Commit Graph

1071 Commits (6484ed9849f03971eb48ee1fdc21a2f128247eb1)

Author SHA1 Message Date
Timo Teräs 8e7fd3e06f solver: fix potential install_if processing failure, fixes #8237
In discovery phase, there was logic to not process packages
multiple times. However, that logic failed to account the package's
depth and install_if state for the name being processed. This
caused install_if processing failure in certain topologies of the
dependency graph. Adds also a test case that should catch this
issue reliably.
2017-12-12 15:16:52 +02:00
Nils Andreas Svee 0700e8318f add detection of mips archs 2017-12-11 09:02:50 +02:00
Timo Teräs 97d8aab0c2 fetch: print additional error diagnostics in verbose mode 2017-11-28 14:25:38 +00:00
William Pitcock 20ae27c1da solver: prefer highest requirer count above installed status
This ensures a swap is emitted when replacing a virtual with
apk add.
2017-11-02 17:15:00 +00:00
William Pitcock 6aabb96c20 solver: fix dbg_printf() call in select_package() 2017-11-02 17:14:18 +00:00
William Pitcock 0a17a648db solver: only select a default if there is at least one provider with a declared provider_priority 2017-11-02 16:31:50 +00:00
William Pitcock 9165aa3894 solver: instead of tracking selected packages, score by requirer count for tiebreaking 2017-11-02 16:24:09 +00:00
William Pitcock f18c708183 solver: implement support for choosing default virtuals
By introducing a new package metadata field, `provider_priority`
(index letter `k`), we can specify default packages to satisfy a
virtual.

If a user wishes to select an alternative provider for the virtual,
a changeset swapping the default provider for the selected provider
will be generated by the dependency resolver.
2017-11-02 03:08:24 +00:00
Timo Teräs ee3740fcc6 apk-tools-2.8.1 2017-10-27 16:12:05 +03:00
Timo Teräs 7cdeaa6a2e build: add 'make tag' 2017-10-27 16:11:57 +03:00
Timo Teräs e03716ff3b solver: consider virtual provides to exclude non-provides transitively
this fixes package selection when a 'real' package exists, but would
need to be provided by another package with 'virtual provides'.

In current package database this can happen with postgresql which is
also provided by postgresql-bdr. Normally postgresql would be satisfied
by postgresql, but if any package depends on postgresql-bdr and there's
no versioned dependency on postgresql this will help apk figure out
that postgresql-bdr should be used.
2017-10-27 15:20:03 +03:00
Timo Teräs 2f3c842049 io: fix skip and splice to detect unexpected end-of-file 2017-10-12 13:35:46 +03:00
Timo Teräs 97e4d0531f db: handle default root correctly for /proc
dbopts->root may be null; use db->root instead

fixes #7162
2017-10-10 11:39:38 +03:00
Timo Teräs 342909da68 apk-tools-2.8.0 2017-10-06 19:08:49 +03:00
Timo Teräs 0d814ba35b libfetch: fix certificate host name check
OpenSSL allows passing zero-length to indicate "use strlen".
LibreSSL requires using the real length always, so pass the length.
2017-10-06 18:09:37 +03:00
Timo Teräs eb8f44d629 libfetch: improve openssl/libressl compatibility
X509_check_host() is introduced in libressl-2.5.0 and openssl-1.0.2
which are not yet universally available. Add support for building
against the older versions.
2017-10-06 13:25:27 +03:00
Timo Teräs 52fd85a8dc libfetch: improve ssl connections
loosely based on the freebsd implementation, implement https
connection settings to override CA, and use client certificate.

new files supported in /etc/apk/:
  ca.pem   - if exists, it contains CAs acceptable for https
	     (otherwise system wide CAs are used)
  crl.pem  - if ca.pem is used, this is the (optional) CRL for it
  cert.pem - used as client authentication certificate (+ key)
  cert.key - used as client key (can be also inside cert.pem)
2017-10-05 16:59:14 +03:00
Timo Teräs 531fea4c90 libfetch: remove unwanted code conditionals 2017-10-05 16:59:14 +03:00
Timo Teräs f6860e0e11 libfetch: fix ssl context leak
from freebsd
2017-10-05 16:59:14 +03:00
Timo Teräs 86436fce2f build and use bundled libfetch natively 2017-10-05 16:59:14 +03:00
Timo Teräs 9dc6278c7b import libfetch-2.38 from NetBSD
ftp://ftp.fu-berlin.de/unix/NetBSD/packages/current-src/pkgsrc/net/libfetch/files

libfetch comes (at least) in netbsd and freebsd flavors which
differing functionality. Alpine and Arch package netbsd one,
but it's not widely packaged across other distributions.

We need NetBSD version as it does not use funopen(3) which is not
supported in musl, and supports connection pooling.

FreeBSD seems to be the orignal and better maintained version
with support for SSL CAs, client certificate authentication,
proxy authentication, and improved http redirect handling.

So this imports NetBSD version, and future commits will pick up
the needed improvements from FreeBSD tree.

