Start working on "cute" signatures because why not? Cute signatures are
inspired/ripped of from the signify and minisign design:
Key (URL-Safe, padded base64):
- 2 bytes of version tag (specifies the algorithm)
- 16 bytes of key ID
- Public/Private key (size depending on the version tag)
Signature (raw):
- 2 bytes of version tag (specifies the algorithm)
- Signature depending (size depending on the version tag)
The new scheme uses libsodium and thus the work of
abstracting cryptographic operations from libcrypto should also be
completed. Also, since the key of the signature is provided in the
filename, there shouldn't be a need for ID
There is also the possibility of using epheremal keys for signatures and
sign the package's public key, signature and signing timestamp in the header
such as:
- 2 bytes of version tag
- signing timestamp
- epheremal public key used
- epheremal signature
- signature of the previous sections
for most cases, this replaces APK_DEFAULT_ARCH. if apk-tools is built without
a configured abi-tag, the ABI tag is equivalent to APK_DEFAULT_ARCH, providing
backwards compatibility with apk v2
the /etc/apk/arch configuration file is assumed to actually describe an ABI
tag.
Additioal logic is needed to search objects on array: the object
comparer needs separate modes to match index, template or exact
object template. This should fix mkndx to be able to use old index.
fixes#10828
Ensure not to mask away previously set APK_VERSION_CONFLICT when
serializing.
When deserializing, make sure to actually write out the conflict
flag when no version part is set.
When creating apk_dependency, ensure to set the conflict bit
correctly and mask it off result_mask.
Fixes https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10824
Do not call apk_db_read_layer() or try to process the layer
if APK_OPENF_NO_STATE is specified. It might fail because of
non-existing database directory. Based on patch by Daniel.
fixes commit 9e4dd29f "db: prepare database reading for layers"
Fixes#10821
Reported-and-analyzed-by: Daniel Kolesa <daniel@octaforge.org>
var/cache is also reported to be mounted noexec on hardened
systems. Document some of the issues, and use lib/apk/exec
for the time being. Keep the scripts still in separate directory
from lib/apk so we can just delete directory if needed.
fixes#6591
This reverts most of 0dcbd933 which allowed automatic selection
of package with a "virtual provides" having only one provider.
While convenient, it creates problems if multiple versions of the
same package exist, or if in future other providers would be added
to one of the repositories. This restore the original behaviour,
and improve the error message to tell the user to mention one of
the providers explicitly.
fixes#10810
remove the left over apk_blob_push_fmt() call that corrupted uri and
trim the path end from trailing slashes to get original functionality.
fixes commit be4ce407 "support new index format without attaching arch"
The gzip library can drain all of the input to internal buffers
and still keep providing data even if avail_in is zero. Previously
it was assumed that avail_in != 0 if there is still data expected out,
but this logic breaks near end-of-file for multiple short reads.
Adjust logic to not process end-of-file event too early.
fixes#10809
By default the package architecture is attached to the repository url.
With this commit it is possible to define new indexes ending on `.adb`.
If such index file is detected the packages must be in the same folder
as the index.
Signed-off-by: Paul Spooren <mail@aparcar.org>
'uvol' is installed to /usr/sbin by default. Assume that path if not
set by APK_UVOL environment variable.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
this regression was caused by refactoring of the options handling into the
apk_ctx struct in 354713d2, presumably a little too much innovation with sed
fixes#10799
Aydin Mercan
Timo Teräs
Ariadne Conill