diff --git a/src/adb.c b/src/adb.c index b17b9df..a7401a0 100644 --- a/src/adb.c +++ b/src/adb.c @@ -20,9 +20,9 @@ static inline struct adb_block *adb_block_validate(struct adb_block *blk, apk_bl { size_t pos = (char *)blk - b.ptr; if (pos == b.len) return NULL; - if (sizeof(struct adb_block) > b.len - pos) return ERR_PTR(-EBADMSG); - if (adb_block_rawsize(blk) < sizeof(struct adb_block)) return ERR_PTR(-EBADMSG); - if (adb_block_size(blk) > b.len - pos) return ERR_PTR(-EBADMSG); + if (sizeof(struct adb_block) > b.len - pos) return ERR_PTR(-APKE_ADB_BLOCK); + if (adb_block_rawsize(blk) < sizeof(struct adb_block)) return ERR_PTR(-APKE_ADB_BLOCK); + if (adb_block_size(blk) > b.len - pos) return ERR_PTR(-APKE_ADB_BLOCK); return blk; } @@ -69,7 +69,7 @@ static int __adb_m_parse(struct adb *db, struct apk_trust *t) { struct adb_verify_ctx vfy = {}; struct adb_block *blk; - int r = -EBADMSG; + int r = -APKE_ADB_BLOCK; int trusted = t ? 0 : 1; adb_foreach_block(blk, db->data) { @@ -91,7 +91,7 @@ static int __adb_m_parse(struct adb *db, struct apk_trust *t) } } if (IS_ERR(blk)) r = PTR_ERR(blk); - else if (!trusted) r = -ENOKEY; + else if (!trusted) r = -APKE_SIGNATURE_UNTRUSTED; else if (db->adb.ptr) r = 0; if (r != 0) { @@ -110,7 +110,7 @@ int adb_m_map(struct adb *db, int fd, uint32_t expected_schema, struct apk_trust { struct stat st; struct adb_header *hdr; - int r = -EBADMSG; + int r = -APKE_ADB_HEADER; if (fstat(fd, &st) != 0) return -errno; if (st.st_size < sizeof *hdr) return -EIO; @@ -152,8 +152,8 @@ int adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expected_schem do { r = apk_istream_read(is, &blk, sizeof blk); if (r == 0) { - if (!trusted) r = -ENOKEY; - else if (!db->adb.ptr) r = -ENOMSG; + if (!trusted) r = -APKE_SIGNATURE_UNTRUSTED; + else if (!db->adb.ptr) r = -APKE_ADB_BLOCK; goto done; } if (r < 0 || r != sizeof blk) goto err; @@ -183,7 +183,7 @@ int adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expected_schem case ADB_BLOCK_DATA: if (APK_BLOB_IS_NULL(db->adb)) goto bad_msg; if (!trusted) { - r = -ENOKEY; + r = -APKE_SIGNATURE_UNTRUSTED; goto err; } r = datacb(db, adb_block_length(&blk), @@ -199,9 +199,9 @@ int adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expected_schem } } while (1); bad_msg: - r = -EBADMSG; + r = -APKE_ADB_BLOCK; err: - if (r >= 0) r = -EBADMSG; + if (r >= 0) r = -APKE_ADB_BLOCK; done: apk_istream_close(is); return r; @@ -675,13 +675,13 @@ adb_val_t adb_w_fromstring(struct adb *db, const uint8_t *kind, apk_blob_t val) struct adb_obj obj; struct adb_object_schema *schema = container_of(kind, struct adb_object_schema, kind); adb_wo_alloca(&obj, schema, db); - if (!schema->fromstring) return ADB_ERROR(EAPKDBFORMAT); + if (!schema->fromstring) return ADB_ERROR(APKE_ADB_NO_FROMSTRING); r = schema->fromstring(&obj, val); if (r) return ADB_ERROR(r); return adb_w_obj(&obj); } default: - return ADB_ERROR(ENOSYS); + return ADB_ERROR(APKE_ADB_NO_FROMSTRING); } } @@ -938,6 +938,8 @@ int adb_c_block_data(struct apk_ostream *os, apk_blob_t hdr, uint32_t size, stru int adb_c_block_copy(struct apk_ostream *os, struct adb_block *b, struct apk_istream *is, struct adb_verify_ctx *vfy) { + size_t blk_sz = adb_block_length(b); + size_t padding = adb_block_padding(b); int