Incidentally, this also fixes #7857 and likes for good.
2017-10-05 16:58:09 +03:00
Timo Teräs 8f0938a056 package: remove package script after use (fixes #7974)
this is a regression introduced in commit 349c61c9
("add support for pre and post commit hooks")
2017-10-04 16:56:07 +03:00
Damiano Albani 806a476190 info: fix typo in help 2017-09-27 18:01:07 +03:00
Timo Teräs e6e90a6463 commit: proper singular/plural for 'error(s)' in commit message
based on github pull request #5
2017-08-23 09:03:35 +03:00
Dmitry Golovin 16336ba265 fix comparison of unsigned expression < 0 is always false
found by clang
2017-08-23 08:56:44 +03:00
Dmitry Golovin 04003569c5 make preprocessor arguments clang-compatible 2017-08-23 08:54:00 +03:00
Dmitry Golovin c099018e01 use labs istead of abs with long argument 2017-08-23 08:54:00 +03:00
A. Wilcox 8221be3569 index: Only rewrite arch if no error is encountered 2017-07-29 01:57:55 +00:00
A. Wilcox 13747fab83 database: include POSIX header for ST_* defines 2017-07-29 01:57:34 +00:00
Jakub Jirutka 1a52c1e4bd travis: notify on IRC 2017-07-25 23:25:52 +02:00
Timo Teräs 677d3240a8 tar: use standard header prefix
APKs have been created with GNU tar so far, which uses the
GNU extensions for long names. In order to increase portability
support the standard header's 'prefix' portion in case
the GNU extensions are not present.
2017-06-26 14:29:29 +03:00
Timo Teräs 51ec463e9d db: fix current directory instance caching in tar extraction
Depending how the directory entries are ordered, the cached dir
instance might not have been updated correctly. This has not been
a problem as the entries have been ordered, but is now triggered
on ppc.
2017-06-26 10:59:37 +03:00
A. Wilcox 17dd532e42 database: mark error on renameat failure 2017-06-26 10:32:38 +03:00
Jakub Jirutka 6f9dd59098 travis: deploy tarballs with static binary to GH Releases
The main usage is for alpine-chroot-install and similar scripts, so it
can depend on specific *persistent* version.
2017-06-23 20:54:16 +02:00
Jakub Jirutka 43e0656c1a travis: update alpine-chroot-install to 0.5.1 2017-06-23 18:30:57 +02:00
Timo Teräs 4d9c0c39b0 io: make io vtables const struct, and add accessors for them
This reduces function pointers in heap, and unifies how the
io functions are called.
2017-06-23 10:07:44 +03:00
Timo Teräs ca9d476ba3 archive: validate reading of pax and gnu long filename extensions
Detect properly if the file stream gets an error during these
read operations.

Reported-by: Ariel Zelivansky from Twistlock
2017-06-23 10:07:44 +03:00
Timo Teräs 6b9a07d1ad archive: fix incorrect bounds checking for memory allocation
The value from tar header is unsigned int; keep it casted to
unsigned int and size_t instead of (signed) int, otherwise
the comparisons fail to do their job properly. Additionally check
entry.size against SSIZE_MAX so the rounding up later on is
guaranteed to not overflow.

Fixes CVE-2017-9669 and CVE-2017-9671.
Reported-by: Ariel Zelivansky from Twistlock
2017-06-23 10:07:44 +03:00
William Pitcock 5d439c4739 Revert "version: consider pkg-rX and pkg to be the same version"
This reverts commit ee5ce7284a.
2017-06-23 06:59:13 +00:00
Jakub Jirutka 640a79084a gitignore: exclude files generated by root-tests 2017-06-11 12:49:00 +02:00
Jakub Jirutka f5872a74e8 test: modernize testing APKBUILDs 2017-06-11 12:49:00 +02:00
Jakub Jirutka fd8d3738fe test: fix test4.sh, script failure is non-fatal
This behaviour has been changed in: 7d5cd2c8a0.
2017-06-11 12:27:00 +02:00
Jakub Jirutka 4d1934f69b test: fix running root-tests with QEMU user-mode emulation
Variable QEMU_EMULATOR is set by enter-chroot script from
alpine-chroot-install.
2017-06-11 12:14:41 +02:00
Jakub Jirutka 73423fc182 test: run test*.sh with set -x 2017-06-11 12:14:41 +02:00
Jakub Jirutka 12c71704d0 test: fix test6.sh, vmlinuz and initramfs are not symlinks 2017-06-11 12:14:41 +02:00
Jakub Jirutka 419e51638c test: fix test6.sh, replace linux-grsec w/ linux-vanilla, add alpine-keys 2017-06-11 12:14:41 +02:00
Jakub Jirutka 69c343afb9 test: exit with non-zero status when some root-test fail 2017-06-11 12:14:41 +02:00
Jakub Jirutka d6ef8fbe23 test: print output log when test fail 2017-06-11 12:14:40 +02:00
Jakub Jirutka dfe395e8fa test: fix invalid SYSREPO with http://nl.a.o 2017-06-11 12:14:40 +02:00
Jakub Jirutka 9b0359f69a test: fix target $(repos), APKINDEX is now generated by abuild 2017-06-11 12:14:40 +02:00