[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- To: undisclosed-recipients:;
- Subject: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- From: Pierre Pronchery <khorben@xxxxxxxxxxx>
- Date: Fri, 30 Aug 2013 01:26:23 +0200
- Delivered-to: edgebsd-developers@xxxxxxxxxxxxxxxxx
- List-archive: http://lists.edgebsd.org/edgebsd-developers/
- List-help: <mailto:minimalist@lists.edgebsd.org?subject=help>
- List-id: <edgebsd-developers.lists.edgebsd.org>
- List-owner: <mailto:edgebsd-developers-owner@lists.edgebsd.org>
- List-post: <mailto:edgebsd-developers@lists.edgebsd.org>
- List-subscribe: <mailto:minimalist@lists.edgebsd.org?subject=subscribe%20edgebsd-developers>
- List-unsubscribe: <mailto:minimalist@lists.edgebsd.org?subject=unsubscribe%20edgebsd-developers>
---
mk/defaults/mk.conf | 15 +++++++++++++++
mk/pkgformat/pkg/package.mk | 12 ++++++++++++
2 files changed, 27 insertions(+), 0 deletions(-)
diff --git a/mk/defaults/mk.conf b/mk/defaults/mk.conf
index 46b89a2..86e4f06 100644
--- a/mk/defaults/mk.conf
+++ b/mk/defaults/mk.conf
@@ -60,6 +60,21 @@ GZIP?= -9
# Possible: not defined, no
# Default: yes
+#SIGN_PACKAGES=
+# sign the packages generated (when supported) with the method specified.
+# Possible: gpg, x509, not defined
+# Default: not defined
+
+#X509_KEY=
+# key to use when signing packages with an X509 certificate.
+# Possible: pathname to the key file, not defined
+# Default: not defined
+
+#X509_CERTIFICATE=
+# certificate to use when signing packages with an X509 certificate.
+# Possible: pathname to the X509 certificate, not defined
+# Default: not defined
+
#OBJHOSTNAME=
# use hostname-specific object directories, e.g. work.amnesiac, work.localhost
# OBJHOSTNAME takes precedence over OBJMACHINE (see below).
diff --git a/mk/pkgformat/pkg/package.mk b/mk/pkgformat/pkg/package.mk
index bfbfe57..3a0175b 100644
--- a/mk/pkgformat/pkg/package.mk
+++ b/mk/pkgformat/pkg/package.mk
@@ -77,12 +77,24 @@ ${STAGE_PKGFILE}: ${_CONTENTS_TARGETS}
fi
.if ${_USE_DESTDIR} != "no"
+.if !empty(SIGN_PACKAGES:Mgpg)
+${PKGFILE}: ${STAGE_PKGFILE}
+ ${RUN} ${MKDIR} ${.TARGET:H}
+ @${STEP_MSG} "Creating signed binary package ${.TARGET}"
+ ${PKG_ADMIN} gpg-sign-package ${STAGE_PKGFILE} ${PKGFILE}
+.elif !empty(SIGN_PACKAGES:Mx509)
+${PKGFILE}: ${STAGE_PKGFILE}
+ ${RUN} ${MKDIR} ${.TARGET:H}
+ @${STEP_MSG} "Creating signed binary package ${.TARGET}"
+ ${PKG_ADMIN} x509-sign-package ${STAGE_PKGFILE} ${PKGFILE} ${X509_KEY} ${X509_CERTIFICATE}
+.else
${PKGFILE}: ${STAGE_PKGFILE}
${RUN} ${MKDIR} ${.TARGET:H}
@${STEP_MSG} "Creating binary package ${.TARGET}"
${LN} -f ${STAGE_PKGFILE} ${PKGFILE} 2>/dev/null || \
${CP} -pf ${STAGE_PKGFILE} ${PKGFILE}
.endif
+.endif
######################################################################
### package-remove (PRIVATE)
--
1.7.2.5
EdgeBSD developers <edgebsd-developers@xxxxxxxxxxxxxxxxx>
- Follow-Ups:
- Re: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- From: Pierre Pronchery
- Re: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- Prev by Date: Re: [edgebsd-developers] The modular Xorg situation
- Next by Date: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- Previous by thread: Re: [edgebsd-developers] The modular Xorg situation
- Next by thread: Re: [edgebsd-developers] [PATCH] Added support for creating signed binary packages directly
- Index(es):