[PATCH] crypto: Declare public key or gpg cfg mandatory
2 views
Skip to first unread message
Bastian Germann
Dec 19, 2025, 9:36:59 AM (2 days ago) Dec 19
to swup...@googlegroups.com, Bastian Germann
The command line parsing currently insists on the gpg config options
when GPG is configured at build time. With the runtime-configurable
crypto the check for mandatory options has to be changed to be correct.
Signed-off-by: Bastian Germann <ba...@debian.org>
---
core/swupdate.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/core/swupdate.c b/core/swupdate.c
index be027dcb..4c17c2d4 100644
--- a/core/swupdate.c
+++ b/core/swupdate.c
@@ -624,9 +624,6 @@ int main(int argc, char **argv)
#endif
#ifdef CONFIG_SIGNED_IMAGES
strcat(main_options, "k:");
-#ifndef CONFIG_SIGALG_GPG
- public_key_mandatory = 1;
-#endif
#endif
#ifdef CONFIG_ENCRYPTED_IMAGES
strcat(main_options, "K:");
@@ -949,6 +946,10 @@ int main(int argc, char **argv)
exit(EXIT_FAILURE);
}
+#ifdef CONFIG_SIGNED_IMAGES
+ public_key_mandatory = strcmp(get_dgstlib(), "GPG");
+#endif
+
/*
* Parameters are parsed: now performs plausibility
* tests before starting processes and threads
@@ -960,12 +961,12 @@ int main(int argc, char **argv)
}
#ifdef CONFIG_SIGALG_GPG
- if (!strlen(swcfg.gpg_home_directory)) {
+ if (!public_key_mandatory && !strlen(swcfg.gpg_home_directory)) {
fprintf(stderr,
"Error: SWUpdate is built for signed images, provide a GnuPG home directory.\n");
exit(EXIT_FAILURE);
}
- if (!strlen(swcfg.gpgme_protocol)) {
+ if (!public_key_mandatory && !strlen(swcfg.gpgme_protocol)) {
fprintf(stderr,
"Error: SWUpdate is built for signed images, please specify GnuPG protocol.\n");
exit(EXIT_FAILURE);
when GPG is configured at build time. With the runtime-configurable
crypto the check for mandatory options has to be changed to be correct.
Signed-off-by: Bastian Germann <ba...@debian.org>
---
core/swupdate.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/core/swupdate.c b/core/swupdate.c
index be027dcb..4c17c2d4 100644
--- a/core/swupdate.c
+++ b/core/swupdate.c
@@ -624,9 +624,6 @@ int main(int argc, char **argv)
#endif
#ifdef CONFIG_SIGNED_IMAGES
strcat(main_options, "k:");
-#ifndef CONFIG_SIGALG_GPG
- public_key_mandatory = 1;
-#endif
#endif
#ifdef CONFIG_ENCRYPTED_IMAGES
strcat(main_options, "K:");
@@ -949,6 +946,10 @@ int main(int argc, char **argv)
exit(EXIT_FAILURE);
}
+#ifdef CONFIG_SIGNED_IMAGES
+ public_key_mandatory = strcmp(get_dgstlib(), "GPG");
+#endif
+
/*
* Parameters are parsed: now performs plausibility
* tests before starting processes and threads
@@ -960,12 +961,12 @@ int main(int argc, char **argv)
}
#ifdef CONFIG_SIGALG_GPG
- if (!strlen(swcfg.gpg_home_directory)) {
+ if (!public_key_mandatory && !strlen(swcfg.gpg_home_directory)) {
fprintf(stderr,
"Error: SWUpdate is built for signed images, provide a GnuPG home directory.\n");
exit(EXIT_FAILURE);
}
- if (!strlen(swcfg.gpgme_protocol)) {
+ if (!public_key_mandatory && !strlen(swcfg.gpgme_protocol)) {
fprintf(stderr,
"Error: SWUpdate is built for signed images, please specify GnuPG protocol.\n");
exit(EXIT_FAILURE);
Reply all
Reply to author
Forward
0 new messages