archive: make apk_tar_parse check and close input stream

simplifies other code quite a bit
cute-signatures
Timo Teräs 2020-01-11 09:56:42 +02:00
parent 1de9ef422c
commit f123d77e0b
5 changed files with 26 additions and 54 deletions

View File

@ -138,6 +138,8 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
apk_blob_t pax = APK_BLOB_NULL, longname = APK_BLOB_NULL;
char filename[sizeof buf.name + sizeof buf.prefix + 2];
if (IS_ERR_OR_NULL(is)) return PTR_ERR(is) ?: -EINVAL;
memset(&entry, 0, sizeof(entry));
entry.name = buf.name;
while ((r = apk_istream_read(is, &buf, 512)) == 512) {
@ -262,6 +264,7 @@ ok:
free(pax.ptr);
free(longname.ptr);
apk_fileinfo_free(&entry);
apk_istream_close(is);
return r;
}

View File

@ -652,10 +652,7 @@ int apk_cache_download(struct apk_database *db, struct apk_repository *repo,
is = apk_istream_from_url_if_modified(url, st.st_mtime);
is = apk_istream_tee(is, db->cache_fd, tmpcacheitem, !autoupdate, cb, cb_ctx);
is = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &sctx);
if (!IS_ERR_OR_NULL(is))
r = apk_tar_parse(is, apk_sign_ctx_verify_tar, &sctx, &db->id_cache);
else
r = PTR_ERR(is) ?: -EIO;
apk_sign_ctx_free(&sctx);
} else {
is = apk_istream_from_url_if_modified(url, st.st_mtime);
@ -673,8 +670,8 @@ int apk_cache_download(struct apk_database *db, struct apk_repository *repo,
}
close(fd);
}
}
if (!IS_ERR_OR_NULL(is)) apk_istream_close(is);
}
if (r == -EALREADY) {
if (autoupdate) utimensat(db->cache_fd, cacheitem, NULL, 0);
return r;
@ -1148,7 +1145,6 @@ static void apk_db_triggers_read(struct apk_database *db, struct apk_istream *is
static int apk_db_read_state(struct apk_database *db, int flags)
{
struct apk_istream *is;
apk_blob_t blob, world;
int r;
@ -1173,12 +1169,8 @@ static int apk_db_read_state(struct apk_database *db, int flags)
}
if (!(flags & APK_OPENF_NO_SCRIPTS)) {
is = apk_istream_from_file(db->root_fd, apk_scripts_file);
if (!IS_ERR_OR_NULL(is)) {
apk_tar_parse(is, apk_read_script_archive_entry, db,
&db->id_cache);
apk_istream_close(is);
}
apk_tar_parse(apk_istream_from_file(db->root_fd, apk_scripts_file),
apk_read_script_archive_entry, db, &db->id_cache);
}
return 0;
@ -2189,9 +2181,7 @@ static int load_index(struct apk_database *db, struct apk_istream *is,
ctx.repo = repo;
ctx.found = 0;
apk_sign_ctx_init(&ctx.sctx, APK_SIGN_VERIFY, NULL, db->keys_fd);
is = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx);
r = apk_tar_parse(is, load_apkindex, &ctx, &db->id_cache);
apk_istream_close(is);
r = apk_tar_parse(apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx), load_apkindex, &ctx, &db->id_cache);
apk_sign_ctx_free(&ctx.sctx);
if (r >= 0 && ctx.found == 0)
@ -2753,7 +2743,7 @@ static int apk_db_unpack_pkg(struct apk_database *db,
char **script_args)
{
struct install_ctx ctx;
struct apk_istream *is = NULL, *cache_is, *tar;
struct apk_istream *is = NULL, *cache_is;
struct apk_repository *repo;
struct apk_package *pkg = ipkg->pkg;
char file[PATH_MAX];
@ -2811,10 +2801,8 @@ static int apk_db_unpack_pkg(struct apk_database *db,
.cb_ctx = cb_ctx,
};
apk_sign_ctx_init(&ctx.sctx, APK_SIGN_VERIFY_IDENTITY, &pkg->csum, db->keys_fd);
tar = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx);
r = apk_tar_parse(tar, apk_db_install_archive_entry, &ctx, &db->id_cache);
r = apk_tar_parse(apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx), apk_db_install_archive_entry, &ctx, &db->id_cache);
apk_sign_ctx_free(&ctx.sctx);
apk_istream_close(tar);
if (need_copy) {
if (r == 0) {

