#
287809 |
|
15-Sep-2015 |
bapt |
MFC: r287579
Implement pubkey support for the bootstrap
Note that to not interfer with finger print it expects a signature on pkg itself which is named pkg.txz.pubkeysign
To genrate it: echo -n "$(sha256 -q pkg.txz)" | openssl dgst -sha256 -sign /thekey \ -binary -out ./pkg.txz.pubkeysig
Note the "echo -n" which prevent signing the '\n' one would get otherwise
PR: 202622
|
#
259613 |
|
19-Dec-2013 |
bdrewery |
MFC r259266:
Fix multi-repository support by properly respecting 'enabled' flag.
This will read the REPOS_DIR env/config setting (default is /etc/pkg and /usr/local/etc/pkg/repos) and use the last enabled repository.
This can be changed in the environment using a comma-separated list, or in /usr/local/etc/pkg.conf with JSON array syntax of: REPOS_DIR: ["/etc/pkg", "/usr/local/etc/pkg/repos"]
Approved by: bapt (mentor)
|
#
257353 |
|
29-Oct-2013 |
bdrewery |
MFC: r256770,r257142,r257145,r257146,r257147,r257148, r257149,r257150,r257158,r257159,r257164,r257168, r257193
- Support checking signature for pkg bootstrap from remote and for 'pkg add ./pkg.txz'
- Be verbose on where pkg is being bootstrapped from.
- Add support for reading configuration files from /etc/pkg. For now only /etc/pkg/FreeBSD.conf is supported.
- Add test package signing key fingerprint into /etc/keys/pkg/trusted.
- Disable fingerprint checking by default for now as the official packages are not yet signed.
Approved by: bapt Approved by: re (glebius)
|
#
257328 |
|
29-Oct-2013 |
bdrewery |
MFC r257051:
Add support for using "pkg+http://" for the PACKAGESITE.
pkg 1.2 is adding this support as well. This should help lessen the confusion on why the default SRV PACKAGESITE does not load in a browser.
Approved by: bapt Approved by: re (glebius)
|
#
287809 |
|
15-Sep-2015 |
bapt |
MFC: r287579
Implement pubkey support for the bootstrap
Note that to not interfer with finger print it expects a signature on pkg itself which is named pkg.txz.pubkeysign
To genrate it: echo -n "$(sha256 -q pkg.txz)" | openssl dgst -sha256 -sign /thekey \ -binary -out ./pkg.txz.pubkeysig
Note the "echo -n" which prevent signing the '\n' one would get otherwise
PR: 202622
|
#
259613 |
|
19-Dec-2013 |
bdrewery |
MFC r259266:
Fix multi-repository support by properly respecting 'enabled' flag.
This will read the REPOS_DIR env/config setting (default is /etc/pkg and /usr/local/etc/pkg/repos) and use the last enabled repository.
This can be changed in the environment using a comma-separated list, or in /usr/local/etc/pkg.conf with JSON array syntax of: REPOS_DIR: ["/etc/pkg", "/usr/local/etc/pkg/repos"]
Approved by: bapt (mentor)
|
#
257353 |
|
29-Oct-2013 |
bdrewery |
MFC: r256770,r257142,r257145,r257146,r257147,r257148, r257149,r257150,r257158,r257159,r257164,r257168, r257193
- Support checking signature for pkg bootstrap from remote and for 'pkg add ./pkg.txz'
- Be verbose on where pkg is being bootstrapped from.
- Add support for reading configuration files from /etc/pkg. For now only /etc/pkg/FreeBSD.conf is supported.
- Add test package signing key fingerprint into /etc/keys/pkg/trusted.
- Disable fingerprint checking by default for now as the official packages are not yet signed.
Approved by: bapt Approved by: re (glebius)
|
#
257328 |
|
29-Oct-2013 |
bdrewery |
MFC r257051:
Add support for using "pkg+http://" for the PACKAGESITE.
pkg 1.2 is adding this support as well. This should help lessen the confusion on why the default SRV PACKAGESITE does not load in a browser.
Approved by: bapt Approved by: re (glebius)
|