reduce misuse of error codes from errno.h
parent
17684141fe
commit
d89c219173
54
src/adb.c
54
src/adb.c
|
@ -20,9 +20,9 @@ static inline struct adb_block *adb_block_validate(struct adb_block *blk, apk_bl
|
|||
{
|
||||
size_t pos = (char *)blk - b.ptr;
|
||||
if (pos == b.len) return NULL;
|
||||
if (sizeof(struct adb_block) > b.len - pos) return ERR_PTR(-EBADMSG);
|
||||
if (adb_block_rawsize(blk) < sizeof(struct adb_block)) return ERR_PTR(-EBADMSG);
|
||||
if (adb_block_size(blk) > b.len - pos) return ERR_PTR(-EBADMSG);
|
||||
if (sizeof(struct adb_block) > b.len - pos) return ERR_PTR(-APKE_ADB_BLOCK);
|
||||
if (adb_block_rawsize(blk) < sizeof(struct adb_block)) return ERR_PTR(-APKE_ADB_BLOCK);
|
||||
if (adb_block_size(blk) > b.len - pos) return ERR_PTR(-APKE_ADB_BLOCK);
|
||||
return blk;
|
||||
}
|
||||
|
||||
|
@ -69,7 +69,7 @@ static int __adb_m_parse(struct adb *db, struct apk_trust *t)
|
|||
{
|
||||
struct adb_verify_ctx vfy = {};
|
||||
struct adb_block *blk;
|
||||
int r = -EBADMSG;
|
||||
int r = -APKE_ADB_BLOCK;
|
||||
int trusted = t ? 0 : 1;
|
||||
|
||||
adb_foreach_block(blk, db->data) {
|
||||
|
@ -91,7 +91,7 @@ static int __adb_m_parse(struct adb *db, struct apk_trust *t)
|
|||
}
|
||||
}
|
||||
if (IS_ERR(blk)) r = PTR_ERR(blk);
|
||||
else if (!trusted) r = -ENOKEY;
|
||||
else if (!trusted) r = -APKE_SIGNATURE_UNTRUSTED;
|
||||
else if (db->adb.ptr) r = 0;
|
||||
|
||||
if (r != 0) {
|
||||
|
@ -110,7 +110,7 @@ int adb_m_map(struct adb *db, int fd, uint32_t expected_schema, struct apk_trust
|
|||
{
|
||||
struct stat st;
|
||||
struct adb_header *hdr;
|
||||
int r = -EBADMSG;
|
||||
int r = -APKE_ADB_HEADER;
|
||||
|
||||
if (fstat(fd, &st) != 0) return -errno;
|
||||
if (st.st_size < sizeof *hdr) return -EIO;
|
||||
|
@ -152,8 +152,8 @@ int adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expected_schem
|
|||
do {
|
||||
r = apk_istream_read(is, &blk, sizeof blk);
|
||||
if (r == 0) {
|
||||
if (!trusted) r = -ENOKEY;
|
||||
else if (!db->adb.ptr) r = -ENOMSG;
|
||||
if (!trusted) r = -APKE_SIGNATURE_UNTRUSTED;
|
||||
else if (!db->adb.ptr) r = -APKE_ADB_BLOCK;
|
||||
goto done;
|
||||
}
|
||||
if (r < 0 || r != sizeof blk) goto err;
|
||||
|
@ -183,7 +183,7 @@ int adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expected_schem
|
|||
case ADB_BLOCK_DATA:
|
||||
if (APK_BLOB_IS_NULL(db->adb)) goto bad_msg;
|
||||
if (!trusted) {
|
||||
r = -ENOKEY;
|
||||
r = -APKE_SIGNATURE_UNTRUSTED;
|
||||
goto err;
|
||||
}
|
||||
r = datacb(db, adb_block_length(&blk),
|
||||
|
@ -199,9 +199,9 @@ int adb_m_stream(struct adb *db, struct apk_istream *is, uint32_t expected_schem
|
|||
}
|
||||
} while (1);
|
||||
bad_msg:
|
||||
r = -EBADMSG;
|
||||
r = -APKE_ADB_BLOCK;
|
||||
err:
|
||||
if (r >= 0) r = -EBADMSG;
|
||||
if (r >= 0) r = -APKE_ADB_BLOCK;
|
||||
done:
|
||||
apk_istream_close(is);
|
||||
return r;
|
||||
|
@ -675,13 +675,13 @@ adb_val_t adb_w_fromstring(struct adb *db, const uint8_t *kind, apk_blob_t val)
|
|||
struct adb_obj obj;
|
||||
struct adb_object_schema *schema = container_of(kind, struct adb_object_schema, kind);
|
||||
adb_wo_alloca(&obj, schema, db);
|
||||
if (!schema->fromstring) return ADB_ERROR(EAPKDBFORMAT);
|
||||
if (!schema->fromstring) return ADB_ERROR(APKE_ADB_NO_FROMSTRING);
|
||||
r = schema->fromstring(&obj, val);
|
||||
if (r) return ADB_ERROR(r);
|
||||
return adb_w_obj(&obj);
|
||||
}
|
||||
default:
|
||||
return ADB_ERROR(ENOSYS);
|
||||
return ADB_ERROR(APKE_ADB_NO_FROMSTRING);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -938,6 +938,8 @@ int adb_c_block_data(struct apk_ostream *os, apk_blob_t hdr, uint32_t size, stru