View File

@ -87,20 +87,15 @@ static int read_file_entry(void *ctx, const struct apk_file_info *ae,
static void process_file(struct apk_database *db, const char *match)
{
struct apk_sign_ctx sctx;
struct apk_istream *is;
struct manifest_file_ctx ctx = {match, &sctx};
int r;
apk_sign_ctx_init(&sctx, APK_SIGN_VERIFY, NULL, db->keys_fd);
is = apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, match),
apk_sign_ctx_mpart_cb, &sctx);
if (IS_ERR_OR_NULL(is)) {
apk_error("%s: %s", match, strerror(errno));
return;
}
(void) apk_tar_parse(is, read_file_entry, &ctx, &db->id_cache);
apk_istream_close(is);
r = apk_tar_parse(
apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, match), apk_sign_ctx_mpart_cb, &sctx),
read_file_entry, &ctx, &db->id_cache);
apk_sign_ctx_free(&sctx);
if (r < 0) apk_error("%s: %s", match, apk_error_str(r));
}
static void process_match(struct apk_database *db, const char *match, struct apk_name *name, void *ctx)

View File

@ -904,7 +904,6 @@ int apk_pkg_read(struct apk_database *db, const char *file,
{
struct read_info_ctx ctx;
struct apk_file_info fi;
struct apk_istream *is, *tar;
int r;
r = apk_fileinfo_get(AT_FDCWD, file, APK_CHECKSUM_NONE, &fi);
@ -912,23 +911,18 @@ int apk_pkg_read(struct apk_database *db, const char *file,
return r;
memset(&ctx, 0, sizeof(ctx));
ctx.db = db;
ctx.sctx = sctx;
ctx.pkg = apk_pkg_new();
r = -ENOMEM;
if (ctx.pkg == NULL)
goto err;
is = apk_istream_from_file(AT_FDCWD, file);
if (IS_ERR_OR_NULL(is)) {
r = PTR_ERR(is) ?: -EIO;
goto err;
}
ctx.db = db;
ctx.pkg->size = fi.size;
tar = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, sctx);
r = apk_tar_parse(tar, read_info_entry, &ctx, &db->id_cache);
apk_istream_close(tar);
r = apk_tar_parse(
apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, file), apk_sign_ctx_mpart_cb, sctx),
read_info_entry, &ctx, &db->id_cache);
if (r < 0 && r != -ECANCELED)
goto err;
if (ctx.pkg->name == NULL || ctx.pkg->uninstallable) {

View File

@ -20,34 +20,26 @@
static int verify_main(void *ctx, struct apk_database *db, struct apk_string_array *args)
{
struct apk_sign_ctx sctx;
struct apk_istream *is;
char **parg;
int r, ok, rc = 0;
foreach_array_item(parg, args) {
apk_sign_ctx_init(&sctx, APK_SIGN_VERIFY, NULL, db->keys_fd);
is = apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, *parg),
apk_sign_ctx_mpart_cb, &sctx);
if (IS_ERR_OR_NULL(is)) {
if (apk_verbosity >= 1)
apk_error("%s: %s", *parg, strerror(errno));
else
printf("%s\n", *parg);
apk_sign_ctx_free(&sctx);
rc++;
continue;
}
r = apk_tar_parse(is, apk_sign_ctx_verify_tar, &sctx, &db->id_cache);
apk_istream_close(is);
r = apk_tar_parse(
apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, *parg),
apk_sign_ctx_mpart_cb, &sctx),
apk_sign_ctx_verify_tar, &sctx, &db->id_cache);
ok = sctx.control_verified && sctx.data_verified;
if (apk_verbosity >= 1)
apk_message("%s: %d - %s", *parg, r,
r < 0 ? apk_error_str(r) :
ok ? "OK" :
!sctx.control_verified ? "UNTRUSTED" : "FAILED");
else if (!ok)
printf("%s\n", *parg);
if (!ok)
rc++;
apk_sign_ctx_free(&sctx);
}