Commit Graph

1226 Commits (dac30d50497214c8722a57ee1ae8d3c369babe38)

Author SHA1 Message Date
Timo Teräs 40ffdfe623 apk: fix all_options array size off-by-one
merge_options() will write one more entry to the options table
which is the end-of-table indicator. Allocate memory for it too.
valgrind did not pick it up due to being in stack; changing alloca
to malloc would make valgrind notice the issue too.

Reported-by: Mobile Stream <info@mobile-stream.com>
2018-10-05 09:45:02 +03:00
Timo Teräs 0e3be0fd4a cache: support --latest and --upgrade to affect download policy 2018-09-25 13:07:42 +03:00
Timo Teräs 358f703b76 move --simulate to global options
there are several applets that support simulation but are not
committing changes to database
2018-09-25 13:06:40 +03:00
Timo Teräs 4c6fc81474 add: add --latest flag to help analyze why upgrade fails 2018-09-11 10:34:14 +03:00
Timo Teräs 11bd821c69 apk-tools-2.10.1 2018-09-10 11:04:03 +03:00
Timo Teräs 6484ed9849 rework unpacking of packages and harden package file format requirements
A crafted .apk file could to trick apk writing unverified data to
an unexpected file during temporary file creation due to bugs in handling
long link target name and the way a regular file is extracted.

Several hardening steps are implemented to avoid this:
 - the temporary file is now always first unlinked (apk thus reserved
   all filenames .apk.* to be it's working files)
 - the temporary file is after that created with O_EXCL to avoid races
 - the temporary file is no longer directly the archive entry name
   and thus directly controlled by potentially untrusted data
 - long file names and link target names are now rejected
 - hard link targets are now more rigorously checked
 - various additional checks added for the extraction process to
   error out early in case of malformed (or old legacy) file

Reported-by: Max Justicz <max@justi.cz>
2018-09-10 10:59:39 +03:00
Robert Hencke b11f9aa928 add .mailmap to consolidate git shortlog
Consolidate author information, so that tools like 'git shortlog' show
a single entry for each author.
2018-09-10 09:19:01 +03:00
Timo Teräs e4f54cfe66 libfetch: do not give out user/hostname as ftp anonymous password
This is unwanted information disclosure.

Reported-by: Max Justicz <max@justi.cz>
2018-09-05 10:32:00 +03:00
Timo Teräs 7b654e1254 apk: sanitize return value
Most applets return whatever apk_solver_commit() returns. It is the
number of errors found (or negative for hard error). Sanitize the
error value to not give false success exit code in the unlikely case
of errors % 256 == 0.

Reported-by: Max Justicz <max@justi.cz>
2018-09-05 10:21:22 +03:00
Natanael Copa 13c534db77 prevent automatic repository index update with --no-network
We should not update repository index when --no-network is specified.

ref #9126
2018-08-21 12:25:37 +00:00
Jesse Young 1d55b9488f archive: enable FIFO extraction 2018-08-14 23:27:08 +03:00
Timo Teräs e1a05c74cb prevent automatic repository index update for 'apk del'
ref #9063
2018-07-18 13:29:13 +03:00
Jussi Kukkonen d609ef3c6c Invalidate id cache after script execution
It's common for a pre-install script to do something like
    addgroup -S group 2>/dev/null
When apk installs files after this, it sets the owner/group based on id cache
but currently the id cache is stale and doesn't contain the new group at that
point: instead the file will be installed with gid that the build host
happened to have for that group -- on target this might mean a non-existing
group or a completely different group.

We can't know if the script really did modify id cache contents so make sure
to reset the id cache on every script execution.
2018-07-02 10:06:53 -05:00
Sören Tempel 5c4b90dfd4 list: fix segmentation fault with virtual packages
Virtual packages have the origin pointer set to NULL. Trying to print it
using the BLOB_PRINTF macros causes a segmentation fault.

Inspired by the `print_origin_name` function from `src/search.c` this
commit attempts to fix it by checking whether `pkg->origin` is NULL
before attempting to print it. If it is NULL the pkg name is printed
instead.