|
|||
|
||||
int adb_c_block_copy(struct apk_ostream *os, struct adb_block *b, struct apk_istream *is, struct adb_verify_ctx *vfy)
|
||||
{
|
||||
size_t blk_sz = adb_block_length(b);
|
||||
size_t padding = adb_block_padding(b);
|
||||
int r;
|
||||
|
||||
r = apk_ostream_write(os, b, sizeof *b);
|
||||
|
@ -948,12 +950,16 @@ int adb_c_block_copy(struct apk_ostream *os, struct adb_block *b, struct apk_ist
|
|||
const uint8_t alg = APK_DIGEST_SHA512;
|
||||
|
||||
apk_digest_ctx_init(&dctx, alg);
|
||||
r = apk_stream_copy(is, os, adb_block_size(b), 0, 0, &dctx);
|
||||
r = apk_stream_copy(is, os, blk_sz, 0, 0, &dctx);
|
||||
apk_digest_ctx_final(&dctx, &vfy->sha512);
|
||||
vfy->calc |= (1 << alg);
|
||||
apk_digest_ctx_free(&dctx);
|
||||
} else {
|
||||
r = apk_stream_copy(is, os, adb_block_size(b), 0, 0, 0);
|
||||
r = apk_stream_copy(is, os, blk_sz, 0, 0, 0);
|
||||
}
|
||||
if (padding) {
|
||||
r = apk_ostream_write(os, padding_zeroes, padding);
|
||||
if (r < 0) return r;
|
||||
}
|
||||
return r;
|
||||
}
|
||||
|
@ -963,7 +969,7 @@ int adb_c_adb(struct apk_ostream *os, struct adb *db, struct apk_trust *t)
|
|||
if (IS_ERR(os))
|
||||
return apk_ostream_cancel(os, PTR_ERR(os));
|
||||
if (db->hdr.magic != htole32(ADB_FORMAT_MAGIC))
|
||||
return apk_ostream_cancel(os, -EAPKFORMAT);
|
||||
return apk_ostream_cancel(os, -APKE_ADB_HEADER);
|
||||
|
||||
adb_c_header(os, db);
|
||||
adb_c_block(os, ADB_BLOCK_ADB, db->adb);
|
||||
|
@ -989,11 +995,11 @@ static int adb_digest_adb(struct adb_verify_ctx *vfy, unsigned int hash_alg, apk
|
|||
d = &vfy->sha512;
|
||||
break;
|
||||
default:
|
||||
return -ENOTSUP;
|
||||
return -APKE_CRYPTO_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (!(vfy->calc & (1 << hash_alg))) {
|
||||
if (APK_BLOB_IS_NULL(data)) return -ENOMSG;
|
||||
if (APK_BLOB_IS_NULL(data)) return -APKE_ADB_BLOCK;
|
||||
r = apk_digest_calc(d, hash_alg, data.ptr, data.len);
|
||||
if (r != 0) return r;
|
||||
vfy->calc |= (1 << hash_alg);
|
||||
|
@ -1064,12 +1070,12 @@ int adb_trust_verify_signature(struct apk_trust *trust, struct adb *db, struct a
|
|||
struct adb_sign_v0 *sig0;
|
||||
apk_blob_t md;
|
||||
|
||||
if (APK_BLOB_IS_NULL(db->adb)) return -ENOMSG;
|
||||
if (sigb.len < sizeof(struct adb_sign_hdr)) return -EBADMSG;
|
||||
if (APK_BLOB_IS_NULL(db->adb)) return -APKE_ADB_BLOCK;
|
||||
if (sigb.len < sizeof(struct adb_sign_hdr)) return -APKE_ADB_SIGNATURE;
|
||||
|
||||
sig = (struct adb_sign_hdr *) sigb.ptr;
|
||||
sig0 = (struct adb_sign_v0 *) sigb.ptr;
|
||||
if (sig->sign_ver != 0) return -ENOSYS;
|
||||
if (sig->sign_ver != 0) return -APKE_ADB_SIGNATURE;
|
||||
|
||||
list_for_each_entry(tkey, &trust->trusted_key_list, key_node) {
|
||||
if (memcmp(sig0->id, tkey->key.id, sizeof sig0->id) != 0) continue;
|
||||
|
@ -1083,7 +1089,7 @@ int adb_trust_verify_signature(struct apk_trust *trust, struct adb *db, struct a
|
|||
return 0;
|
||||
}
|
||||
|
||||
return -EKEYREJECTED;
|
||||
return -APKE_SIGNATURE_UNTRUSTED;
|
||||
}
|
||||
|
||||
/* Container transformation interface */
|
||||
|
@ -1125,9 +1131,9 @@ int adb_c_xfrm(struct adb_xfrm *x, int (*cb)(struct adb_xfrm *, struct adb_block
|
|||
}
|
||||
} while (1);
|
||||
bad_msg:
|
||||
r = -EBADMSG;
|
||||
r = -APKE_ADB_BLOCK;
|
||||
err:
|
||||
if (r >= 0) r = -EBADMSG;
|
||||
if (r >= 0) r = -APKE_ADB_BLOCK;
|
||||
apk_ostream_cancel(x->os, r);
|
||||
return r;
|
||||
}
|
||||
|
|
|
@ -10,11 +10,11 @@ static int adb_walk_genadb_schema(struct adb_walk *d, uint32_t schema_id)
|
|||
dt->db.hdr.schema = htole32(schema_id);
|
||||
for (s = d->schemas; s->magic; s++)
|
||||
if (s->magic == schema_id) break;
