summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIoan-Adrian Ratiu <adrian.ratiu@ni.com>2016-03-10 12:03:00 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-03-11 16:50:45 +0000
commit81d58d6b2415e5e74e00b3b9f1fa43fdd8b146ca (patch)
treedf3d795f494cd8828ea9f996cfe9747820228b71
parent42f612c42a8b6cb73a16798d22d3332ec9c8dfb3 (diff)
downloadpoky-81d58d6b2415e5e74e00b3b9f1fa43fdd8b146ca.tar.gz
sign_package_feed: add feed signature type
Signing package feeds will default to ascii armored signatures (ASC) the other option being binary (BIN). This is for both rpm and ipk backends. (From OE-Core rev: 862a3892feb2628282e1d6f2e4498a7a3bd60cbf) Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/sign_package_feed.bbclass12
-rw-r--r--meta/lib/oe/package_manager.py10
2 files changed, 19 insertions, 3 deletions
diff --git a/meta/classes/sign_package_feed.bbclass b/meta/classes/sign_package_feed.bbclass
index e1ec82e2ff..31a6e9b042 100644
--- a/meta/classes/sign_package_feed.bbclass
+++ b/meta/classes/sign_package_feed.bbclass
@@ -10,6 +10,12 @@
10# Optional variable for specifying the backend to use for signing. 10# Optional variable for specifying the backend to use for signing.
11# Currently the only available option is 'local', i.e. local signing 11# Currently the only available option is 'local', i.e. local signing
12# on the build host. 12# on the build host.
13# PACKAGE_FEED_GPG_SIGNATURE_TYPE
14# Optional variable for specifying the type of gpg signature, can be:
15# 1. Ascii armored (ASC), default if not set
16# 2. Binary (BIN)
17# This variable is only available for IPK feeds. It is ignored on
18# other packaging backends.
13# GPG_BIN 19# GPG_BIN
14# Optional variable for specifying the gpg binary/wrapper to use for 20# Optional variable for specifying the gpg binary/wrapper to use for
15# signing. 21# signing.
@@ -20,13 +26,17 @@ inherit sanity
20 26
21PACKAGE_FEED_SIGN = '1' 27PACKAGE_FEED_SIGN = '1'
22PACKAGE_FEED_GPG_BACKEND ?= 'local' 28PACKAGE_FEED_GPG_BACKEND ?= 'local'
23 29PACKAGE_FEED_GPG_SIGNATURE_TYPE ?= 'ASC'
24 30
25python () { 31python () {
26 # Check sanity of configuration 32 # Check sanity of configuration
27 for var in ('PACKAGE_FEED_GPG_NAME', 'PACKAGE_FEED_GPG_PASSPHRASE_FILE'): 33 for var in ('PACKAGE_FEED_GPG_NAME', 'PACKAGE_FEED_GPG_PASSPHRASE_FILE'):
28 if not d.getVar(var, True): 34 if not d.getVar(var, True):
29 raise_sanity_error("You need to define %s in the config" % var, d) 35 raise_sanity_error("You need to define %s in the config" % var, d)
36
37 sigtype = d.getVar("PACKAGE_FEED_GPG_SIGNATURE_TYPE", True)
38 if sigtype.upper() != "ASC" and sigtype.upper() != "BIN":
39 raise_sanity_error("Bad value for PACKAGE_FEED_GPG_SIGNATURE_TYPE (%s), use either ASC or BIN" % sigtype)
30} 40}
31 41
32do_package_index[depends] += "signing-keys:do_deploy" 42do_package_index[depends] += "signing-keys:do_deploy"
diff --git a/meta/lib/oe/package_manager.py b/meta/lib/oe/package_manager.py
index 25c38a5642..607e7c6eaa 100644
--- a/meta/lib/oe/package_manager.py
+++ b/meta/lib/oe/package_manager.py
@@ -141,9 +141,12 @@ class RpmIndexer(Indexer):
141 # Sign repomd 141 # Sign repomd
142 if signer: 142 if signer:
143 for repomd in repomd_files: 143 for repomd in repomd_files:
144 feed_sig_type = self.d.getVar('PACKAGE_FEED_GPG_SIGNATURE_TYPE', True)
145 is_ascii_sig = (feed_sig_type.upper() != "BIN")
144 signer.detach_sign(repomd, 146 signer.detach_sign(repomd,
145 self.d.getVar('PACKAGE_FEED_GPG_NAME', True), 147 self.d.getVar('PACKAGE_FEED_GPG_NAME', True),
146 self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE', True)) 148 self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE', True),
149 armor=is_ascii_sig)
147 150
148 151
149class OpkgIndexer(Indexer): 152class OpkgIndexer(Indexer):
@@ -192,10 +195,13 @@ class OpkgIndexer(Indexer):
192 bb.fatal('%s' % ('\n'.join(result))) 195 bb.fatal('%s' % ('\n'.join(result)))
193 196
194 if signer: 197 if signer:
198 feed_sig_type = self.d.getVar('PACKAGE_FEED_GPG_SIGNATURE_TYPE', True)
199 is_ascii_sig = (feed_sig_type.upper() != "BIN")
195 for f in index_sign_files: 200 for f in index_sign_files:
196 signer.detach_sign(f, 201 signer.detach_sign(f,
197 self.d.getVar('PACKAGE_FEED_GPG_NAME', True), 202 self.d.getVar('PACKAGE_FEED_GPG_NAME', True),
198 self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE', True)) 203 self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE', True),
204 armor=is_ascii_sig)
199 205
200 206
201class DpkgIndexer(Indexer): 207class DpkgIndexer(Indexer):