Since printing the pkg name requires a different format string this
commit splits the printf call for printing the package line into
multiple ones. The output format shouldn't have changed at all though.
2018-07-02 08:52:22 -05:00
Natanael Copa 6685909777 apk-tools-2.10.0 2018-06-24 17:52:33 +00:00
Timo Teräs 430c78c506 apk-tools-2.10.0_rc1 2018-06-14 22:53:04 +03:00
Timo Teräs 7561a501b4 fetch: ignore conflicts when solving --recursive fetches 2018-06-14 20:40:05 +03:00
Natanael Copa 611172b7a9 fetch: include install_if dependencies with --recursive
Run apk_solver_solve once with all args as dependencies instead of
running apk_solver_solve for each arg. This is neccesary so the
install_if calculation is done correctly.
2018-06-14 18:55:06 +03:00
Edan Bedrik dafbb1c4f4 url: return relevant error value from apk_istream_fetch 2018-05-08 22:44:23 +03:00
Timo Teräs 258519b1cd db: fix refreshing index if time is zero
During netboot on systems without RTC, time() will be near zero,
and the index fill not exist. Thus the plain test of st.st_mtime
against system time failed. Verify that fstatat() succeeds.
2018-04-05 09:57:17 +03:00
William Pitcock 0dcbd933c8 solver: allow names with only one provider to be autoselected regardless of priority 2018-02-21 15:35:53 +00:00
William Pitcock fa762cd476 tests: make sure adding a pinning to a child dependency fails 2018-02-20 22:22:52 +00:00
William Pitcock a5d9e2eb0a add: child dependencies can never take a pinning, give a useful error 2018-02-20 22:22:02 +00:00
William Pitcock dc7298122e apk: in test mode, always exit 0 (so the test harness doesn't stop running tests) 2018-02-20 22:21:27 +00:00
Jakub Jirutka 2678bad4a5 travis: update alpine-chroot-install to 0.7.0 2018-02-09 01:22:56 +01:00
A. Wilcox 36f5cf8e4b libfetch: support OpenSSL
TLS_client_method is a LibreSSL extension.
SSLv23_client_method is generic, and doesn't mean SSL v2/v3 only.
2018-01-31 20:04:46 +00:00
William Pitcock d52285c9aa list: use `apk list --providers` to search virtual providers instead of enabling virtuals by default 2018-01-29 03:17:07 +00:00
William Pitcock d379edd5bf search: remove from APK_COMMAND_GROUP_QUERY
list does everything search does and more
2018-01-29 03:03:15 +00:00
William Pitcock 3334624cd1 list: add option to match against real names only instead of providers 2018-01-29 02:59:39 +00:00
William Pitcock 368b8b6725 list: add --depends option for searching based on rdepends 2018-01-29 02:55:29 +00:00
William Pitcock 8fcb57bf0f list: refactor package dumping vs package filtering 2018-01-29 02:39:39 +00:00
William Pitcock 900548db0e test: fix test6 testcase 2018-01-29 00:10:35 +00:00
William Pitcock fff8bfa588 list: new applet
The list applet provides a convenient way of inspecting both the available
and installed package databases by listing their contents.  In some ways,
it is similar to `apk search` but is considered to be a superset of
`apk search` functionality.

A few `apk list` criterion are not yet ready though, such as `apk list --depends`
which searches by runtime dependency (replacing `apk info --rdepends`).
2018-01-28 23:55:29 +00:00
William Pitcock 5da4dec2a2 apk: make --help --verbose actually work. 2018-01-09 17:07:22 +00:00
William Pitcock 182bfa0a9f apk: properly error out if an unknown command is requested 2018-01-09 17:07:22 +00:00
William Pitcock 1777040cc5 apk: commit options help text: fix typo concerning diskless boot 2018-01-09 17:07:22 +00:00
William Pitcock abf7c2838b apk: usage: cleanup help text when no applet is selected 2018-01-09 17:07:13 +00:00
Timo Teräs 118f29c895 fix --update-cache help to reflect reality
Internally the value is in seconds, but on command line it's in
minutes.
2018-01-09 10:32:03 +02:00
Timo Teräs dc701b83a7 apk-tools-2.9.1 2018-01-08 16:09:49 +02:00
Timo Teräs 5f7dcadc69 auto-update index only when database is opened for writing 2018-01-08 11:56:48 +02:00
Timo Teräs d0a25d670a increase libfetch connection pool limits slightly 2018-01-04 11:08:30 +02:00
Timo Teräs 8a28c6d0d4 enable automatic update of indexes controlled by --cache-max-age
This modifies apk cache for indexes to be automatically refreshed
periodically without explicit 'update' or '--update-cache' usage.

The default is to do if-modified-since request if the local copy
is older than 4 hours. This age can be changed with --cache-max-age.
Using --update-cache will change this age to 60 seconds to make
sure the cached copy is relatively new. The small age is in order
to try to avoid downloading indexes second time when apk-tools is
upgraded and apk re-execs after self-upgrade.

Accordingly using explicitly 'apk update' will now enforce
--force-refresh and request the very latest index by requesting
any potential http proxy to do refresh too.
2018-01-04 10:56:09 +02:00
Timo Teräs 2da67940d5 url: add "Cache-Control: no-cache" header with --force-refresh
fixes #8161
2018-01-03 16:00:38 +02:00
Timo Teräs 039ff3bd46 split --force to several --force-[type] options
This unloads --force as several of the things are really not wanted
together. E.g. --force-refresh is a lot different from --force-broken-world
and doing --force to get the other might introduce unwanted behaviour.

--force is still kept for backwards compatibility and it enables
most things --force was used for.
2018-01-03 16:00:38 +02:00
Timo Teräs f90af35e9c libfetch: add option to set "Cache-Control: no-cache"
ref #8161
2018-01-03 14:25:07 +02:00
Henrik Riomar e0eff8742f add new umbrella flag --initramfs-diskless-boot
This flag enables a group of options used during initramfs tmpfs
initial install.
2018-01-03 14:21:40 +02:00
Henrik Riomar 23cb104775 add new flag --no-commit-hooks
This flag skips running hook scripts

This flag *must* be used during initramfs tmpfs initial install.
The reason that this new flag is needed is that the hooks will currently
always fail as musl and /bin/sh is missing at this stage on diskless.
2018-01-03 14:20:58 +02:00
Timo Teräs 99e7bb93df libfetch: honor https_proxy variable for https
fixes #8160
2018-01-03 10:43:31 +02:00
Timo Teräs b0fcc56f22 db: fix triggers to report deleted directories
This change just changes to keep deleted directory items in
the hash with ref count zero and modified flag set. Those entries
are reused when needed. The side effect is that fire_triggers()
will now see those removed direcotries and reports them. Other
enumerators of the directories hash are protected to skip removed
directories when appropriate.
2018-01-03 09:31:10 +02:00
Timo Teräs 8ee79c72b2 apk, del: fix few memory leaks
This fixes couple of valgrind reported leaks - though they are
non-important since the leak happens on "exit" only and kernel
frees it anyway.
2018-01-03 09:30:12 +02:00