|
||||
if (!s) return -EAPKDBFORMAT;
|
||||
if (!s) return -APKE_ADB_SCHEMA;
|
||||
|
||||
adb_wo_init(&dt->objs[0], &dt->vals[0], s->root, &dt->db);
|
||||
dt->num_vals += s->root->num_fields;
|
||||
if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -E2BIG;
|
||||
if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -APKE_ADB_LIMIT;
|
||||
dt->nest = 0;
|
||||
|
||||
return 0;
|
||||
|
@ -29,12 +29,12 @@ static int adb_walk_genadb_start_object(struct adb_walk *d)
|
|||
{
|
||||
struct adb_walk_genadb *dt = container_of(d, struct adb_walk_genadb, d);
|
||||
|
||||
if (!dt->db.hdr.schema) return -EAPKDBFORMAT;
|
||||
if (dt->nest >= ARRAY_SIZE(dt->objs)) return -EAPKDBFORMAT;
|
||||
if (!dt->db.hdr.schema) return -APKE_ADB_SCHEMA;
|
||||
if (dt->nest >= ARRAY_SIZE(dt->objs)) return -APKE_ADB_LIMIT;
|
||||
|
||||
if (dt->curkey[dt->nest] == 0 &&
|
||||
dt->objs[dt->nest].schema->kind == ADB_KIND_OBJECT)
|
||||
return -EAPKDBFORMAT;
|
||||
return -APKE_ADB_SCHEMA;
|
||||
|
||||
dt->nest++;
|
||||
adb_wo_init_val(
|
||||
|
@ -43,7 +43,7 @@ static int adb_walk_genadb_start_object(struct adb_walk *d)
|
|||
|
||||
if (*adb_ro_kind(&dt->objs[dt->nest-1], dt->curkey[dt->nest-1]) == ADB_KIND_ADB) {
|
||||
struct adb_adb_schema *schema = container_of(&dt->objs[dt->nest-1].schema->kind, struct adb_adb_schema, kind);
|
||||
if (dt->nestdb >= ARRAY_SIZE(dt->idb)) return -E2BIG;
|
||||
if (dt->nestdb >= ARRAY_SIZE(dt->idb)) return -APKE_ADB_LIMIT;
|
||||
adb_reset(&dt->idb[dt->nestdb]);
|
||||
dt->idb[dt->nestdb].hdr.schema = htole32(schema->schema_id);
|
||||
dt->objs[dt->nest].db = &dt->idb[dt->nestdb];
|
||||
|
@ -51,7 +51,7 @@ static int adb_walk_genadb_start_object(struct adb_walk *d)
|
|||
}
|
||||
|
||||
dt->num_vals += dt->objs[dt->nest].schema->num_fields;
|
||||
if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -E2BIG;
|
||||
if (dt->num_vals >= ARRAY_SIZE(dt->vals)) return -APKE_ADB_LIMIT;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -102,11 +102,11 @@ static int adb_walk_genadb_key(struct adb_walk *d, apk_blob_t key)
|
|||
uint8_t kind = dt->objs[dt->nest].schema->kind;
|
||||
|
||||
if (kind != ADB_KIND_OBJECT && kind != ADB_KIND_ADB)
|
||||
return -EAPKDBFORMAT;
|
||||
return -APKE_ADB_SCHEMA;
|
||||
|
||||
dt->curkey[dt->nest] = adb_s_field_by_name_blob(dt->objs[dt->nest].schema, key);
|
||||
if (dt->curkey[dt->nest] == 0)
|
||||
return -EAPKDBFORMAT;
|
||||
return -APKE_ADB_SCHEMA;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -28,7 +28,7 @@ int apk_dep_split(apk_blob_t *b, apk_blob_t *bdep)
|
|||
adb_val_t adb_wo_pkginfo(struct adb_obj *obj, unsigned int f, apk_blob_t val)
|
||||
{
|
||||
struct apk_checksum csum;
|
||||
adb_val_t v = ADB_ERROR(EAPKFORMAT);
|
||||
adb_val_t v = ADB_ERROR(APKE_ADB_PACKAGE_FORMAT);
|
||||
|
||||
/* FIXME: get rid of this function, and handle the conversion via schema? */
|
||||
switch (f) {
|
||||
|
@ -325,7 +325,7 @@ static int dependency_fromstring(struct adb_obj *obj, apk_blob_t bdep)
|
|||
return 0;
|
||||
|
||||
fail:
|
||||
return -EAPKDEPFORMAT;
|
||||
return -APKE_ADB_DEPENDENCY_FORMAT;
|
||||
}
|
||||
|
||||
static int dependency_cmp(const struct adb_obj *o1, const struct adb_obj *o2)
|
||||
|
|
|
@ -10,9 +10,9 @@
|
|||
#define APK_CRYPTO_H
|
||||
|
||||
#include <assert.h>
|
||||
#include <errno.h>
|
||||
#include <string.h>
|
||||
#include <openssl/evp.h>
|
||||
#include "apk_defines.h"
|
||||
#include "apk_openssl.h"
|
||||
|
||||
// Digest
|
||||
|
@ -75,7 +75,7 @@ static inline int apk_digest_calc(struct apk_digest *d, uint8_t alg, const void
|
|||
{
|
||||
unsigned int md_sz = sizeof d->data;
|
||||
