MobileRead Forums - View Single Post

lgx · 10-19-2010, 12:27 AM

otaup call external openssl command to verify signatures.

If the openssl process exits with 0,then otaup script will happy to accept it.

So, is it possible to to make a malformed sig file to let openssl exit with 0?

Or use special script file name to bypass openssl?

10-19-2010, 12:27 AM	#4
lgx Junior Member Posts: 8 Karma: 10 Join Date: Oct 2010 Device: Kindle 3 (B008)	otaup call external openssl command to verify signatures. If the openssl process exits with 0,then otaup script will happy to accept it. So, is it possible to to make a malformed sig file to let openssl exit with 0? Or use special script file name to bypass openssl?