r; r = apk_ostream_write(os, b, sizeof *b); @@ -948,12 +950,16 @@ int adb_c_block_copy(struct apk_ostream *os, struct adb_block *b, struct apk_ist const uint8_t alg = APK_DIGEST_SHA512; apk_digest_ctx_init(&dctx, alg); - r = apk_stream_copy(is, os, adb_block_size(b), 0, 0, &dctx); + r = apk_stream_copy(is, os, blk_sz, 0, 0, &dctx); apk_digest_ctx_final(&dctx, &vfy->sha512); vfy->calc |= (1 << alg); apk_digest_ctx_free(&dctx); } else { - r = apk_stream_copy(is, os, adb_block_size(b), 0, 0, 0); + r = apk_stream_copy(is, os, blk_sz, 0, 0, 0); + } + if (padding) { + r = apk_ostream_write(os, padding_zeroes, padding); + if (r < 0) return r; } return r; } @@ -963,7 +969,7 @@ int adb_c_adb(struct apk_ostream *os, struct adb *db, struct apk_trust *t) if (IS_ERR(os)) return apk_ostream_cancel(os, PTR_ERR(os)); if (db->hdr.magic != htole32(ADB_FORMAT_MAGIC)) - return apk_ostream_cancel(os, -EAPKFORMAT); + return apk_ostream_cancel(os, -APKE_ADB_HEADER); adb_c_header(os, db); adb_c_block(os, ADB_BLOCK_ADB, db->adb); @@ -989,11 +995,11 @@ static int adb_digest_adb(struct adb_verify_ctx *vfy, unsigned int hash_alg, apk d = &vfy->sha512; break; default: - return -ENOTSUP; + return -APKE_CRYPTO_NOT_SUPPORTED; } if (!(vfy->calc & (1 << hash_alg))) { - if (APK_BLOB_IS_NULL(data)) return -ENOMSG; + if (APK_BLOB_IS_NULL(data)) return -APKE_ADB_BLOCK; r = apk_digest_calc(d, hash_alg, data.ptr, data.len); if (r != 0) return r; vfy->calc |= (1 << hash_alg); @@ -1064,12 +1070,12 @@ int adb_trust_verify_signature(struct apk_trust *trust, struct adb *db, struct a struct adb_sign_v0 *sig0; apk_blob_t md; - if (APK_BLOB_IS_NULL(db->adb)) return -ENOMSG; - if (sigb.len < sizeof(struct adb_sign_hdr)) return -EBADMSG; + if (APK_BLOB_IS_NULL(db->adb)) return -APKE_ADB_BLOCK; + if (sigb.len < sizeof(struct adb_sign_hdr)) return -APKE_ADB_SIGNATURE; sig = (struct adb_sign_hdr *) sigb.ptr; sig0 = (struct adb_sign_v0 *) sigb.ptr; - if (sig->sign_ver != 0) return -ENOSYS; + if (sig->sign_ver != 0) return -APKE_ADB_SIGNATURE; list_for_each_entry(tkey, &trust->trusted_key_list, key_node) { if (memcmp(sig0->id, tkey->key.id, sizeof sig0->id) != 0) continue; @@ -1083,7 +1089,7 @@ int adb_trust_verify_signature(struct apk_trust *trust, struct adb *db, struct a return 0; } - return -EKEYREJECTED; + return -APKE_SIGNATURE_UNTRUSTED; } /* Container transformation interface */ @@ -1125,9 +1131,9 @@ int adb_c_xfrm(struct adb_xfrm *x, int (*cb)(struct adb_xfrm *, struct adb_block } } while (1); bad_msg: - r = -EBADMSG; + r = -APKE_ADB_BLOCK; err: - if (r >= 0) r = -EBADMSG; + if (r >= 0) r = -APKE_ADB_BLOCK; apk_ostream_cancel(x->os, r); return r; } diff --git a/src/adb_walk_genadb.c b/src/adb_walk_genadb.c index 4852eb6..4788d5f 100644 --- a/src/adb_walk_genadb.c +++ b/src/adb_walk_genadb.c @@ -10,11 +10,11 @@ static int adb_walk_genadb_schema(struct adb_walk *d, uint32_t schema_id) dt->db.hdr.schema = htole32(schema_id); for (s = d->schemas; s->magic; s++) if (s->magic == schema_id) break; - if (!s) return -EAPKDBFORMAT; + if (!s) return -APKE_ADB_SCHEMA; adb_wo_init(&dt->objs[0], &dt->vals[0], s->root, &dt->db); dt->num_vals += s->root->num_fields; - if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -E2BIG; + if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -APKE_ADB_LIMIT; dt->nest = 0; return 0; @@ -29,12 +29,12 @@ static int adb_walk_genadb_start_object(struct adb_walk *d) { struct adb_walk_genadb *dt = container_of(d, struct adb_walk_genadb, d); - if (!dt->db.hdr.schema) return -EAPKDBFORMAT; - if (dt->nest >= ARRAY_SIZE(dt->objs)) return -EAPKDBFORMAT; + if (!dt->db.hdr.schema) return -APKE_ADB_SCHEMA; + if (dt->nest >= ARRAY_SIZE(dt->objs)) return -APKE_ADB_LIMIT; if (dt->curkey[dt->nest] == 0 && dt->objs[dt->nest].schema->kind == ADB_KIND_OBJECT) - return -EAPKDBFORMAT; + return -APKE_ADB_SCHEMA; dt->nest++; adb_wo_init_val( @@ -43,7 +43,7 @@ static int adb_walk_genadb_start_object(struct adb_walk *d) if (*adb_ro_kind(&dt->objs[dt->nest-1], dt->curkey[dt->nest-1]) == ADB_KIND_ADB) { struct adb_adb_schema *schema = container_of(&dt->objs[dt->nest-1].schema->kind, struct adb_adb_schema, kind); - if (dt->nestdb >= ARRAY_SIZE(dt->idb)) return -E2BIG; + if (dt->nestdb >= ARRAY_SIZE(dt->idb)) return -APKE_ADB_LIMIT; adb_reset(&dt->idb[dt->nestdb]); dt->idb[dt->nestdb].hdr.schema = htole32(schema->schema_id); dt->objs[dt->nest].db = &dt->idb[dt->nestdb]; @@ -51,7 +51,7 @@ static int adb_walk_genadb_start_object(struct adb_walk *d) } dt->num_vals += dt->objs[dt->nest].schema->num_fields; - if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -E2BIG; + if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -APKE_ADB_LIMIT; return 0; } @@ -102,11 +102,11 @@ static int adb_walk_genadb_key(struct adb_walk *d, apk_blob_t key) uint8_t kind = dt->objs[dt->nest].schema->kind; if (kind != ADB_KIND_OBJECT && kind != ADB_KIND_ADB) - return -EAPKDBFORMAT; + return -APKE_ADB_SCHEMA; dt->curkey[dt->nest] = adb_s_field_by_name_blob(dt->objs[dt->nest].schema, key); if (dt->curkey[dt->nest] == 0) - return -EAPKDBFORMAT; + return -APKE_ADB_SCHEMA; return 0; } diff --git a/src/apk_adb.c b/src/apk_adb.c index 9be0e57..02e6cda 100644 --- a/src/apk_adb.c +++ b/src/apk_adb.c @@ -28,7 +28,7 @@ int apk_dep_split(apk_blob_t *b, apk_blob_t *bdep) adb_val_t adb_wo_pkginfo(struct adb_obj *obj, unsigned int f, apk_blob_t val) { struct apk_checksum csum; - adb_val_t v = ADB_ERROR(EAPKFORMAT); + adb_val_t v = ADB_ERROR(APKE_ADB_PACKAGE_FORMAT); /* FIXME: get rid of this function, and handle the conversion via schema? */ switch (f) { @@ -325,7 +325,7 @@ static int dependency_fromstring(struct adb_obj *obj, apk_blob_t bdep) return 0; fail: - return -EAPKDEPFORMAT; + return -APKE_ADB_DEPENDENCY_FORMAT; } static int dependency_cmp(const struct adb_obj *o1, const struct adb_obj *o2) diff --git a/src/apk_crypto.h b/src/apk_crypto.h index 6f6e801..d3ce24b 100644 --- a/src/apk_crypto.h +++ b/src/apk_crypto.h @@ -10,9 +10,9 @@ #define APK_CRYPTO_H #include -#include #include #include +#include "apk_defines.h" #include "apk_openssl.h" // Digest @@ -75,7 +75,7 @@ static inline int apk_digest_calc(struct apk_digest *d, uint8_t alg, const void { unsigned int md_sz = sizeof d->data; if (EVP_Digest(ptr, sz, d->data, &md_sz, apk_digest_alg_to_evp(alg), 0) != 1) - return -EIO; + return -APKE_CRYPTO_ERROR; d->alg = alg; d->len = md_sz; return 0; @@ -98,14 +98,14 @@ static inline void apk_digest_ctx_free(struct apk_digest_ctx *dctx) { } static inline int apk_digest_ctx_update(struct apk_digest_ctx *dctx, const void *ptr, size_t sz) { - return EVP_DigestUpdate(dctx->mdctx, ptr, sz) == 1 ? 