Start working on "cute" signatures because why not? Cute signatures are
inspired/ripped of from the signify and minisign design:
Key (URL-Safe, padded base64):
- 2 bytes of version tag (specifies the algorithm)
- 16 bytes of key ID
- Public/Private key (size depending on the version tag)
Signature (raw):
- 2 bytes of version tag (specifies the algorithm)
- Signature depending (size depending on the version tag)
The new scheme uses libsodium and thus the work of
abstracting cryptographic operations from libcrypto should also be
completed. Also, since the key of the signature is provided in the
filename, there shouldn't be a need for ID
There is also the possibility of using epheremal keys for signatures and
sign the package's public key, signature and signing timestamp in the header
such as:
- 2 bytes of version tag
- signing timestamp
- epheremal public key used
- epheremal signature
- signature of the previous sections
This options is useful for (post)install scripts to run with the same
environment variables as apk is executed.
[TT: minor stylistic changes]
Signed-off-by: Paul Spooren <mail@aparcar.org>
- basic digesting and signing apis (subject still to fine tuning)
- update digest code, and adb signing for the thin wrapping layer
- old v1 package and database handling not updated
- default mkpkg file hash to sha256
ref #10744
The progress bar requires the terminal emulator to support ANSI escape
sequences. Normally, TERM is set to dumb to indicate that the terminal
emulator doesn't support any ANSI escape sequences. Attempting to use
ANSI escape sequences on dumb terminals will lead to weird output. In
order to make apk work by default, even on dumb terminals, this commit
introduces an additional check which consults $TERM and disables the
progress bar if it is set to "dumb".
This adds a log file at /var/log/apk.log. On each run, apk's version
information and the current date & time are written to this file,
followed by any normal apk output.
(De)initialization is deprecated under OpenSSL 1.0 and above.
[TT: Some simplifications, and additional edits.]
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The new v3 applets don't use it, and eventually all applets will
use the new formats only.
This prepares the code for this, and moves trust, id_cache, and
root_fd to apk_ctx which is enough for v3 applets at this time.
The generic code is made to not initialize apk_database if it's
not needed.
This is a flat buffers inspired format that allows fast
mmaped access to the data with low overhead, signature support
and relatively good forward support.
This uses some macro trickery to make sure that there's one-to-one
mapping with the option index enum and the descriptor. The down
side is that enum's are generated via #define's and editors might
not pick them up for auto completion, but the benefits are more:
it's no longer possible have mismatching enum value and descriptor
index, and the amount of source code lines is less.
This greatly helps with memory management on applications that
may want to daemonize and open/close database several times.
Also the lifetime and "owner" of memory for all data is now
explicitly bound to owning struct apk_database, which might
be helpful when writing language bindings. As side effect, the
interned "atoms" are unique only within what apk_database, so
comparing packages from different apk_database may not work
as expected.
Fixes#10697
This reduces the number of relocations on PIE binaries, and also
reduces the executable size. Parsing of the options is slightly
sped up as only the exact matching option group parser is called.
This creates main help like:
--
usage: apk [<OPTIONS>...] COMMAND [<ARGUMENTS>...]
Package installation and removal:
add Add packages to WORLD and commit changes
del Remove packages from WORLD and commit changes
System maintenance:
fix Check WORLD against the system and ensure consistency
update Update repository indexes
upgrade Install upgrades available from repositories
cache Commands related to the management of an offline package cache
Querying package information:
info Give detailed information about packages or repositories
list List packages matching a pattern or other criteria
dot Generate graphviz graphs
policy Show repository policy for packages
Repository maintenance:
index Create repository index file from packages
fetch Download packages from global repositories to a local directory
manifest Show checksums of package contents
verify Verify package integrity and signature
Miscellaneous:
audit Audit directories for changes
stats Show statistics about repositories and installations
version Compare package versions or perform tests on version strings
This apk has coffee making abilities.
--
And applet specific help like:
--
usage: apk add [<OPTIONS>...] PACKAGES...
Description:
apk add adds the requested packages to WORLD and installs (or upgrades)
them if not already present, ensuring all dependencies are met.
Options:
--initdb Initialize a new package database
-l, --latest Disables normal heuristics for choosing which repository to install a
-u, --upgrade When adding packages which are already installed, upgrade them rather
-t, --virtual NAME
Instead of adding the specified packages to WORLD, create a new
--no-chown Do not change file owner or group
--
Add also some testing to make sure help, long help and handling
of invalid arguments works as expected.
Based on pull request #19 originally by Laurent Arnoud (@spk).
merge_options() will write one more entry to the options table
which is the end-of-table indicator. Allocate memory for it too.
valgrind did not pick it up due to being in stack; changing alloca
to malloc would make valgrind notice the issue too.
Reported-by: Mobile Stream <info@mobile-stream.com>
Most applets return whatever apk_solver_commit() returns. It is the
number of errors found (or negative for hard error). Sanitize the
error value to not give false success exit code in the unlikely case
of errors % 256 == 0.
Reported-by: Max Justicz <max@justi.cz>
This modifies apk cache for indexes to be automatically refreshed
periodically without explicit 'update' or '--update-cache' usage.
The default is to do if-modified-since request if the local copy
is older than 4 hours. This age can be changed with --cache-max-age.
Using --update-cache will change this age to 60 seconds to make
sure the cached copy is relatively new. The small age is in order
to try to avoid downloading indexes second time when apk-tools is
upgraded and apk re-execs after self-upgrade.
Accordingly using explicitly 'apk update' will now enforce
--force-refresh and request the very latest index by requesting
any potential http proxy to do refresh too.
This unloads --force as several of the things are really not wanted
together. E.g. --force-refresh is a lot different from --force-broken-world
and doing --force to get the other might introduce unwanted behaviour.
--force is still kept for backwards compatibility and it enables
most things --force was used for.
Aydin Mercan
Ariadne Conill
Timo Teräs