if (EVP_Digest(ptr, sz, d->data, &md_sz, apk_digest_alg_to_evp(alg), 0) != 1)
|
||||
return -EIO;
|
||||
return -APKE_CRYPTO_ERROR;
|
||||
d->alg = alg;
|
||||
d->len = md_sz;
|
||||
return 0;
|
||||
|
@ -98,14 +98,14 @@ static inline void apk_digest_ctx_free(struct apk_digest_ctx *dctx) {
|
|||
}
|
||||
|
||||
static inline int apk_digest_ctx_update(struct apk_digest_ctx *dctx, const void *ptr, size_t sz) {
|
||||
return EVP_DigestUpdate(dctx->mdctx, ptr, sz) == 1 ? 0 : -EIO;
|
||||
return EVP_DigestUpdate(dctx->mdctx, ptr, sz) == 1 ? 0 : -APKE_CRYPTO_ERROR;
|
||||
}
|
||||
|
||||
static inline int apk_digest_ctx_final(struct apk_digest_ctx *dctx, struct apk_digest *d) {
|
||||
unsigned int mdlen = sizeof d->data;
|
||||
if (EVP_DigestFinal_ex(dctx->mdctx, d->data, &mdlen) != 1) {
|
||||
apk_digest_reset(d);
|
||||
return -EIO;
|
||||
return -APKE_CRYPTO_ERROR;
|
||||
}
|
||||
d->alg = dctx->alg;
|
||||
d->len = mdlen;
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
#include <endian.h>
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
#include <time.h>
|
||||
|
||||
#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
|
||||
|
@ -32,11 +33,33 @@
|
|||
#define NULL 0L
|
||||
#endif
|
||||
|
||||
#define EAPKBADURL 1024
|
||||
#define EAPKSTALEINDEX 1025
|
||||
#define EAPKFORMAT 1026
|
||||
#define EAPKDEPFORMAT 1027
|
||||
#define EAPKDBFORMAT 1028
|
||||
enum {
|
||||
APKE_EOF = 1024,
|
||||
APKE_DNS,
|
||||
APKE_URL_FORMAT,
|
||||
APKE_CRYPTO_ERROR,
|
||||
APKE_CRYPTO_NOT_SUPPORTED,
|
||||
APKE_CRYPTO_KEY_FORMAT,
|
||||
APKE_SIGNATURE_FAIL,
|
||||
APKE_SIGNATURE_UNTRUSTED,
|
||||
APKE_SIGNATURE_INVALID,
|
||||
APKE_ADB_HEADER,
|
||||
APKE_ADB_SCHEMA,
|
||||
APKE_ADB_BLOCK,
|
||||
APKE_ADB_SIGNATURE,
|
||||
APKE_ADB_NO_FROMSTRING,
|
||||
APKE_ADB_LIMIT,
|
||||
APKE_ADB_DEPENDENCY_FORMAT,
|
||||
APKE_ADB_PACKAGE_FORMAT,
|
||||
APKE_V2DB_FORMAT,
|
||||
APKE_V2PKG_FORMAT,
|
||||
APKE_V2PKG_INTEGRITY,
|
||||
APKE_V2NDX_FORMAT,
|
||||
APKE_PACKAGE_NOT_FOUND,
|
||||
APKE_INDEX_STALE,
|
||||
APKE_FILE_INTEGRITY,
|
||||
APKE_UVOL
|
||||
};
|
||||
|
||||
static inline void *ERR_PTR(long error) { return (void*) error; }
|
||||
static inline void *ERR_CAST(const void *ptr) { return (void*) ptr; }
|
||||
|
|
|
@ -61,7 +61,7 @@ static int load_index(struct conv_ctx *ctx, struct apk_istream *is)
|
|||
apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx->sctx),
|
||||
load_apkindex, ctx, apk_ctx_get_id_cache(ctx->ac));
|
||||
apk_sign_ctx_free(&ctx->sctx);
|
||||
if (r >= 0 && ctx->found == 0) r = -ENOMSG;
|
||||
if (r >= 0 && ctx->found == 0) r = -APKE_V2NDX_FORMAT;
|
||||
|
||||
return r;
|
||||
}
|
||||
|
|
|
@ -97,7 +97,7 @@ static int uvol_run(struct apk_ctx *ac, char *action, char *volname, char *arg1,
|
|||
waitpid(pid, &status, 0);
|
||||
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
|
||||
apk_err(out, "%s: uvol exited with error %d", volname, WEXITSTATUS(status));
|
||||
return -EIO;
|
||||
return -APKE_UVOL;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
@ -124,7 +124,7 @@ static int uvol_extract(struct apk_ctx *ac, char *action, char *volname, char *a
|
|||
r = apk_istream_splice(is, pipefds[1], sz, 0, 0, dctx);
|
||||
close(pipefds[1]);
|
||||
if (r != sz) {
|
||||
if (r >= 0) r = -EIO;
|
||||
if (r >= 0) r = -APKE_UVOL;
|
||||
apk_err(out, "%s: uvol write error: %s", volname, apk_error_str(r));
|
||||
return r;
|
||||
}
|
||||
|
@ -132,7 +132,7 @@ static int uvol_extract(struct apk_ctx *ac, char *action, char *volname, char *a
|
|||
waitpid(pid, &status, 0);
|
||||
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
|
||||