0 : -EIO; + return EVP_DigestUpdate(dctx->mdctx, ptr, sz) == 1 ? 0 : -APKE_CRYPTO_ERROR; } static inline int apk_digest_ctx_final(struct apk_digest_ctx *dctx, struct apk_digest *d) { unsigned int mdlen = sizeof d->data; if (EVP_DigestFinal_ex(dctx->mdctx, d->data, &mdlen) != 1) { apk_digest_reset(d); - return -EIO; + return -APKE_CRYPTO_ERROR; } d->alg = dctx->alg; d->len = mdlen; diff --git a/src/apk_defines.h b/src/apk_defines.h index 3218277..8901919 100644 --- a/src/apk_defines.h +++ b/src/apk_defines.h @@ -13,6 +13,7 @@ #include #include #include +#include #include #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) @@ -32,11 +33,33 @@ #define NULL 0L #endif -#define EAPKBADURL 1024 -#define EAPKSTALEINDEX 1025 -#define EAPKFORMAT 1026 -#define EAPKDEPFORMAT 1027 -#define EAPKDBFORMAT 1028 +enum { + APKE_EOF = 1024, + APKE_DNS, + APKE_URL_FORMAT, + APKE_CRYPTO_ERROR, + APKE_CRYPTO_NOT_SUPPORTED, + APKE_CRYPTO_KEY_FORMAT, + APKE_SIGNATURE_FAIL, + APKE_SIGNATURE_UNTRUSTED, + APKE_SIGNATURE_INVALID, + APKE_ADB_HEADER, + APKE_ADB_SCHEMA, + APKE_ADB_BLOCK, + APKE_ADB_SIGNATURE, + APKE_ADB_NO_FROMSTRING, + APKE_ADB_LIMIT, + APKE_ADB_DEPENDENCY_FORMAT, + APKE_ADB_PACKAGE_FORMAT, + APKE_V2DB_FORMAT, + APKE_V2PKG_FORMAT, + APKE_V2PKG_INTEGRITY, + APKE_V2NDX_FORMAT, + APKE_PACKAGE_NOT_FOUND, + APKE_INDEX_STALE, + APKE_FILE_INTEGRITY, + APKE_UVOL +}; static inline void *ERR_PTR(long error) { return (void*) error; } static inline void *ERR_CAST(const void *ptr) { return (void*) ptr; } diff --git a/src/app_convndx.c b/src/app_convndx.c index 1aa37f5..440fb3f 100644 --- a/src/app_convndx.c +++ b/src/app_convndx.c @@ -61,7 +61,7 @@ static int load_index(struct conv_ctx *ctx, struct apk_istream *is) apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx->sctx), load_apkindex, ctx, apk_ctx_get_id_cache(ctx->ac)); apk_sign_ctx_free(&ctx->sctx); - if (r >= 0 && ctx->found == 0) r = -ENOMSG; + if (r >= 0 && ctx->found == 0) r = -APKE_V2NDX_FORMAT; return r; } diff --git a/src/app_extract.c b/src/app_extract.c index 89663b5..a8ada87 100644 --- a/src/app_extract.c +++ b/src/app_extract.c @@ -97,7 +97,7 @@ static int uvol_run(struct apk_ctx *ac, char *action, char *volname, char *arg1, waitpid(pid, &status, 0); if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { apk_err(out, "%s: uvol exited with error %d", volname, WEXITSTATUS(status)); - return -EIO; + return -APKE_UVOL; } return 0; } @@ -124,7 +124,7 @@ static int uvol_extract(struct apk_ctx *ac, char *action, char *volname, char *a r = apk_istream_splice(is, pipefds[1], sz, 0, 0, dctx); close(pipefds[1]); if (r != sz) { - if (r >= 0) r = -EIO; + if (r >= 0) r = -APKE_UVOL; apk_err(out, "%s: uvol write error: %s", volname, apk_error_str(r)); return r; } @@ -132,7 +132,7 @@ static int uvol_extract(struct apk_ctx *ac, char *action, char *volname, char *a waitpid(pid, &status, 0); if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { apk_err(out, "%s: uvol exited with error %d", volname, WEXITSTATUS(status)); - return -EIO; + return -APKE_UVOL; } return 0; @@ -172,7 +172,7 @@ static int apk_extract_file(struct extract_ctx *ctx, off_t