Module Name:	basesrc
Committed By:	agc
Date:		Tue Sep 25 10:28:17 UTC 2001

Modified Files:
	basesrc/usr.sbin/pkg_install/add: Makefile main.c perform.c pkg_add.1
Added Files:
	basesrc/usr.sbin/pkg_install/add: verify.c verify.h

Log Message:
Add a "-s verification-type" argument to pkg_add, which adds a callout
to a verification program for a binary package. The following callouts
are defined: "none", "gpg" and "pgp5".

This feature allows you to verify a binary package against a detached
signature file, and to proceed with the installation or not, depending
upon the level of trust you place in the signatory of the binary
package.

Digital signatures will be checked in a recursive manner (i.e. if
pkg_add is called with a verification type which is not "none", the
verification type will be passed to subsequent invocations of pkg_add
for the dependent packages).

At the current time, digital signatures cannot be used with the URL
form of pkg_add(1) - the detached signature file must be in the same
directory as the binary package, either locally or mounted by NFS.

If no -s argument is given, pkg_add(1) retains its current behaviour -
the package will not be verified before installation takes place.


To generate a diff of this commit:
cvs rdiff -r1.4 -r1.5 basesrc/usr.sbin/pkg_install/add/Makefile
cvs rdiff -r1.22 -r1.23 basesrc/usr.sbin/pkg_install/add/main.c
cvs rdiff -r1.60 -r1.61 basesrc/usr.sbin/pkg_install/add/perform.c
cvs rdiff -r1.29 -r1.30 basesrc/usr.sbin/pkg_install/add/pkg_add.1
cvs rdiff -r0 -r1.1 basesrc/usr.sbin/pkg_install/add/verify.c \
    basesrc/usr.sbin/pkg_install/add/verify.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.