Searched hist:257147 (Results 1 - 5 of 5) sorted by relevance
/freebsd-11-stable/usr.sbin/pkg/ | ||
H A D | config.h | diff 257147 Sat Oct 26 01:46:01 MDT 2013 bdrewery Support checking signature for pkg bootstrap. If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS, and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along with pkg.txz. The signature contains the signature provided by the signing server, and the public key. The .sig is the exact output from the signing server in the following format: SIGNATURE <openssl signed> CERT <rsa public key> END The signature is verified with the following logic: - If the .sig file is missing, it fails. - If the .sig doesn't validate, it fails. - If the public key in the .sig is not in the known trusted fingerprints, it fails. - If the public key is in the revoked key list, it fails. Approved by: bapt MFC after: 2 days Discussed by: bapt with des, jonathan, gavin |
H A D | config.c | diff 257147 Sat Oct 26 01:46:01 MDT 2013 bdrewery Support checking signature for pkg bootstrap. If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS, and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along with pkg.txz. The signature contains the signature provided by the signing server, and the public key. The .sig is the exact output from the signing server in the following format: SIGNATURE <openssl signed> CERT <rsa public key> END The signature is verified with the following logic: - If the .sig file is missing, it fails. - If the .sig doesn't validate, it fails. - If the public key in the .sig is not in the known trusted fingerprints, it fails. - If the public key is in the revoked key list, it fails. Approved by: bapt MFC after: 2 days Discussed by: bapt with des, jonathan, gavin |
H A D | Makefile | diff 257147 Sat Oct 26 01:46:01 MDT 2013 bdrewery Support checking signature for pkg bootstrap. If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS, and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along with pkg.txz. The signature contains the signature provided by the signing server, and the public key. The .sig is the exact output from the signing server in the following format: SIGNATURE <openssl signed> CERT <rsa public key> END The signature is verified with the following logic: - If the .sig file is missing, it fails. - If the .sig doesn't validate, it fails. - If the public key in the .sig is not in the known trusted fingerprints, it fails. - If the public key is in the revoked key list, it fails. Approved by: bapt MFC after: 2 days Discussed by: bapt with des, jonathan, gavin |
H A D | pkg.c | diff 257147 Sat Oct 26 01:46:01 MDT 2013 bdrewery Support checking signature for pkg bootstrap. If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS, and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along with pkg.txz. The signature contains the signature provided by the signing server, and the public key. The .sig is the exact output from the signing server in the following format: SIGNATURE <openssl signed> CERT <rsa public key> END The signature is verified with the following logic: - If the .sig file is missing, it fails. - If the .sig doesn't validate, it fails. - If the public key in the .sig is not in the known trusted fingerprints, it fails. - If the public key is in the revoked key list, it fails. Approved by: bapt MFC after: 2 days Discussed by: bapt with des, jonathan, gavin |
/freebsd-11-stable/etc/pkg/ | ||
H A D | FreeBSD.conf | diff 257147 Sat Oct 26 01:46:01 MDT 2013 bdrewery Support checking signature for pkg bootstrap. If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS, and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along with pkg.txz. The signature contains the signature provided by the signing server, and the public key. The .sig is the exact output from the signing server in the following format: SIGNATURE <openssl signed> CERT <rsa public key> END The signature is verified with the following logic: - If the .sig file is missing, it fails. - If the .sig doesn't validate, it fails. - If the public key in the .sig is not in the known trusted fingerprints, it fails. - If the public key is in the revoked key list, it fails. Approved by: bapt MFC after: 2 days Discussed by: bapt with des, jonathan, gavin |
Completed in 173 milliseconds