[ptxdist] [PATCH 1/2] opkg: Version bump. 0.4.5 -> 0.5.0.

[Christian Melki <christian.melki@t2data.com>]

Various fixes and updates. Notable addition is zstd compression support.
Deprecated functions: Openssl signature validation and pathfinder
validation.
Seems the preferred validation method is using gpg.

https://git.yoctoproject.org/opkg/log/

* Remove openssl, pathfinder support.
* Disable zstd by default.
* Remove signature handling from installation.
* Remove signature handling variables from opkg.conf
* Remove signature handling variables from ptxdist internal
"prepare_work_dir.sh"

Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
 projectroot/etc/opkg/opkg.conf                |  4 ---
 rules/opkg.in                                 | 33 -------------------
 rules/opkg.make                               | 26 ++-------------
 .../lib/ptxd_make_image_prepare_work_dir.sh   |  3 --
 4 files changed, 3 insertions(+), 63 deletions(-)

diff --git a/projectroot/etc/opkg/opkg.conf b/projectroot/etc/opkg/opkg.conf
index 67a64838f..dd1de5f4e 100644
--- a/projectroot/etc/opkg/opkg.conf
+++ b/projectroot/etc/opkg/opkg.conf
@@ -16,7 +16,3 @@ option info_dir /usr/share/opkg/info
 arch	@ARCH@	10
 arch	all	1
 arch	noarch	1
-
-@CHECKSIG@
-@CAPATH@
-@CAFILE@
diff --git a/rules/opkg.in b/rules/opkg.in
index c9160509c..2ab09503e 100644
--- a/rules/opkg.in
+++ b/rules/opkg.in
@@ -4,7 +4,6 @@ menuconfig OPKG
 	tristate
 	select LIBARCHIVE
 	select LIBCURL if OPKG_CURL
-	select OPENSSL if OPKG_OPENSSL
 	prompt "opkg                          "
 	help
 	  Opkg is a lightweight package management system based on Ipkg.
@@ -13,21 +12,6 @@ menuconfig OPKG
 
 if OPKG
 
-config OPKG_PATHFINDER
-	bool
-	prompt "pathfinder support"
-	# needs pathfinder-openssl
-	depends on BROKEN
-	help
-	  Pathfinder is designed to provide a mechanism for any
-	  program to perform RFC3280-compliant path validation
-	  of X.509 certificates, even when some of the intermediate
-	  certificates are not present on the local machine. It will
-	  automatically download any such certificates (and their
-	  CRLs) from the Internet as needed using the AIA and CRL
-	  distribution point extensions of the certificate it is
-	  processing.
-
 config OPKG_CURL
 	bool
 	prompt "libcurl support"
@@ -42,12 +26,6 @@ config OPKG_SHA256
 	help
 	  FIXME
 
-config OPKG_OPENSSL
-	bool
-	prompt "openssl signature checking"
-	help
-	  FIXME
-
 config OPKG_SSL_CURL
 	bool
 	prompt "libcurl certificate authentication"
@@ -97,17 +75,6 @@ config OPKG_OPKG_CONF_URL
 
 	  If you don't want to use this feature, keep the whole entry empty.
 
-config OPKG_OPKG_CONF_CHECKSIG
-	bool
-	prompt "enable repository signature checking"
-	depends on OPKG_OPENSSL
-	help
-	  Set the following options in opkg.conf:
-	     option check_signature 1
-	     option signature_ca_path /etc/ssl/certs
-	     option signature_ca_file /etc/ssl/certs/opkg.crt
-	
-	  Repository will only be used if it's signature can be validated.
 endif
 
 endif
diff --git a/rules/opkg.make b/rules/opkg.make
index 88d25ce29..0ae8b4bce 100644
--- a/rules/opkg.make
+++ b/rules/opkg.make
@@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_OPKG) += opkg
 #
 # Paths and names
 #
-OPKG_VERSION	:= 0.4.5
-OPKG_MD5	:= 5dc41ad37d88803b5e0f456a9c5a0811
+OPKG_VERSION	:= 0.5.0
+OPKG_MD5	:= b85f4bafd53d0cdffbcef178319901fa
 OPKG		:= opkg-$(OPKG_VERSION)
 OPKG_SUFFIX	:= tar.gz
 OPKG_URL	:= http://downloads.yoctoproject.org/releases/opkg/$(OPKG).$(OPKG_SUFFIX)
@@ -38,13 +38,12 @@ OPKG_CONF_OPT	:= \
 	$(GLOBAL_LARGE_FILE_OPTION) \
 	--disable-libopkg-api \
 	--disable-static \
-	--$(call ptx/endis, PTXCONF_OPKG_PATHFINDER)-pathfinder \
 	--disable-xz \
 	--disable-bzip2 \
 	--disable-lz4 \
+	--disable-zstd \
 	--$(call ptx/endis, PTXCONF_OPKG_CURL)-curl \
 	--$(call ptx/endis, PTXCONF_OPKG_SHA256)-sha256 \
-	--$(call ptx/endis, PTXCONF_OPKG_OPENSSL)-openssl \
 	--$(call ptx/endis, PTXCONF_OPKG_SSL_CURL)-ssl-curl \
 	--$(call ptx/endis, PTXCONF_OPKG_GPG)-gpg \
 	--without-static-libopkg \
@@ -76,31 +75,12 @@ endif
 
 	@$(call install_lib,  opkg, 0, 0, 0644, libopkg)
 
-ifdef PTXCONF_IMAGE_IPKG_SIGN_OPENSSL
-	@$(call install_copy, opkg, 0, 0, 0644, $(PTXCONF_IMAGE_IPKG_SIGN_OPENSSL_SIGNER), /etc/ssl/certs/opkg.crt)
-endif
-
 ifdef PTXCONF_OPKG_OPKG_CONF
 	@$(call install_alternative, opkg, 0, 0, 0644, /etc/opkg/opkg.conf)
 	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @SRC@, \
 		$(PTXCONF_OPKG_OPKG_CONF_URL))
 	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @ARCH@, \
 		$(PTXDIST_IPKG_ARCH_STRING))
-ifdef PTXCONF_OPKG_OPKG_CONF_CHECKSIG
-	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @CHECKSIG@, \
-		"option check_signature 1")
-	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @CAPATH@, \
-		"option signature_ca_path /etc/ssl/certs")
-	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @CAFILE@, \
-		"option signature_ca_file /etc/ssl/certs/opkg.crt")
-else
-	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @CHECKSIG@, \
-		"#option check_signature 0")
-	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @CAPATH@, \
-		"#option signature_ca_path /etc/ssl/certs")
-	@$(call install_replace, opkg, /etc/opkg/opkg.conf, @CAFILE@, \
-		"#option signature_ca_file /etc/ssl/certs/opkg.crt")
-endif
 endif
 
 	@$(call install_finish, opkg)
diff --git a/scripts/lib/ptxd_make_image_prepare_work_dir.sh b/scripts/lib/ptxd_make_image_prepare_work_dir.sh
index fa65ce8ec..aaa676e09 100644
--- a/scripts/lib/ptxd_make_image_prepare_work_dir.sh
+++ b/scripts/lib/ptxd_make_image_prepare_work_dir.sh
@@ -39,9 +39,6 @@ ${list[*]}
 
     ARCH="${PTXDIST_IPKG_ARCH_STRING}" \
     SRC="" \
-    CHECKSIG="" \
-    CAPATH="" \
-    CAFILE="" \
 	ptxd_replace_magic "${ptxd_reply}" >> "${xpkg_conf}" &&
 
     DESTDIR="${work_dir}" \
-- 
2.34.1