sz, struct apk_istrea int r; apk_digest_from_blob(&fi.digest, adb_ro_blob(&ctx->file, ADBI_FI_HASHES)); - if (fi.digest.alg == APK_DIGEST_NONE) return -EAPKFORMAT; + if (fi.digest.alg == APK_DIGEST_NONE) return -APKE_ADB_SCHEMA; apk_extract_acl(&fi, adb_ro_obj(&ctx->file, ADBI_FI_ACL, &acl), apk_ctx_get_id_cache(ctx->ac)); fi.mode |= S_IFREG; @@ -187,7 +187,7 @@ static int apk_extract_file(struct extract_ctx *ctx, off_t sz, struct apk_istrea apk_digest_ctx_final(&dctx, &d); apk_digest_ctx_free(&dctx); if (r != 0) return r; - if (apk_digest_cmp(&fi.digest, &d) != 0) return -EAPKDBFORMAT; + if (apk_digest_cmp(&fi.digest, &d) != 0) return -APKE_FILE_INTEGRITY; return 0; } @@ -260,7 +260,7 @@ static int apk_extract_data_block(struct adb *db, size_t sz, struct apk_istream r = apk_extract_next_file(ctx); if (r != 0) { - if (r > 0) r = -EAPKFORMAT; + if (r > 0) r = -APKE_ADB_BLOCK; return r; } @@ -272,7 +272,7 @@ static int apk_extract_data_block(struct adb *db, size_t sz, struct apk_istream hdr->file_idx != ctx->cur_file || sz != adb_ro_int(&ctx->file, ADBI_FI_SIZE)) { // got data for some unexpected file - return -EAPKFORMAT; + return -APKE_ADB_BLOCK; } return apk_extract_file(ctx, sz, is); @@ -289,7 +289,7 @@ static int apk_extract_pkg(struct extract_ctx *ctx, const char *fn) ADB_SCHEMA_PACKAGE, trust, apk_extract_data_block); if (r == 0) { r = apk_extract_next_file(ctx); - if (r == 0) r = -EAPKFORMAT; + if (r == 0) r = -APKE_ADB_BLOCK; if (r == 1) r = 0; } adb_free(&ctx->db); diff --git a/src/app_fetch.c b/src/app_fetch.c index 64e6634..870dda2 100644 --- a/src/app_fetch.c +++ b/src/app_fetch.c @@ -130,7 +130,7 @@ static int fetch_package(apk_hash_item item, void *pctx) repo = apk_db_select_repo(db, pkg); if (repo == NULL) { - r = -ENOPKG; + r = -APKE_PACKAGE_NOT_FOUND; goto err; } diff --git a/src/app_mkndx.c b/src/app_mkndx.c index 8e7e67d..4599fd3 100644 --- a/src/app_mkndx.c +++ b/src/app_mkndx.c @@ -129,7 +129,7 @@ static adb_val_t mkndx_read_v2_pkginfo(struct adb *db, struct apk_istream *is, s if (adb_ro_val(&pkginfo, f->ndx) != ADB_NULL) { /* Workaround abuild bug that emitted multiple license lines */ if (f->ndx == ADBI_PI_LICENSE) continue; - e = ADB_ERROR(EAPKFORMAT); + e = ADB_ERROR(APKE_ADB_PACKAGE_FORMAT); continue; } diff --git a/src/crypto_openssl.c b/src/crypto_openssl.c index 6db5e6d..b32f238 100644 --- a/src/crypto_openssl.c +++ b/src/crypto_openssl.c @@ -73,7 +73,7 @@ int apk_pkey_init(struct apk_pkey *pkey, EVP_PKEY *key) unsigned int dlen = sizeof dig; int len; - if ((len = i2d_PublicKey(key, &pub)) < 0) return -EIO; + if ((len = i2d_PublicKey(key, &pub)) < 0) return -APKE_CRYPTO_ERROR; EVP_Digest(pub, len, dig, &dlen, EVP_sha512(), NULL); memcpy(pkey->id, dig, sizeof pkey->id); OPENSSL_free(pub); @@ -107,7 +107,7 @@ int apk_pkey_load(struct apk_pkey *pkey, int dirfd, const char *fn) ERR_clear_error(); BIO_free(bio); - if (!key) return -EBADMSG; + if (!key) return -APKE_CRYPTO_KEY_FORMAT; apk_pkey_init(pkey, key); return 0; @@ -117,7 +117,7 @@ int apk_sign_start(struct apk_digest_ctx *dctx, struct apk_pkey *pkey) { if (EVP_MD_CTX_reset(dctx->mdctx) != 1 || EVP_DigestSignInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1) - return -EIO; + return -APKE_CRYPTO_ERROR; return 0; } @@ -125,7 +125,7 @@ int apk_sign(struct apk_digest_ctx *dctx, void *sig, size_t *len) { if (EVP_DigestSignFinal(dctx->mdctx, sig, len) != 1) { ERR_print_errors_fp(stderr); - return -EBADMSG; + return -APKE_SIGNATURE_FAIL; } return 0; } @@ -134,7 +134,7 @@ int apk_verify_start(struct apk_digest_ctx *dctx, struct apk_pkey *pkey) { if (EVP_MD_CTX_reset(dctx->mdctx) != 1 || EVP_DigestVerifyInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1) - return -EIO; + return -APKE_CRYPTO_ERROR; return 0; } @@ -142,7 +142,7 @@ int apk_verify(struct apk_digest_ctx *dctx, void *sig, size_t len) { if (EVP_DigestVerifyFinal(dctx->mdctx, sig, len) != 1) { ERR_print_errors_fp(stderr); - return -EBADMSG; + return -APKE_SIGNATURE_INVALID; } return 0; } diff --git a/src/database.c b/src/database.c index 0c5cd43..a0e2fd9 100644 --- a/src/database.c +++ b/src/database.c @@ -910,7 +910,7 @@ old_apk_tools: bad_entry: apk_err(out, "FDB format error (line %d, entry '%c')", lineno, field); err_fmt: - is->err = -EAPKDBFORMAT; + is->err = -APKE_V2DB_FORMAT; return apk_istream_close(is); } @@ -2196,7 +2196,7 @@ static int load_index(struct apk_database *db, struct apk_istream *is, apk_sign_ctx_free(&ctx.sctx); if (r >= 0 && ctx.found == 0) - r = -ENOMSG; + r = -APKE_V2NDX_FORMAT; } else { apk_db_index_read(db, apk_istream_gunzip(is), repo); } @@ -2778,7 +2778,7 @@ static int apk_db_unpack_pkg(struct apk_database *db, if (pkg->filename == NULL) { repo = apk_db_select_repo(db, pkg); if (repo == NULL) { - r = -ENOPKG; + r = -APKE_PACKAGE_NOT_FOUND; goto err_msg; } r = apk_repo_format_item(db, repo, pkg, &filefd, file, sizeof(file)); @@ -2800,7 +2800,7 @@ static int apk_db_unpack_pkg(struct apk_database *db, if (IS_ERR_OR_NULL(is)) { r = PTR_ERR(is); if (r == -ENOENT && pkg->filename == NULL) - r = -EAPKSTALEINDEX; + r = -APKE_INDEX_STALE; goto err_msg; } if (need_copy) { diff --git a/src/io.c b/src/io.c index 2c42eb1..43dfa5a 100644 --- a/src/io.c +++ b/src/io.c @@ -127,7 +127,7 @@ void *apk_istream_get(struct apk_istream *is, size_t len) if (is->end-is->ptr == is->buf_size) return ERR_PTR(-ENOBUFS); if (is->err > 0) - return ERR_PTR(-ENOMSG); + return ERR_PTR(-APKE_EOF); return ERR_PTR(-EIO); } @@ -498,7 +498,7 @@ ssize_t apk_stream_copy(struct apk_istream *is, struct apk_ostream *os, size_t s d = apk_istream_get_max(is, size - done); if (APK_BLOB_IS_NULL(d)) { if (d.len) return d.len; - if (size != APK_IO_ALL) return -EBADMSG; + if (size != APK_IO_ALL) return -APKE_EOF; break; } if (dctx) apk_digest_ctx_update(dctx, d.ptr, d.len); @@ -547,7 +547,7 @@ ssize_t apk_istream_splice(struct apk_istream *is, int fd, size_t size, if (r <= 0) { if (r) goto err; if (size != APK_IO_ALL && done != size) { - r = -EBADMSG; + r = -APKE_EOF; goto err; } break; diff --git a/src/io_archive.c b/src/io_archive.c index 57d8b83..94071f6 100644 --- a/src/io_archive.c +++ b/src/io_archive.c @@ -258,7 +258,7 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser, if (r == 0) goto ok; err: /* Check that there was no partial (or non-zero) record */ - if (r >= 0) r = -EBADMSG; + if (r >= 0) r = -APKE_EOF; ok: free(pax.ptr); free(longname.ptr); diff --git a/src/io_url.c b/src/io_url.c index 07147c2..3cfc27a 100644 --- a/src/io_url.c +++ b/src/io_url.c @@ -51,13 +51,13 @@ static int fetch_maperror(int ec) [FETCH_NETWORK] = -ENETUNREACH, /* [FETCH_OK] = , */ [FETCH_PROTO] = -EPROTO, - [FETCH_RESOLV] = -ENXIO, + [FETCH_RESOLV] = -APKE_DNS, [FETCH_SERVER] = -EREMOTEIO, [FETCH_TEMP] = -EAGAIN, [FETCH_TIMEOUT] = -ETIMEDOUT, [FETCH_UNAVAIL] = -ENOENT, [FETCH_UNKNOWN] = -EIO, - [FETCH_URL] = -EAPKBADURL, + [FETCH_URL] = -APKE_URL_FORMAT, [FETCH_UNCHANGED] = -EALREADY, }; @@ -111,7 +111,7 @@ static struct apk_istream *apk_istream_fetch(const char *url, time_t since) u = fetchParseURL(url); if (!u) { - rc = -EAPKBADURL; + rc = -APKE_URL_FORMAT; goto err; } fis = malloc(sizeof *fis + apk_io_bufsize); diff --git a/src/package.c b/src/package.c index 6cfa1a9..89965ab 100644 --- a/src/package.c +++ b/src/package.c @@ -521,7 +521,7 @@ static int check_signing_key_trust(struct apk_sign_ctx *sctx) if (sctx->signature.pkey == NULL) { if (sctx->allow_untrusted) break; - return -ENOKEY; + return -APKE_SIGNATURE_UNTRUSTED; } } return 0; @@ -554,10 +554,10 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx, * This does not make any sense if the file has v2.0 * style .PKGINFO */ if (ctx->has_data_checksum) - return -ENOMSG; + return -APKE_V2PKG_FORMAT; /* Error out early if identity part is missing */ if (ctx->action == APK_SIGN_VERIFY_IDENTITY) - return -EKEYREJECTED; + return -APKE_V2PKG_FORMAT; ctx->data_started = 1; ctx->control_started = 1; r = check_signing_key_trust(ctx); @@ -669,7 +669,7 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) /* Still in signature blocks? */ if (!sctx->control_started) { if (part == APK_MPART_END) - return -EKEYREJECTED; + return -APKE_V2PKG_FORMAT; goto reset_digest; } @@ -692,10 +692,10 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) if (EVP_MD_CTX_size(sctx->mdctx) == 0 || memcmp(calculated, sctx->data_checksum, EVP_MD_CTX_size(sctx->mdctx)) != 0) - return -EKEYREJECTED; + return -APKE_V2PKG_INTEGRITY; sctx->data_verified = 1; if (!sctx->allow_untrusted && !sctx->control_verified) - return -ENOKEY; + return -APKE_SIGNATURE_UNTRUSTED; return 0; } @@ -715,11 +715,11 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) sctx->signature.data.len, sctx->signature.pkey); if (r != 1 && !sctx->allow_untrusted) - return -EKEYREJECTED; + return -APKE_SIGNATURE_INVALID; } else { r = 0; if (!sctx->allow_untrusted) - return -ENOKEY; + return -APKE_SIGNATURE_UNTRUSTED; } if (r == 1) { sctx->control_verified = 1; @@ -736,7 +736,7 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) EVP_DigestFinal_ex(sctx->mdctx, calculated, NULL); if (memcmp(calculated, sctx->identity.data, sctx->identity.type) != 0) - return -EKEYREJECTED; + return -APKE_V2PKG_INTEGRITY; sctx->control_verified = 1; if (!sctx->has_data_checksum && part == APK_MPART_END) sctx->data_verified = 1; diff --git a/src/print.c b/src/print.c index 26e31e2..307033d 100644 --- a/src/print.c +++ b/src/print.c @@ -24,42 +24,36 @@ const char *apk_error_str(int error) if (error < 0) error = -error; switch (error) { - case ENOKEY: - return "UNTRUSTED signature"; - case EKEYREJECTED: - return "BAD signature"; - case EIO: - return "IO ERROR"; - case EBADMSG: - return "BAD archive"; - case ENOMSG: - return "archive does not contain expected data"; - case ENOPKG: - return "could not