S/MIME.
-endef
-
-define Package/opkg-smime/config
-config OPKG_SMIME_SUPPORT_MD5
- bool
- default n
- depends on PACKAGE_opkg-smime
- prompt "Support reading old md5 hashes."
- help
- Old opkg used md5s, new uses sha. This options enables understanding both while prefering sha.
-endef
-
-Package/opkg-smime/conffiles = $(Package/opkg/conffiles)
-
TARGET_CFLAGS += -ffunction-sections -fdata-sections
EXTRA_CFLAGS += $(TARGET_CPPFLAGS)
@@ -117,22 +82,13 @@ CONFIGURE_ARGS += \
--with-opkgetcdir=/etc \
--with-opkglockfile=/var/lock/opkg.lock
-ifeq ($(BUILD_VARIANT),smime)
- CONFIGURE_ARGS += --enable-openssl --disable-usign
- ifeq ($(CONFIG_OPKG_SMIME_SUPPORT_MD5),y)
- CONFIGURE_ARGS += --enable-md5
- else
- CONFIGURE_ARGS += --disable-md5
- endif
+ifndef CONFIG_SIGNED_PACKAGES
+ CONFIGURE_ARGS += --disable-usign
+endif
+ifeq ($(CONFIG_OPKG_SUPPORT_MD5),y)
+ CONFIGURE_ARGS += --enable-md5
else
- ifndef CONFIG_SIGNED_PACKAGES
- CONFIGURE_ARGS += --disable-usign
- endif
- ifeq ($(CONFIG_OPKG_SUPPORT_MD5),y)
- CONFIGURE_ARGS += --enable-md5
- else
- CONFIGURE_ARGS += --disable-md5
- endif
+ CONFIGURE_ARGS += --disable-md5
endif
MAKE_FLAGS = \
@@ -163,12 +119,6 @@ define Package/opkg/install
$(INSTALL_BIN) ./files/opkg-key $(1)/usr/sbin/
endef
-define Package/opkg-smime/install
- $(call Package/opkg/Default/install,$(1),-smime)
- $(INSTALL_DIR) $(1)/etc/ssl/certs
- $(if $(CONFIG_OPKGSMIME_CERT),$(INSTALL_DATA) $(call qstrip,$(CONFIG_OPKGSMIME_CERT)) $(1)/etc/ssl/certs/opkg.pem,)
-endef
-
define Build/InstallDev
mkdir -p $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/libopkg $(1)/usr/include/
@@ -191,5 +141,4 @@ define Host/Install
endef
$(eval $(call BuildPackage,opkg))
-$(eval $(call BuildPackage,opkg-smime))
$(eval $(call HostBuild))
More information about the lede-commits
mailing list