Commit Graph

4 Commits

Author SHA1 Message Date
Bryan Drewery
8d20be1e22 Move /etc/keys to /usr/share/keys where users are less likely to modify them.
Requested by:	secteam (cperciva, des)
Approved by:	bapt
2013-10-29 15:07:54 +00:00
Bryan Drewery
914d05f14e Disable fingerprint checking for now as the pkg repository mirrors will
not receive the signature until later this week.

Approved by:	bapt
2013-10-26 14:19:57 +00:00
Bryan Drewery
f12db248e7 Support checking signature for pkg bootstrap.
If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS,
and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along
with pkg.txz. The signature contains the signature provided by the
signing server, and the public key. The .sig is the exact output
from the signing server in the following format:

  SIGNATURE
  <openssl signed>
  CERT
  <rsa public key>
  END

The signature is verified with the following logic:

 - If the .sig file is missing, it fails.
 - If the .sig doesn't validate, it fails.
 - If the public key in the .sig is not in the known trusted fingerprints,
   it fails.
 - If the public key is in the revoked key list, it fails.

Approved by:	bapt
MFC after:	2 days
Discussed by:	bapt with des, jonathan, gavin
2013-10-26 03:43:02 +00:00
Bryan Drewery
bc5e9ac08d Add support for reading configuration files from /etc/pkg.
For now only /etc/pkg/FreeBSD.conf is supported. Its style is:

Repo: {
   URL: "...",
   MIRROR_TYPE: "...",
   ...
}

The configuration will be read from /usr/local/etc/pkg.conf if exists,
otherwise /etc/pkg/FreeBSD.conf

Approved by:	bapt
MFC after: 	2 days
2013-10-26 03:31:05 +00:00