apk_err(out, "%s: uvol exited with error %d", volname, WEXITSTATUS(status));
|
||||
return -EIO;
|
||||
return -APKE_UVOL;
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
@ -172,7 +172,7 @@ static int apk_extract_file(struct extract_ctx *ctx, off_t sz, struct apk_istrea
|
|||
int r;
|
||||
|
||||
apk_digest_from_blob(&fi.digest, adb_ro_blob(&ctx->file, ADBI_FI_HASHES));
|
||||
if (fi.digest.alg == APK_DIGEST_NONE) return -EAPKFORMAT;
|
||||
if (fi.digest.alg == APK_DIGEST_NONE) return -APKE_ADB_SCHEMA;
|
||||
apk_extract_acl(&fi, adb_ro_obj(&ctx->file, ADBI_FI_ACL, &acl), apk_ctx_get_id_cache(ctx->ac));
|
||||
fi.mode |= S_IFREG;
|
||||
|
||||
|
@ -187,7 +187,7 @@ static int apk_extract_file(struct extract_ctx *ctx, off_t sz, struct apk_istrea
|
|||
apk_digest_ctx_final(&dctx, &d);
|
||||
apk_digest_ctx_free(&dctx);
|
||||
if (r != 0) return r;
|
||||
if (apk_digest_cmp(&fi.digest, &d) != 0) return -EAPKDBFORMAT;
|
||||
if (apk_digest_cmp(&fi.digest, &d) != 0) return -APKE_FILE_INTEGRITY;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -260,7 +260,7 @@ static int apk_extract_data_block(struct adb *db, size_t sz, struct apk_istream
|
|||
|
||||
r = apk_extract_next_file(ctx);
|
||||
if (r != 0) {
|
||||
if (r > 0) r = -EAPKFORMAT;
|
||||
if (r > 0) r = -APKE_ADB_BLOCK;
|
||||
return r;
|
||||
}
|
||||
|
||||
|
@ -272,7 +272,7 @@ static int apk_extract_data_block(struct adb *db, size_t sz, struct apk_istream
|
|||
hdr->file_idx != ctx->cur_file ||
|
||||
sz != adb_ro_int(&ctx->file, ADBI_FI_SIZE)) {
|
||||
// got data for some unexpected file
|
||||
return -EAPKFORMAT;
|
||||
return -APKE_ADB_BLOCK;
|
||||
}
|
||||
|
||||
return apk_extract_file(ctx, sz, is);
|
||||
|
@ -289,7 +289,7 @@ static int apk_extract_pkg(struct extract_ctx *ctx, const char *fn)
|
|||
ADB_SCHEMA_PACKAGE, trust, apk_extract_data_block);
|
||||
if (r == 0) {
|
||||
r = apk_extract_next_file(ctx);
|
||||
if (r == 0) r = -EAPKFORMAT;
|
||||
if (r == 0) r = -APKE_ADB_BLOCK;
|
||||
if (r == 1) r = 0;
|
||||
}
|
||||
adb_free(&ctx->db);
|
||||
|
|
|
@ -130,7 +130,7 @@ static int fetch_package(apk_hash_item item, void *pctx)
|
|||
|
||||
repo = apk_db_select_repo(db, pkg);
|
||||
if (repo == NULL) {
|
||||
r = -ENOPKG;
|
||||
r = -APKE_PACKAGE_NOT_FOUND;
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
|
|
@ -129,7 +129,7 @@ static adb_val_t mkndx_read_v2_pkginfo(struct adb *db, struct apk_istream *is, s
|
|||
if (adb_ro_val(&pkginfo, f->ndx) != ADB_NULL) {
|
||||
/* Workaround abuild bug that emitted multiple license lines */
|
||||
if (f->ndx == ADBI_PI_LICENSE) continue;
|
||||
e = ADB_ERROR(EAPKFORMAT);
|
||||
e = ADB_ERROR(APKE_ADB_PACKAGE_FORMAT);
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
|
@ -73,7 +73,7 @@ int apk_pkey_init(struct apk_pkey *pkey, EVP_PKEY *key)
|
|||
unsigned int dlen = sizeof dig;
|
||||
int len;
|
||||
|
||||
if ((len = i2d_PublicKey(key, &pub)) < 0) return -EIO;
|
||||
if ((len = i2d_PublicKey(key, &pub)) < 0) return -APKE_CRYPTO_ERROR;
|
||||
EVP_Digest(pub, len, dig, &dlen, EVP_sha512(), NULL);
|
||||
memcpy(pkey->id, dig, sizeof pkey->id);
|
||||
OPENSSL_free(pub);
|
||||
|
@ -107,7 +107,7 @@ int apk_pkey_load(struct apk_pkey *pkey, int dirfd, const char *fn)
|
|||
ERR_clear_error();
|
||||
|
||||
BIO_free(bio);
|
||||
if (!key) return -EBADMSG;
|
||||
if (!key) return -APKE_CRYPTO_KEY_FORMAT;
|
||||
|
||||
apk_pkey_init(pkey, key);
|
||||
return 0;
|
||||
|
@ -117,7 +117,7 @@ int apk_sign_start(struct apk_digest_ctx *dctx, struct apk_pkey *pkey)
|
|||
{
|
||||
if (EVP_MD_CTX_reset(dctx->mdctx) != 1 ||
|
||||
EVP_DigestSignInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1)
|
||||
