meson: Drop legacy 'verify-signature' option
Currently there are two options for the image signature verification:
- 'verify-signature' (legacy),
- 'verify-full-signature' (current).
Drop legacy option and let the current one take its place.
Change-Id: Ia205424395179fd190e3d055159beca93cff0545
Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>
diff --git a/image_verify.cpp b/image_verify.cpp
index 1c81abe..bfdab62 100644
--- a/image_verify.cpp
+++ b/image_verify.cpp
@@ -100,7 +100,7 @@
bool Signature::verifyFullImage()
{
bool ret = true;
-#ifdef WANT_SIGNATURE_FULL_VERIFY
+#ifdef WANT_SIGNATURE_VERIFY
// Only verify full image for BMC
if (purpose != VersionPurpose::BMC)
{
diff --git a/meson.build b/meson.build
index 7338236..e69e1ab 100644
--- a/meson.build
+++ b/meson.build
@@ -67,10 +67,7 @@
# Configurable features
conf.set('HOST_BIOS_UPGRADE', get_option('host-bios-upgrade').enabled())
-conf.set('WANT_SIGNATURE_VERIFY', \
- get_option('verify-signature').enabled() or \
- get_option('verify-full-signature').enabled())
-conf.set('WANT_SIGNATURE_FULL_VERIFY', get_option('verify-full-signature').enabled())
+conf.set('WANT_SIGNATURE_VERIFY', get_option('verify-signature').enabled())
# Configurable variables
conf.set('ACTIVE_BMC_MAX_ALLOWED', get_option('active-bmc-max-allowed'))
diff --git a/meson.options b/meson.options
index d14ed3b..b088a8d 100644
--- a/meson.options
+++ b/meson.options
@@ -17,14 +17,8 @@
option('tests', type: 'feature', description: 'Build tests')
-# This option is considered legacy, therefore there is no PACKAGECONFIG feature for disabling it in the recipe.
-# Functionality of this option is superseded by the 'verify-full-signature' option.
-# Option will be removed 4Q 2023
-option('verify-signature', type: 'feature', value: 'disabled',
- description: 'LEGACY: Use verify-full-signature instead. Enable image signature validation.')
-
-option('verify-full-signature', type: 'feature', value: 'enabled',
- description: 'Enable image full signature validation.')
+option('verify-signature', type: 'feature', value: 'enabled',
+ description: 'Enable image signature validation.')
option(
'usb-code-update', type: 'feature', value: 'enabled',
diff --git a/test/utest.cpp b/test/utest.cpp
index 2297b31..279417a 100644
--- a/test/utest.cpp
+++ b/test/utest.cpp
@@ -255,7 +255,7 @@
command(opensslCmd + pkeyFile + " -out " + pubkeyFile + ".sig " +
pubkeyFile);
-#ifdef WANT_SIGNATURE_FULL_VERIFY
+#ifdef WANT_SIGNATURE_VERIFY
std::string fullFile = extractPath.string() + "/" + "image-full";
command("cat " + kernelFile + ".sig " + rofsFile + ".sig " + rwfsFile +
".sig " + ubootFile + ".sig " + manifestFile + ".sig " +
@@ -318,7 +318,7 @@
EXPECT_FALSE(signature->verify());
}
-#ifdef WANT_SIGNATURE_FULL_VERIFY
+#ifdef WANT_SIGNATURE_VERIFY
/** @brief Test for failure scenario without full verification */
TEST_F(SignatureTest, TestNoFullSignature)
{