diff --git a/package/secubox/secubox-app-repo/Makefile b/package/secubox/secubox-app-repo/Makefile index e06af3e0..b48ae067 100644 --- a/package/secubox/secubox-app-repo/Makefile +++ b/package/secubox/secubox-app-repo/Makefile @@ -13,7 +13,7 @@ define Package/secubox-app-repo SECTION:=secubox CATEGORY:=SecuBox TITLE:=SecuBox Package Repository Manager - DEPENDS:=+uhttpd +wget +gzip +coreutils-stat + DEPENDS:=+uhttpd +wget +gzip +coreutils-stat +usign PKGARCH:=all endef @@ -37,9 +37,6 @@ define Package/secubox-app-repo/install $(INSTALL_DIR) $(1)/usr/libexec/rpcd $(INSTALL_BIN) ./root/usr/libexec/rpcd/luci.repo $(1)/usr/libexec/rpcd/ - $(INSTALL_DIR) $(1)/usr/share/rpcd/acl.d - $(INSTALL_DATA) ./root/usr/share/rpcd/acl.d/luci-app-repo.json $(1)/usr/share/rpcd/acl.d/ - $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./root/etc/init.d/repo-server $(1)/etc/init.d/ diff --git a/package/secubox/secubox-app-repo/root/usr/sbin/repo-sync b/package/secubox/secubox-app-repo/root/usr/sbin/repo-sync index fbea1e5b..f137c95c 100755 --- a/package/secubox/secubox-app-repo/root/usr/sbin/repo-sync +++ b/package/secubox/secubox-app-repo/root/usr/sbin/repo-sync @@ -90,10 +90,33 @@ for basedir in "$REPO_DIR/packages" "$REPO_DIR/luci"; do done > Packages gzip -9c Packages > Packages.gz + + # Sign the Packages file if signing key exists + if [ -f /etc/opkg/keys/secubox.sec ]; then + usign -S -m Packages -s /etc/opkg/keys/secubox.sec 2>/dev/null + fi + log " $(basename "$dir"): $(grep -c '^Package:' Packages 2>/dev/null || echo 0) packages" done done +# Generate signing keys if not present and sign all packages +if [ ! -f /etc/opkg/keys/secubox.sec ]; then + log "Generating signing keys..." + mkdir -p /etc/opkg/keys + usign -G -s /etc/opkg/keys/secubox.sec -p /etc/opkg/keys/secubox.pub -c "SecuBox Local Repository" + FINGERPRINT=$(usign -F -p /etc/opkg/keys/secubox.pub) + cp /etc/opkg/keys/secubox.pub "/etc/opkg/keys/$FINGERPRINT" + log " Key fingerprint: $FINGERPRINT" + + # Sign all Packages files + for basedir in "$REPO_DIR/packages" "$REPO_DIR/luci"; do + for dir in "$basedir"/*; do + [ -d "$dir" ] && [ -f "$dir/Packages" ] && usign -S -m "$dir/Packages" -s /etc/opkg/keys/secubox.sec 2>/dev/null + done + done +fi + # Create index.html cat > "$REPO_DIR/index.html" << 'HTML'