return -EIO;
|
||||
return -APKE_CRYPTO_ERROR;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -125,7 +125,7 @@ int apk_sign(struct apk_digest_ctx *dctx, void *sig, size_t *len)
|
|||
{
|
||||
if (EVP_DigestSignFinal(dctx->mdctx, sig, len) != 1) {
|
||||
ERR_print_errors_fp(stderr);
|
||||
return -EBADMSG;
|
||||
return -APKE_SIGNATURE_FAIL;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
@ -134,7 +134,7 @@ int apk_verify_start(struct apk_digest_ctx *dctx, struct apk_pkey *pkey)
|
|||
{
|
||||
if (EVP_MD_CTX_reset(dctx->mdctx) != 1 ||
|
||||
EVP_DigestVerifyInit(dctx->mdctx, NULL, EVP_sha512(), NULL, pkey->key) != 1)
|
||||
return -EIO;
|
||||
return -APKE_CRYPTO_ERROR;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -142,7 +142,7 @@ int apk_verify(struct apk_digest_ctx *dctx, void *sig, size_t len)
|
|||
{
|
||||
if (EVP_DigestVerifyFinal(dctx->mdctx, sig, len) != 1) {
|
||||
ERR_print_errors_fp(stderr);
|
||||
return -EBADMSG;
|
||||
return -APKE_SIGNATURE_INVALID;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -910,7 +910,7 @@ old_apk_tools:
|
|||
bad_entry:
|
||||
apk_err(out, "FDB format error (line %d, entry '%c')", lineno, field);
|
||||
err_fmt:
|
||||
is->err = -EAPKDBFORMAT;
|
||||
is->err = -APKE_V2DB_FORMAT;
|
||||
return apk_istream_close(is);
|
||||
}
|
||||
|
||||
|
@ -2196,7 +2196,7 @@ static int load_index(struct apk_database *db, struct apk_istream *is,
|
|||
apk_sign_ctx_free(&ctx.sctx);
|
||||
|
||||
if (r >= 0 && ctx.found == 0)
|
||||
r = -ENOMSG;
|
||||
r = -APKE_V2NDX_FORMAT;
|
||||
} else {
|
||||
apk_db_index_read(db, apk_istream_gunzip(is), repo);
|
||||
}
|
||||
|
@ -2778,7 +2778,7 @@ static int apk_db_unpack_pkg(struct apk_database *db,
|
|||
if (pkg->filename == NULL) {
|
||||
repo = apk_db_select_repo(db, pkg);
|
||||
if (repo == NULL) {
|
||||
r = -ENOPKG;
|
||||
r = -APKE_PACKAGE_NOT_FOUND;
|
||||
goto err_msg;
|
||||
}
|
||||
r = apk_repo_format_item(db, repo, pkg, &filefd, file, sizeof(file));
|
||||
|
@ -2800,7 +2800,7 @@ static int apk_db_unpack_pkg(struct apk_database *db,
|
|||
if (IS_ERR_OR_NULL(is)) {
|
||||
r = PTR_ERR(is);
|
||||
if (r == -ENOENT && pkg->filename == NULL)
|
||||
r = -EAPKSTALEINDEX;
|
||||
r = -APKE_INDEX_STALE;
|
||||
goto err_msg;
|
||||
}
|
||||
if (need_copy) {
|
||||
|
|
6
src/io.c
6
src/io.c
|
@ -127,7 +127,7 @@ void *apk_istream_get(struct apk_istream *is, size_t len)
|
|||
if (is->end-is->ptr == is->buf_size)
|
||||
return ERR_PTR(-ENOBUFS);
|
||||
if (is->err > 0)
|
||||
return ERR_PTR(-ENOMSG);
|
||||
return ERR_PTR(-APKE_EOF);
|
||||
return ERR_PTR(-EIO);
|
||||
}
|
||||
|
||||
|
@ -498,7 +498,7 @@ ssize_t apk_stream_copy(struct apk_istream *is, struct apk_ostream *os, size_t s
|
|||
d = apk_istream_get_max(is, size - done);
|
||||
if (APK_BLOB_IS_NULL(d)) {
|
||||
if (d.len) return d.len;
|
||||
if (size != APK_IO_ALL) return -EBADMSG;
|
||||
if (size != APK_IO_ALL) return -APKE_EOF;
|
||||
break;
|
||||
}
|
||||
if (dctx) apk_digest_ctx_update(dctx, d.ptr, d.len);
|
||||
|
@ -547,7 +547,7 @@ ssize_t apk_istream_splice(struct apk_istream *is, int fd, size_t size,
|
|||
if (r <= 0) {
|
||||
if (r) goto err;
|
||||
if (size != APK_IO_ALL && done != size) {
|
||||
r = -EBADMSG;
|
||||
r = -APKE_EOF;
|
||||
goto err;
|
||||
}
|
||||
break;
|
||||
|
|
|
@ -258,7 +258,7 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
|
|||
if (r == 0) goto ok;
|
||||
err:
|
||||
/* Check that there was no partial (or non-zero) record */
|
||||
if (r >= 0) r = -EBADMSG;
|
||||
if (r >= 0) r = -APKE_EOF;
|
||||
ok:
|
||||
free(pax.ptr);
|
||||
free(longname.ptr);
|
||||
|
|
|
@ -51,13 +51,13 @@ static int fetch_maperror(int ec)