find a repo which provides this package (check repositories file and run 'apk update')"; - case ECONNABORTED: - return "network connection aborted"; - case ECONNREFUSED: - return "could not connect to server (check repositories file)"; - case ENETUNREACH: - return "network error (check Internet connection and firewall)"; - case ENXIO: - return "DNS lookup error"; - case EREMOTEIO: - return "remote server returned error (try 'apk update')"; - case ETIMEDOUT: - return "operation timed out"; - case EAGAIN: - return "temporary error (try again later)"; - case EAPKBADURL: - return "invalid URL (check your repositories file)"; - case EAPKSTALEINDEX: - return "package mentioned in index not found (try 'apk update')"; - case EAPKFORMAT: - return "package file format error"; - case EAPKDEPFORMAT: - return "package dependency format error"; - case EAPKDBFORMAT: - return "database file format error"; + case ECONNABORTED: return "network connection aborted"; + case ECONNREFUSED: return "could not connect to server (check repositories file)"; + case ENETUNREACH: return "network error (check Internet connection and firewall)"; + case EREMOTEIO: return "remote server returned error (try 'apk update')"; + case EAGAIN: return "temporary error (try again later)"; + case APKE_EOF: return "unexpected end of file"; + case APKE_DNS: return "DNS error (try again later)"; + case APKE_URL_FORMAT: return "invalid URL (check your repositories file)"; + case APKE_CRYPTO_ERROR: return "crypto error"; + case APKE_CRYPTO_NOT_SUPPORTED: return "cryptographic algorithm not supported"; + case APKE_CRYPTO_KEY_FORMAT: return "cryptographic key format not recognized"; + case APKE_SIGNATURE_FAIL: return "signing failure"; + case APKE_SIGNATURE_UNTRUSTED: return "UNTRUSTED signature"; + case APKE_SIGNATURE_INVALID: return "BAD signature"; + case APKE_ADB_HEADER: return "ADB header error"; + case APKE_ADB_SCHEMA: return "ADB schema error"; + case APKE_ADB_BLOCK: return "ADB block error"; + case APKE_ADB_SIGNATURE: return "ADB signature block error"; + case APKE_ADB_NO_FROMSTRING: return "ADB schema error (no fromstring)"; + case APKE_ADB_LIMIT: return "ADB schema limit reached"; + case APKE_ADB_DEPENDENCY_FORMAT: return "ADB dependency format"; + case APKE_ADB_PACKAGE_FORMAT: return "ADB package format"; + case APKE_V2DB_FORMAT: return "v2 database format error"; + case APKE_V2PKG_FORMAT: return "v2 package format error"; + case APKE_V2PKG_INTEGRITY: return "v2 package integrity error"; + case APKE_V2NDX_FORMAT: return "v2 index format error"; + case APKE_PACKAGE_NOT_FOUND: return "could not find a repo which provides this package (check repositories file and run 'apk update')"; + case APKE_INDEX_STALE: return "package mentioned in index not found (try 'apk update')"; + case APKE_FILE_INTEGRITY: return "file integrity error"; + case APKE_UVOL: return "uvol error"; default: return strerror(error); } diff --git a/src/trust.c b/src/trust.c index 6f0f885..5e2a956 100644 --- a/src/trust.c +++ b/src/trust.c @@ -13,7 +13,7 @@ static struct apk_trust_key *apk_trust_load_key(int dirfd, const char *filename) r = apk_pkey_load(&key->key, dirfd, filename); if (r) { free(key); - return ERR_PTR(-ENOKEY); + return ERR_PTR(r); } list_init(&key->key_node);