This options is useful for (post)install scripts to run with the same
environment variables as apk is executed.
[TT: minor stylistic changes]
Signed-off-by: Paul Spooren <mail@aparcar.org>
print installed packages in `<name> <version>` format. The format is
currently used in OpenWrt and allows downstream tools to compare what's
installed in the firmware.
Signed-off-by: Paul Spooren <mail@aparcar.org>
musl implements support for malloc.h, but it is only a stub. we do not use
any of the GNU-specific malloc interfaces, so just use POSIX stdlib.h instead.
ref #10794
The apk_fsdir_file_digest() servers dual purpose: to calculate
the checksum, but also to determine if the file exists. Move
it's error check where it originally was.
fixes#10791
The "untrusted" error is higher priority than malformed package.
But given that we expect valid .apk or index as argument, the
untrusted error is likely more accurate than having malformed
package.
Remove the APK_REPOSITORY_CACHED bit from dependencies only
packages (that is, installed_size == 0). For fetch, the problem
is that apk_db_select_repo() would return the cache repository,
but the package would not be there. Update also the locations
needed to handle these packages correctly without the cached
repository bit being set.
The adb object for apk_pkg_from_adb() was changed in commit 7d6de220
"database: support loading v3 indexes" which also addressed the broken
site in question but omitted updating the argument.
fixes#10783
Always return the original length; not the one with trailing '/'
amended.
fixes c60b7424 "optimize apk_pathbuilder_pop to get the old length"
ref #10784
Make sure we always have valid struct apk_trust * for code using it.
Load the signing keys directly when being specified to produce
sane error message if loading them fails.
In most places where pointer can be an 'error' it cannot be null
pointer. Further, in those cases just calling PTR_ERR() is not enough
to handle the null case. Simplify code by removing this case.
If NULL case needs to be handled, it's better to add separate check
and return fixed error code in that case.
- check magic field for 'ustar' on read
- harden get_octal to report errors on non-octal characters
(e.g. GNU base256 encoding), fixes#10757
- fix mtime and size octal fields to not have zero terminator
Directories are handled specially in package installation code, but
extract applet uses also apk_extract_file() to create directories.
These should not be unlinked as that fails with unexpected error code
terminating the extraction.
This moves and isolates the tar code to tar.c. And the actual
file extraction to disk is moved to extract.c.
A new API is introduced and used for v2 file extraction. This
essentially moves and isolates the apk_sign_ctx_* beast into
extract_v2.c and offers a saner interface to handling packages.
A place holder is added for v3 extraction.
Packages containing files with path names longer than 1024 characters
cannot fit into the buffer which is used to write "installed" database.
This leads to bbuf being APK_BLOB_NULL in apk_db_write_fdb because
apk_blob_push_blob notices the condition and correctly handles it.
The problem occurs when arguments to apk_ostream_write are manually
calculated by pointer arithmetics. Since bbuf.ptr is NULL in such a
case, bbuf.ptr - buf leads to a huge size value while buf still points
into the stack.
fixes#10751
[TT: minor edit to commit and abbreviating the commit message]
If a signature is longer than max allowed adb signature length
then adb_walk_block writes out of boundary of stack variable tmp.
The len += snprintf is not safe per standard snprintf implementation
(kernel does it differently). Introduce and use apk_blob_push_fmt
which does the checking better.
Fixes#10752
Reported-by: Samanta Navarro <ferivoz@riseup.net>
Add uvol_name to struct apk_file_info so it can be passed down
the extract callbacks in future work. Modify uvol name to not
include the path, but just the filename portion.
- apk_istream_splice usage is converted to apk_stream_copy which
is the newer variant. With caching enabled by default, this
makes more sense mmapping or using separate buffers.
- apk_istream_tee is reworked to write to apk_ostream, which simplifies
quite a bit of various things
Fix the script to not contain \x00 escape which was the only new
feature used.
Fix the meson build script to use given lua interpreter for running
the genhelp.lua.
Based on patch from Daniel Golle <daniel@makrotopia.org>
EVP_MD_CTX_set_pkey_ctx() is fairly new openssl function, and not
existing in many alternative. Use EVP_MD_CTX_reset() which is slightly
more heavy but more portable. Add also signature buffer lengths to
work with RSA.
Paul Spooren
Ariadne Conill