|
|||
[FETCH_NETWORK] = -ENETUNREACH,
|
||||
/* [FETCH_OK] = , */
|
||||
[FETCH_PROTO] = -EPROTO,
|
||||
[FETCH_RESOLV] = -ENXIO,
|
||||
[FETCH_RESOLV] = -APKE_DNS,
|
||||
[FETCH_SERVER] = -EREMOTEIO,
|
||||
[FETCH_TEMP] = -EAGAIN,
|
||||
[FETCH_TIMEOUT] = -ETIMEDOUT,
|
||||
[FETCH_UNAVAIL] = -ENOENT,
|
||||
[FETCH_UNKNOWN] = -EIO,
|
||||
[FETCH_URL] = -EAPKBADURL,
|
||||
[FETCH_URL] = -APKE_URL_FORMAT,
|
||||
[FETCH_UNCHANGED] = -EALREADY,
|
||||
};
|
||||
|
||||
|
@ -111,7 +111,7 @@ static struct apk_istream *apk_istream_fetch(const char *url, time_t since)
|
|||
|
||||
u = fetchParseURL(url);
|
||||
if (!u) {
|
||||
rc = -EAPKBADURL;
|
||||
rc = -APKE_URL_FORMAT;
|
||||
goto err;
|
||||
}
|
||||
fis = malloc(sizeof *fis + apk_io_bufsize);
|
||||
|
|
|
@ -521,7 +521,7 @@ static int check_signing_key_trust(struct apk_sign_ctx *sctx)
|
|||
if (sctx->signature.pkey == NULL) {
|
||||
if (sctx->allow_untrusted)
|
||||
break;
|
||||
return -ENOKEY;
|
||||
return -APKE_SIGNATURE_UNTRUSTED;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
|
@ -554,10 +554,10 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx,
|
|||
* This does not make any sense if the file has v2.0
|
||||
* style .PKGINFO */
|
||||
if (ctx->has_data_checksum)
|
||||
return -ENOMSG;
|
||||
return -APKE_V2PKG_FORMAT;
|
||||
/* Error out early if identity part is missing */
|
||||
if (ctx->action == APK_SIGN_VERIFY_IDENTITY)
|
||||
return -EKEYREJECTED;
|
||||
return -APKE_V2PKG_FORMAT;
|
||||
ctx->data_started = 1;
|
||||
ctx->control_started = 1;
|
||||
r = check_signing_key_trust(ctx);
|
||||
|
@ -669,7 +669,7 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data)
|
|||
/* Still in signature blocks? */
|
||||
if (!sctx->control_started) {
|
||||
if (part == APK_MPART_END)
|
||||
return -EKEYREJECTED;
|
||||
return -APKE_V2PKG_FORMAT;
|
||||
goto reset_digest;
|
||||
}
|
||||
|
||||
|
@ -692,10 +692,10 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data)
|
|||
if (EVP_MD_CTX_size(sctx->mdctx) == 0 ||
|
||||
memcmp(calculated, sctx->data_checksum,
|
||||
EVP_MD_CTX_size(sctx->mdctx)) != 0)
|
||||
return -EKEYREJECTED;
|
||||
return -APKE_V2PKG_INTEGRITY;
|
||||
sctx->data_verified = 1;
|
||||
if (!sctx->allow_untrusted && !sctx->control_verified)
|
||||
return -ENOKEY;
|
||||
return -APKE_SIGNATURE_UNTRUSTED;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -715,11 +715,11 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data)
|
|||
sctx->signature.data.len,
|
||||
sctx->signature.pkey);
|
||||
if (r != 1 && !sctx->allow_untrusted)
|
||||
return -EKEYREJECTED;
|
||||
return -APKE_SIGNATURE_INVALID;
|
||||
} else {
|
||||
r = 0;
|
||||
if (!sctx->allow_untrusted)
|
||||
return -ENOKEY;
|
||||
return -APKE_SIGNATURE_UNTRUSTED;
|
||||
}
|
||||
if (r == 1) {
|
||||
sctx->control_verified = 1;
|
||||
|
@ -736,7 +736,7 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data)
|
|||
EVP_DigestFinal_ex(sctx->mdctx, calculated, NULL);
|
||||
if (memcmp(calculated, sctx->identity.data,
|
||||
sctx->identity.type) != 0)
|
||||
return -EKEYREJECTED;
|
||||
return -APKE_V2PKG_INTEGRITY;
|
||||
sctx->control_verified = 1;
|
||||
if (!sctx->has_data_checksum && part == APK_MPART_END)
|
||||
sctx->data_verified = 1;
|
||||
|
|
66
src/print.c
66
src/print.c
|
@ -24,42 +24,36 @@ const char *apk_error_str(int error)
|
|||
if (error < 0)
|
||||
error = -error;
|
||||
switch (error) {
|
||||
case ENOKEY:
|
||||
return "UNTRUSTED signature";
|
||||
case EKEYREJECTED:
|
||||
return "BAD signature";
|
||||
case EIO:
|
||||
return "IO ERROR";
|
||||
case EBADMSG:
|
||||
return "BAD archive";
|
||||
case ENOMSG:
|
