diff options
author | Renato Botelho <renato@netgate.com> | 2015-12-23 12:00:19 -0200 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2015-12-23 12:00:46 -0200 |
commit | f457518994adc716929d96c33cd9706915a8f396 (patch) | |
tree | 7d153d6fab79efce81cc129b1ce66a88371161cf /tools/builder_common.sh | |
parent | 3c63f2e6b88fd484d4170e7e42c40d9f9bd80b52 (diff) | |
download | pfsense-f457518994adc716929d96c33cd9706915a8f396.zip pfsense-f457518994adc716929d96c33cd9706915a8f396.tar.gz |
Implement necessary code to be able to sign pkg(8) repo
Diffstat (limited to 'tools/builder_common.sh')
-rw-r--r-- | tools/builder_common.sh | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/tools/builder_common.sh b/tools/builder_common.sh index 7c9b958..f367f06 100644 --- a/tools/builder_common.sh +++ b/tools/builder_common.sh @@ -1696,7 +1696,7 @@ finish() { pkg_repo_rsync() { local _repo_path="${1}" - if [ -n "${DO_NOT_UPLOAD}" -o -z "${_repo_path}" -o ! -d "${_repo_path}" ]; then + if [ -z "${_repo_path}" -o ! -d "${_repo_path}" ]; then return fi @@ -1706,6 +1706,36 @@ pkg_repo_rsync() { local _logfile="${LOGFILE}" fi + if [ -n "${PKG_REPO_SIGNING_COMMAND}" ]; then + echo -n ">>> Signing repository... " | tee -a ${_logfile} + if script -aq ${_logfile} pkg repo ${_repo_path} \ + signing_command: ${PKG_REPO_SIGNING_COMMAND} >/dev/null 2>&1; then + echo "Done!" | tee -a ${_logfile} + else + echo "Failed!" | tee -a ${_logfile} + echo ">>> ERROR: An error occurred trying to sign repo" + print_error_pfS + fi + + local _pkgfile="${_repo_path}/Latest/pkg.txz" + if [ -e ${_pkgfile} ]; then + echo -n ">>> Signing Latest/pkg.txz for bootstraping... " | tee -a ${_logfile} + + if sha256 -q ${_pkgfile} | ${PKG_REPO_SIGNING_COMMAND} \ + > ${_pkgfile}.sig 2>/dev/null; then + echo "Done!" | tee -a ${_logfile} + else + echo "Failed!" | tee -a ${_logfile} + echo ">>> ERROR: An error occurred trying to sign Latest/pkg.txz" + print_error_pfS + fi + fi + fi + + if [ -n "${DO_NOT_UPLOAD}" ]; then + return + fi + echo -n ">>> Sending updated repository to ${PKG_RSYNC_HOSTNAME}... " | tee -a ${_logfile} if script -aq ${_logfile} rsync -ave "ssh -p ${PKG_RSYNC_SSH_PORT}" \ --timeout=60 --delete-delay ${_repo_path} \ |