Currently if you download a CAB file from LVFS and try to install it
on a daemon compiled without GPG it will fail to install since LVFS has signed
it. You had to make an intentional decision to disable GPG.
Allow this scenario to work just as if the CAB file were unsigned, but save
a warning in the logs that it happened.
When using failed to open firmware.cab we pass in a device ID of '*' which
tells the daemon to update anything that matches. The current implementation
will fail in two ways:
* If duplicate hardware is installed (for instance two Unifying receivers) then
only the first matching device will be updated.
* If the firmware archive contains two different images then we only try and
upgrade the first device that matches. This means we're unable to update
composite devices using one firmware file.
To fix both issues, carefully build a list of tasks that can be processed using
the given firmware and installed devices, request authentication using all the
different action IDs, then upgrade all the devices one-at-a-time.
Based on a patch by Mario Limonciello <mario.limonciello@dell.com>, many thanks.