||||
return "archive does not contain expected data";
|
||||
case ENOPKG:
|
||||
return "could not find a repo which provides this package (check repositories file and run 'apk update')";
|
||||
case ECONNABORTED:
|
||||
return "network connection aborted";
|
||||
case ECONNREFUSED:
|
||||
return "could not connect to server (check repositories file)";
|
||||
case ENETUNREACH:
|
||||
return "network error (check Internet connection and firewall)";
|
||||
case ENXIO:
|
||||
return "DNS lookup error";
|
||||
case EREMOTEIO:
|
||||
return "remote server returned error (try 'apk update')";
|
||||
case ETIMEDOUT:
|
||||
return "operation timed out";
|
||||
case EAGAIN:
|
||||
return "temporary error (try again later)";
|
||||
case EAPKBADURL:
|
||||
return "invalid URL (check your repositories file)";
|
||||
case EAPKSTALEINDEX:
|
||||
return "package mentioned in index not found (try 'apk update')";
|
||||
case EAPKFORMAT:
|
||||
return "package file format error";
|
||||
case EAPKDEPFORMAT:
|
||||
return "package dependency format error";
|
||||
case EAPKDBFORMAT:
|
||||
return "database file format error";
|
||||
case ECONNABORTED: return "network connection aborted";
|
||||
case ECONNREFUSED: return "could not connect to server (check repositories file)";
|
||||
case ENETUNREACH: return "network error (check Internet connection and firewall)";
|
||||
case EREMOTEIO: return "remote server returned error (try 'apk update')";
|
||||
case EAGAIN: return "temporary error (try again later)";
|
||||
case APKE_EOF: return "unexpected end of file";
|
||||
case APKE_DNS: return "DNS error (try again later)";
|
||||
case APKE_URL_FORMAT: return "invalid URL (check your repositories file)";
|
||||
case APKE_CRYPTO_ERROR: return "crypto error";
|
||||
case APKE_CRYPTO_NOT_SUPPORTED: return "cryptographic algorithm not supported";
|
||||
case APKE_CRYPTO_KEY_FORMAT: return "cryptographic key format not recognized";
|
||||
case APKE_SIGNATURE_FAIL: return "signing failure";
|
||||
case APKE_SIGNATURE_UNTRUSTED: return "UNTRUSTED signature";
|
||||
case APKE_SIGNATURE_INVALID: return "BAD signature";
|
||||
case APKE_ADB_HEADER: return "ADB header error";
|
||||
case APKE_ADB_SCHEMA: return "ADB schema error";
|
||||
case APKE_ADB_BLOCK: return "ADB block error";
|
||||
case APKE_ADB_SIGNATURE: return "ADB signature block error";
|
||||
case APKE_ADB_NO_FROMSTRING: return "ADB schema error (no fromstring)";
|
||||
case APKE_ADB_LIMIT: return "ADB schema limit reached";
|
||||
case APKE_ADB_DEPENDENCY_FORMAT: return "ADB dependency format";
|
||||
case APKE_ADB_PACKAGE_FORMAT: return "ADB package format";
|
||||
case APKE_V2DB_FORMAT: return "v2 database format error";
|
||||
case APKE_V2PKG_FORMAT: return "v2 package format error";
|
||||
case APKE_V2PKG_INTEGRITY: return "v2 package integrity error";
|
||||
case APKE_V2NDX_FORMAT: return "v2 index format error";
|
||||
case APKE_PACKAGE_NOT_FOUND: return "could not find a repo which provides this package (check repositories file and run 'apk update')";
|
||||
case APKE_INDEX_STALE: return "package mentioned in index not found (try 'apk update')";
|
||||
case APKE_FILE_INTEGRITY: return "file integrity error";
|
||||
case APKE_UVOL: return "uvol error";
|
||||
default:
|
||||
return strerror(error);
|
||||
}
|
||||
|
|
|
@ -13,7 +13,7 @@ static struct apk_trust_key *apk_trust_load_key(int dirfd, const char *filename)
|
|||
r = apk_pkey_load(&key->key, dirfd, filename);
|
||||
if (r) {
|
||||
free(key);
|
||||
return ERR_PTR(-ENOKEY);
|
||||
return ERR_PTR(r);
|
||||
}
|
||||
|
||||
list_init(&key->key_node);
|
||||
|
|
Loading…
Reference in New Issue