From 12995312420bbe32d7327beac30e8b52243732b4 Mon Sep 17 00:00:00 2001 From: Paul Donald Date: Sun, 2 Nov 2025 18:33:44 +0100 Subject: [PATCH] luci-mod-system: file naming improvement for repo key management When downloading a key, try to get the filename of the key. opkg expects it to match the key fingerprint when verifying .sig files. apk not so. Try to save the public key file with the name from the provided URL, so it is not named "key_blah" which won't match its fingerprint. The alternative would be to call usign with the public key file as input, and then rename it to its fingerprint. This is only necessary for opkg which is on the way out. If the public key file at the remote resource is not named according to its fingerprint, that's on the repo owner. Signed-off-by: Paul Donald --- .../htdocs/luci-static/resources/view/system/repokeys.js | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/repokeys.js b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/repokeys.js index 5c059ac689..d8870aaef4 100644 --- a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/repokeys.js +++ b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/repokeys.js @@ -87,6 +87,7 @@ function refreshKeyList(list, keys) { function saveKeyFile(keyContent, file, fileContent) { const ts = Date.now(); + // Note: opkg can only verify against a key with filename that matches its key hash // generate a file name in case key content was pasted const filename = file ? file?.name?.split('.')?.[0] + (KEYEXT || '') : null; const noname = 'key_' + ts + (KEYEXT || ''); @@ -167,8 +168,12 @@ function addKey(ev, file, fileContent) { return; } - // Continue directly with fetched key - addKey(ev, null, fetched); + const filename = res?.url?.split('/').pop().split('?')[0].split('#')[0]; + + // Remove extension if any (we'll re-add based on environment) + const file = {name: filename.replace(/\.[^.]+$/, '') }; + + addKey(ev, file, fetched); }).catch(err => { ui.addTimeLimitedNotification(_('Failed to fetch key'), [ E('p', err.message), -- 2.30.2