Commit Graph

1313 Commits (3b00c0dc808f4b6c3809c91a67709ca2d7bf8865)

Author SHA1 Message Date
Timo Teräs 6996b1ea75 io: use proper base struct types for method implementations 2019-12-18 10:00:29 +02:00
nrybowski 695a2f8231 upgrade: implement --ignore to exclude some packages from upgrade 2019-12-12 13:47:11 +02:00
Fredrik Gustafsson cfa8b736f8 Don't unpack files to system root
When unpacking a file that is in root, it got a temporary file
name /.apk...  however if the --root option was used it should
have the name root/.apk... otherwise unpacking will fail if the
user does not have write access to /.

Signed-off-by: Fredrik Gustafsson <fredrigu@axis.com>
2019-11-22 14:41:55 +02:00
Fredrik Gustafsson 7f80a936b2 Add debian to CI builds
Replace dash (default sh) with bash to make tests work.
2019-11-21 10:30:53 +01:00
Fredrik Gustafsson b34b32adf6 Add CI testing, run compile and test on push 2019-11-20 12:09:22 +01:00
Max Rees 800488a1ef add: always use UTC for virtual package versions 2019-11-18 16:46:57 +01:00
Fredrik Gustafsson f8d5aa58f9 Make tests pass and introduce a memory leak
Since 37fbafcd92 the tests hasn't worked
since a string on the stack was added as version for a virtual package.
Instead create the version string on the heap and then simply leak it.
A short running program as apk shouldn't need to worry about memory
leaks.
2019-11-18 16:18:24 +01:00
Jakub Jirutka c635c04669 travis: fix dependencies to match v3.10 instead of edge 2019-11-13 13:19:31 +01:00
Jakub Jirutka e26b364692 travis: update dependencies 2019-11-13 13:12:27 +01:00
Jakub Jirutka 3747525d40 travis: update alpine-chroot-install to 0.11.0 2019-11-13 13:00:16 +01:00
Jakub Jirutka 34725ce95c travis: change dist to bionic 2019-11-13 13:00:10 +01:00
Timo Teräs b45415b109 add: fix virtual package id generation
Fixes 37fbafcd by adding more input to the hash than just second
grained time stamp - collisions would happen when running apk
scripted.

For virtual package the hash works only as unique identifier, so
try to add elements that should make it unique in most cases.

Fixes #10648
2019-07-02 15:27:57 +03:00
Timo Teräs da41ae5a25 apk-tools-2.10.4 2019-06-05 15:34:16 +03:00
Timo Teräs 4494d5450f reset TZ when running solver tests as some output has local time
Fixes commits 37fbafcd and 1c47f374.
2019-06-05 10:10:17 +03:00
Timo Teräs 366d0ee371 print usage and exit with error on invalid arguments
Add also some testing to make sure help, long help and handling
of invalid arguments works as expected.

Based on pull request #19 originally by Laurent Arnoud (@spk).
2019-06-05 09:56:13 +03:00
Timo Teräs c3a93a4aa5 fix all applets to return -ENOTSUP if it's unrecognized
The return -1 seems to have been left over from earlier code, and
could have been treated as -EPERM. This helps to fix the other command
line handling that potentially require changing.
2019-06-05 09:32:29 +03:00
Timo Teräs b0be9f610c solver: fix common dependency merging to inherit pinning and flags
Notably this fixes occasional issues when doing upgrade with multiple
versions of same packages. Without this the upgrade flag is not always
propagated properly down the dependency chain.
2019-06-05 08:51:00 +03:00
Timo Teräs 1c47f37443 use fixed system time in test mode to have fixed test output
fixes test suite regression from previous commit
2019-06-03 16:19:17 +03:00
Timo Teräs 37fbafcd92 add: make virtual packages upgradeable (ref #9957)
Originally the virtual packages could have dependencies added to it.
However, commit b06e3b99 broke this behaviour to fix error reporting.
The root cause however was that the virtual depedency package was not
properly versioned.

This fixes to use current date/time as the package version, and
constructs the "faked" package hash from it. This effectively makes
"add -t virtpkg deps.." replace the dependencies which should be the
desired behaviour for "abuild deps".

'world' dependency to the generated virtual package is also now
versioned to make sure it get's upgraded.
2019-06-03 09:33:43 +03:00
Ian Douglas Scott d901444ec9 Fix compile with glibc 2019-05-28 13:07:50 +03:00
A. Wilcox 84941a5967 list: Detect orphaned packages correctly
BIT(1) corresponds with decimal 2, which is the first available repository.

Before this fix, `apk list -O` would list every package installed from the
first available repository, which is the 'system' repository on most Adélie
Linux computers.

After this fix, `apk list -O` correctly lists only the packages which are
no longer available.
2019-05-01 18:56:43 +03:00
Timo Teräs 44daf80873 fix strncpy bounds errors
error: 'strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation]

Based on patch by Elan Ruusamäe <glen@delfi.ee>
2019-02-13 16:05:27 +02:00
Elan Ruusamäe 86922d1a34 include sys/sysmacros.h for makedev definition 2019-02-13 15:32:22 +02:00
Natanael Copa 947baeea18 fetch: fix error message for --recursive
Give error message for `apk fetch --recursive missing`
2019-01-10 09:29:35 +01:00
Timo Teräs e2b4bde4bd apk-tools-2.10.3 2018-11-15 15:09:07 +02:00
Timo Teräs bd8967bcb7 Revert "move --simulate to global options"
This reverts commit 358f703b76.

The short option -s conflicts info --size and fetch --stdout.
Revert this for now.
2018-11-15 12:03:51 +02:00
Timo Teräs 0565e9bb05 fix orphan package handling for certain provides cases 2018-11-12 15:00:14 +02:00
Timo Teräs 47570f80e9 prefer selecting packages by their primary name 2018-11-12 14:16:36 +02:00
Timo Teräs a86c8ed082 fix package preference based on it's conflicts in --latest mode
remove also redundant pkg_selectable check in repair mode.
2018-11-12 13:20:14 +02:00
Timo Teräs 8fa193ecda apk-tools-2.10.2 2018-11-09 10:41:45 +02:00
Timo Teräs c3fe426da0 fix short option string to be nil terminated 2018-11-02 17:42:46 +02:00
Timo Teräs b06e3b991d fix error reporting for virtual package addition
Move addition of virtual package after the dependencies have been parsed
as then the reverse dependency structers can be populated correctly.
2018-11-02 17:41:34 +02:00
Timo Teräs 31338affc2 don't report virtual packages as masked 2018-11-02 17:12:20 +02:00
Timo Teräs 22abda2af4 inhibit printing same 'required by' dependency multiple times
this would happen if same package matched multiple times due to
multiple provided names.
2018-11-02 15:40:53 +02:00
Timo Teräs 59271f8c13 print: don't print spurious newlines 2018-11-02 15:40:45 +02:00
Timo Teräs f38d1f74af fix xattr hash to be sha1
The hash type was accidentally changed in previous commit. Currently
csum->data cannot hold longer hash, so fix the hash.
2018-10-30 18:26:10 +02:00
Timo Teräs beab8545eb add support for openssl 1.1 2018-10-26 08:22:08 +03:00
Timo Teräs 40ffdfe623 apk: fix all_options array size off-by-one
merge_options() will write one more entry to the options table
which is the end-of-table indicator. Allocate memory for it too.
valgrind did not pick it up due to being in stack; changing alloca
to malloc would make valgrind notice the issue too.

Reported-by: Mobile Stream <info@mobile-stream.com>
2018-10-05 09:45:02 +03:00
Timo Teräs 0e3be0fd4a cache: support --latest and --upgrade to affect download policy 2018-09-25 13:07:42 +03:00
Timo Teräs 358f703b76 move --simulate to global options
there are several applets that support simulation but are not
committing changes to database
2018-09-25 13:06:40 +03:00
Timo Teräs 4c6fc81474 add: add --latest flag to help analyze why upgrade fails 2018-09-11 10:34:14 +03:00
Timo Teräs 11bd821c69 apk-tools-2.10.1 2018-09-10 11:04:03 +03:00
Timo Teräs 6484ed9849 rework unpacking of packages and harden package file format requirements
A crafted .apk file could to trick apk writing unverified data to
an unexpected file during temporary file creation due to bugs in handling
long link target name and the way a regular file is extracted.

Several hardening steps are implemented to avoid this:
 - the temporary file is now always first unlinked (apk thus reserved
   all filenames .apk.* to be it's working files)
 - the temporary file is after that created with O_EXCL to avoid races
 - the temporary file is no longer directly the archive entry name
   and thus directly controlled by potentially untrusted data
 - long file names and link target names are now rejected
 - hard link targets are now more rigorously checked
 - various additional checks added for the extraction process to
   error out early in case of malformed (or old legacy) file

Reported-by: Max Justicz <max@justi.cz>
2018-09-10 10:59:39 +03:00
Robert Hencke b11f9aa928 add .mailmap to consolidate git shortlog
Consolidate author information, so that tools like 'git shortlog' show
a single entry for each author.
2018-09-10 09:19:01 +03:00
Timo Teräs e4f54cfe66 libfetch: do not give out user/hostname as ftp anonymous password
This is unwanted information disclosure.

Reported-by: Max Justicz <max@justi.cz>
2018-09-05 10:32:00 +03:00
Timo Teräs 7b654e1254 apk: sanitize return value
Most applets return whatever apk_solver_commit() returns. It is the
number of errors found (or negative for hard error). Sanitize the
error value to not give false success exit code in the unlikely case
of errors % 256 == 0.

Reported-by: Max Justicz <max@justi.cz>
2018-09-05 10:21:22 +03:00
Natanael Copa 13c534db77 prevent automatic repository index update with --no-network
We should not update repository index when --no-network is specified.

ref #9126
2018-08-21 12:25:37 +00:00
Jesse Young 1d55b9488f archive: enable FIFO extraction 2018-08-14 23:27:08 +03:00
Timo Teräs e1a05c74cb prevent automatic repository index update for 'apk del'
ref #9063
2018-07-18 13:29:13 +03:00
Jussi Kukkonen d609ef3c6c Invalidate id cache after script execution
It's common for a pre-install script to do something like
    addgroup -S group 2>/dev/null
When apk installs files after this, it sets the owner/group based on id cache
but currently the id cache is stale and doesn't contain the new group at that
point: instead the file will be installed with gid that the build host
happened to have for that group -- on target this might mean a non-existing
group or a completely different group.

We can't know if the script really did modify id cache contents so make sure
to reset the id cache on every script execution.
2018-07-02 10:06:53 -05:00